www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heraldsun.com.au/
Effective URL:
https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
Submission Tags: tranco_l324
Submission: On October 27 via api (October 27th 2021, 9:09:45 am UTC) from DE — Scanned from DE

Summary HTTP 167 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 50 IPs in 7 countries across 40 domains to perform 167 HTTP transactions. The main IP is 2.18.233.28, located in Ascension Island and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2021. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 32	2.18.233.28 2.18.233.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 8	2.18.233.169 2.18.233.169	16625 (AKAMAI-AS) (AKAMAI-AS)
10	104.75.88.206 104.75.88.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
11	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2a04:fa87:fff... 2a04:fa87:fffd::c000:42d0	2635 (AUTOMATTIC) (AUTOMATTIC)
3	52.95.132.86 52.95.132.86	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:e00:1f:1414:da40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
1 3	13.32.99.21 13.32.99.21	() ()
1	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	104.111.230.77 104.111.230.77	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
4	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:5400:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
6	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.93 13.32.99.93	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.175 151.101.65.175	54113 (FASTLY) (FASTLY)
2	2600:9000:225... 2600:9000:2251:3000:4:77d:a0c0:93a1	() ()
2	23.55.110.16 23.55.110.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:224... 2600:9000:2240:a200:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.55 52.222.214.55	16509 (AMAZON-02) (AMAZON-02)
1	34.192.234.155 34.192.234.155	14618 (AMAZON-AES) (AMAZON-AES)
1 4	34.247.192.108 34.247.192.108	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	35.158.236.52 35.158.236.52	16509 (AMAZON-02) (AMAZON-02)
3	63.33.102.111 63.33.102.111	16509 (AMAZON-02) (AMAZON-02)
1	34.240.91.113 34.240.91.113	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	99.80.210.73 99.80.210.73	16509 (AMAZON-02) (AMAZON-02)
2	18.66.96.113 18.66.96.113	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
3 6	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.255.166.68 34.255.166.68	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	34.253.79.107 34.253.79.107	16509 (AMAZON-02) (AMAZON-02)
9	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1	63.32.150.234 63.32.150.234	16509 (AMAZON-02) (AMAZON-02)
167	50

32 2.18.233.28 (Ascension Island) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com

heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mhr.talk.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.233.169 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-169.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.75.88.206 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-206.deploy.static.akamaitechnologies.com

resourcesssl.newscdn.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)

origin.go.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.132.86 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

news-networkeditorial.s3.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
news-networkeditorial.s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:e00:1f:1414:da40:93a1 (United States)

ASN16509 (AMAZON-02, US)

edition.pagesuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.181 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.21 (Seattle, United States) 1 redirects

ASN- ()
PTR: server-13-32-99-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.230.77 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-77.deploy.static.akamaitechnologies.com

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

ts2020-indies-client.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.194 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5400:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.23 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-93.fra60.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:3000:4:77d:a0c0:93a1 (United States)

ASN- ()

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.55.110.16 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-16.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2240:a200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.55 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-55.fra56.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.234.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-234-155.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.247.192.108 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-192-108.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.236.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-236-52.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.33.102.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-102-111.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.91.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-91-113.eu-west-1.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.210.73 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-210-73.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.145 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.166.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

31b4fa49d3d5ce239fa436066892950b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.79.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-79-107.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.150.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-150-234.eu-west-1.compute.amazonaws.com

secure-sdk.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	heraldsun.com.au 3 redirects heraldsun.com.au www.heraldsun.com.au origin.go.heraldsun.com.au metrics.heraldsun.com.au	659 KB
15	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	105 KB
14	api.news content.api.news	256 KB
13	taboola.com cdn.taboola.com trc.taboola.com am-trc-events.taboola.com	177 KB
12	googlesyndication.com pagead2.googlesyndication.com 31b4fa49d3d5ce239fa436066892950b.safeframe.googlesyndication.com tpc.googlesyndication.com	48 KB
12	doubleclick.net 2 redirects ad.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net 8228261.fls.doubleclick.net	181 KB
10	newscdn.com.au resourcesssl.newscdn.com.au	83 KB
9	news.com.au 1 redirects tags.news.com.au mhr.talk.news.com.au	201 KB
7	adnxs.com 3 redirects acdn.adnxs.com secure.adnxs.com ib.adnxs.com Failed	9 KB
5	demdex.net 1 redirects dpm.demdex.net newscorpau.demdex.net	10 KB
5	crazyegg.com script.crazyegg.com tracking.crazyegg.com	28 KB
4	imrworldwide.com cdn-gl.imrworldwide.com secure-sdk.imrworldwide.com Failed kehwffki4dcjgapq9gmh5fsubtwm41635325779.nuid.imrworldwide.com Failed	66 KB
4	tiqcdn.com tags.tiqcdn.com	21 KB
3	google.com adservice.google.com www.google.com	2 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	23 KB
3	newscorpaustralia.com login.newscorpaustralia.com	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	amazonaws.com news-networkeditorial.s3.ap-southeast-2.amazonaws.com news-networkeditorial.s3-ap-southeast-2.amazonaws.com	43 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
2	adsrvr.org js.adsrvr.org	5 KB
2	vidora.com assets.vidora.com	4 KB
2	perfectmarket.com widget.perfectmarket.com	32 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	google.de adservice.google.de	716 B
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	chartbeat.net ping.chartbeat.net	201 B
1	kampyle.com nebula-cdn.kampyle.com	1 KB
1	newscgp.com au.tags.newscgp.com	48 KB
1	rlcdn.com ats.rlcdn.com	57 KB
1	chartbeat.com static.chartbeat.com	23 KB
1	web.app ts2020-indies-client.web.app	3 KB
1	fontawesome.com use.fontawesome.com	12 KB
1	pagesuite.com edition.pagesuite.com	53 KB
1	speedcurve.com cdn.speedcurve.com	6 KB
0	t.co Failed t.co Failed
0	linkedin.com Failed px.ads.linkedin.com Failed
0	mookie1.com Failed au-gmtdmp.mookie1.com Failed
0	googleadservices.com Failed www.googleadservices.com Failed
167	40

	Domain	Requested by
16	www.heraldsun.com.au	2 redirects www.heraldsun.com.au
14	content.api.news	www.heraldsun.com.au
10	resourcesssl.newscdn.com.au	www.heraldsun.com.au ts2020-indies-client.web.app
9	dt.adsafeprotected.com	www.heraldsun.com.au
8	cdn.taboola.com	www.heraldsun.com.au cdn.taboola.com
8	tags.news.com.au	1 redirects tags.tiqcdn.com au.tags.newscgp.com
6	secure.adnxs.com	3 redirects www.heraldsun.com.au
6	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net www.heraldsun.com.au www.googletagservices.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	8228261.fls.doubleclick.net	2 redirects www.heraldsun.com.au
4	dpm.demdex.net	1 redirects www.heraldsun.com.au tags.news.com.au
4	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
4	tags.tiqcdn.com	www.heraldsun.com.au tags.tiqcdn.com
3	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.heraldsun.com.au
3	cdn-gl.imrworldwide.com	tags.news.com.au cdn-gl.imrworldwide.com
3	login.newscorpaustralia.com	www.heraldsun.com.au login.newscorpaustralia.com
3	trc.taboola.com	cdn.taboola.com www.heraldsun.com.au
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.heraldsun.com.au
2	static.adsafeprotected.com	pixel.adsafeprotected.com www.heraldsun.com.au
2	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.googletagmanager.com	secure-ds.serving-sys.com
2	js.adsrvr.org	secure-ds.serving-sys.com
2	metrics.heraldsun.com.au	tags.news.com.au www.heraldsun.com.au
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	assets.vidora.com	www.heraldsun.com.au assets.vidora.com
2	am-trc-events.taboola.com	www.heraldsun.com.au
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	news-networkeditorial.s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	secure-sdk.imrworldwide.com	www.heraldsun.com.au
1	31b4fa49d3d5ce239fa436066892950b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net 8228261.fls.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	tracking.crazyegg.com	script.crazyegg.com
1	acdn.adnxs.com	www.heraldsun.com.au
1	snap.licdn.com	www.heraldsun.com.au
1	static.ads-twitter.com	www.heraldsun.com.au
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	ping.chartbeat.net	www.heraldsun.com.au
1	cdn.adsafeprotected.com	tags.news.com.au
1	nebula-cdn.kampyle.com	tags.tiqcdn.com
1	au.tags.newscgp.com	tags.tiqcdn.com
1	ats.rlcdn.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	ad.doubleclick.net	tags.tiqcdn.com
1	mhr.talk.news.com.au	www.heraldsun.com.au
1	ts2020-indies-client.web.app	www.heraldsun.com.au
1	use.fontawesome.com	cdn.taboola.com
1	edition.pagesuite.com	www.heraldsun.com.au
1	news-networkeditorial.s3.ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	origin.go.heraldsun.com.au	www.heraldsun.com.au
1	cdn.speedcurve.com	www.heraldsun.com.au
1	heraldsun.com.au	1 redirects
0	kehwffki4dcjgapq9gmh5fsubtwm41635325779.nuid.imrworldwide.com Failed	www.heraldsun.com.au
0	t.co Failed	www.heraldsun.com.au
0	ib.adnxs.com Failed	www.heraldsun.com.au
0	px.ads.linkedin.com Failed	www.heraldsun.com.au
0	au-gmtdmp.mookie1.com Failed	www.heraldsun.com.au
0	www.googleadservices.com Failed	secure-ds.serving-sys.com www.googletagmanager.com
167	63

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
www.google.com

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2021-02-25` - `2022-02-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-12` - `2022-11-13`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
origin.go.heraldsun.com.au R3	`2021-09-08` - `2021-12-07`	3 months	crt.sh
*.s3-ap-southeast-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
edition.pagesuite.com Amazon	`2021-10-18` - `2022-11-15`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
web.app GTS CA 1D4	`2021-09-20` - `2021-12-19`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
au.tags.newscgp.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.vidora.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2021-04-28` - `2022-05-03`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
metrics.heraldsun.com.au DigiCert TLS RSA SHA256 2020 CA1	`2021-06-15` - `2022-07-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
Frame ID: C3001BD6458FA0FF917DC4F24B534082
Requests: 133 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=nZfdqd8tU8jPXHzCzHxtyo9QyHmlpw6z&nonce=cL~9BZF1pERACeap0t3AReA4Too-FD9e&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi40In0%3D
Frame ID: A9C52CA636884A3180625B917F250156
Requests: 3 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 852D2B4C02622030B8446BF8940240F3
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: C40B8097CE132BA67439C3B780A16E8C
Requests: 1 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: ED7EB78517193C6E8B808248D1CA6C58
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 59832DDA16A31DC3DEADC69B17C161BB
Requests: 2 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: FFF6A0A691005B51FD0AEEBD741506A8
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: A5132B42CF6F0A9FAB706EFD10AD1D9C
Requests: 2 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 1899FE587F330E5D28635B6FCE4A9C3D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 4EAF39B065ACA02AAB71F028F1F69A9B
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CO_-qaGf6vMCFdLoUQodBIIJnQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8862215880520.64
Frame ID: 1949A0142AD18C84F62422A2ABCE4065
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIr9qaGf6vMCFUzK1QodlC0DrQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587346093911.9343
Frame ID: 3204E9265FD8ABC933A063E7ECB4CC1B
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 3F60563CA633B23802268E761373B654
Requests: 2 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 97F14A49AB11335B820EAB23239F0278
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 2D07AC988B3227A588EBF767821F20B7
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: C4E536B762E2902C4D8AAD691ECCE4A3
Requests: 1 HTTP requests in this frame

Frame: https://31b4fa49d3d5ce239fa436066892950b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CB5605C189C14977B51CD9137E14CC9B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=2011465159&custom=homepage&custom3=168400391&adsafe_par&impId=9d2a1e00-3705-11ec-acdf-02bf2b86cc68
Frame ID: AB1B8BD608DC61ADF5CDABBFBE287B32
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 5AD46D619E528EB33A7864D7BAF89551
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 307323850C49721804151209036B482E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91DECF30AEB86049DD290F2759F88C22
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://heraldsun.com.au/ HTTP 301
http://www.heraldsun.com.au/ HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&163... HTTP 302
https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776 Page URL

Page Statistics

167
Requests

89 %
HTTPS

32 %
IPv6

40
Domains

63
Subdomains

50
IPs

7
Countries

2277 kB
Transfer

6039 kB
Size

43
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjss-drnJBvNbes9tNVSDMcM3KV40Rr-nRvirZViLlnLHvRvG5ssayNGbM35KLGeBsTG4pBQmrZpeXp7opJB9qrpwcOSPgMt2Idgn200qi11fk5soLaEKlkmbib1C6u4GrjucJGNazEAl6JQThyEEJ04T-ePUPIBgtRW3krkfMBvXf_N0x39RGQAUcPsnhl4JgSsUEhk-N-p4PV3KhPI-7XhpMxalbijgNG9ocZ6grRMMU4V_YLrYCOioSRocQ9aORR2FA93T6Z6Kg4xClXw9yGJInO9PnGspAvlpqwdw053ocf99REabiw&sai=AMfl-YQiz91WPO8Ks52cZp3eV7Th3Sja0rWIiL2OKtK45GBGT23-yF0yCwBKgjofLqrr9aPcXJ42c_Jc0EMb&sig=Cg0ArKJSzPomcuz6rWoP&fbs_aeid=[gw_fbsaeid]&adurl=http://news.com.au

Search URL Search Domain Scan URL

URL: https://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttps://www.heraldsun.com.au/%26gl%3DDE%26hl%3Dde%26client%3Dca-pub-3020966442367502%26ai0%3DB2Mf8Uxd5YbWoGNrm7gO92JqoDLH3oZ9FAAAAEAEg35irHzgBWPWrj_uCBGCV2oiCmAeyARR3d3cuaGVyYWxkc3VuLmNvbS5hdboBCWdmcF9pbWFnZcgBAtoBHWh0dHBzOi8vd3d3LmhlcmFsZHN1bi5jb20uYXUvqQJVo9bJWjqpPsACAuACAOoCEi81MTI5L25kbS5od3QvaG9tZfgC8NEegAMBkAPIBpgD5AqoAwHIA5kE4AQB0gUGEKSIg7kRkAYBoAYUqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHHtIICQiI4YBwEAEYHdgIAoAKBZgLAdAVAYAXAQ&usg=AOvVaw0rD1YXP-do479cdPnGlMTT

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heraldsun.com.au/ HTTP 301
http://www.heraldsun.com.au/ HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16353257761003618474 HTTP 302
https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1635325778406&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1635325778406&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=

Request Chain 82

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1635325778937 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1635325778937

Request Chain 100

https://cm.everesttech.net/cm/dd?d_uuid=06706123455546844300981386709355058416 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YXkXUwAAALhOdgQf

Request Chain 108

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8862215880520.64 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CO_-qaGf6vMCFdLoUQodBIIJnQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8862215880520.64

Request Chain 109

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587346093911.9343 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIr9qaGf6vMCFUzK1QodlC0DrQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587346093911.9343

Request Chain 113

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Request Chain 114

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Request Chain 115

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

167 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldsun.com.au/
Redirect Chain

http://heraldsun.com.au/
http://www.heraldsun.com.au/
https://www.heraldsun.com.au/
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16353257761003618474
https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776

434 KB
75 KB

1369ms
1369ms

Document
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

52d726ba12639068985d5d8cfb1479cf4d3f5c2231901407459bf66a0c18b698

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
content-type: text/html; charset=UTF-8
x-powered-by: WordPress VIP <https://wpvip.com>
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
x-opw: 4
x-bpath: OLD
x-arrrg4
x-arrrg5: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3db803b5fbc23565aac56386c999a5e3cf-1635325776&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=b803b5fbc23565aac56386c999a5e3cf
blaizehappened: true
x-rq: ewr4 0 2 9980
x-xss-protection: 1
x-content-type-options: nosniff
host-header: a9130478a60e5f9135f765b23f26593b
content-encoding: gzip
cache-control: max-age=9
expires: Wed, 27 Oct 2021 09:09:47 GMT
date: Wed, 27 Oct 2021 09:09:38 GMT

Redirect headers

server: AkamaiGHost
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
mime-version: 1.0
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary: Accept-Encoding
etag: "0189cffac88f08578068b775bf1659f6:1632721186.677505"
expires: Wed, 27 Oct 2021 09:09:36 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Wed, 27 Oct 2021 09:09:36 GMT

GET
H2 200 charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 46ms
9ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 03A09A05F9B00284
etag: "c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=89087
accept-ranges: bytes
content-length: 11472
x-amz-id-2: 7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
expires: Thu, 28 Oct 2021 09:54:25 GMT

GET
H2 200 charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 12 KB
12 KB 50ms
14ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: D2D8C5FED1731C4D
etag: "ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=459858
accept-ranges: bytes
content-length: 12052
x-amz-id-2: F9ZHKgAnBk09tWfFGtJVkR2NpeEYeYl5A6ryw0e+c/gLQAp04Rx16nC+dsFJTTAPIb4D0qyY0Bg=
expires: Mon, 01 Nov 2021 16:53:56 GMT

GET
H2 200 charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 12 KB
12 KB 54ms
19ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: EE3D21683166F96F
etag: "da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=192607
accept-ranges: bytes
content-length: 12440
x-amz-id-2: BGzA4H6MhiNFsVMRHnDid7w0RneCV9f+L69FdEMmbqtC5J6BXqShCVeo7uP6Jum7BVtWfb2VAeI=
expires: Fri, 29 Oct 2021 14:39:45 GMT

GET
H2 200 charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
11 KB 61ms
25ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 4N2W2Y6HDY8Z3Q2W
etag: "29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=198486
accept-ranges: bytes
content-length: 11372
x-amz-id-2: Z1HhaEEhR+4SW45rFV+SZJ/QiklrgDUhrbvWmFxzzpa1Kifm2MvbbI9Ateo09sYRHNLYlfgsmGM=
expires: Fri, 29 Oct 2021 16:17:44 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 55 B
681 B 170ms
170ms Stylesheet
text/css 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 74
x-rq: ewr4 0 2 9980
last-modified: Mon, 25 Oct 2021 05:36:47 GMT
server: nginx
etag: "6176426f-37"
vary: User-Agent
content-type: text/css
cache-control: max-age=35
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 27 Oct 2021 09:10:13 GMT

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 17 KB
6 KB 37ms
7ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 71a8fdaf97655c40070a0fd034eeff672a5526d7d768ccd314f46567a440f57d

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
via: 1.1 vegur, 1.1 varnish
age: 816
x-cache: HIT
x-cache-hits: 6
content-encoding: gzip
content-length: 6233
x-served-by: cache-fra19152-FRA
last-modified: Wed, 27 Oct 2021 08:56:02 GMT
server: Apache
x-timer: S1635325778.206173,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Nov 2021 08:56:02 GMT

GET
H2 200 ipad-interface.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 2 KB
2 KB 191ms
190ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c670abf077bc3710acd054f18e0836fd03c6abd6cd6f0b000b9f46993bbe901b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 957
x-rq: ewr4 0 2 9980
last-modified: Mon, 25 Oct 2021 05:36:47 GMT
server: nginx
etag: W/"6176426f-879"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 27 Oct 2021 09:09:39 GMT

GET
H2 200 js-critical-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 362ms
362ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f1e4af594f586b36e4a1a89d6ad85a061f8139d8a44f4e9eb00e28434d5f599c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 2677
x-rq: ewr4 0 2 9980
last-modified: Mon, 25 Oct 2021 05:36:47 GMT
server: nginx
etag: W/"6176426f-1958"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=73
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 27 Oct 2021 09:10:51 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 263 KB
36 KB 30ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f69d0a336737adcc21c7211432617545e42418a2dbb96ca8520595a30df8b4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 6DO1O9Id.STpw2yNzKgMUiYhkIOC_rqh
content-encoding: gzip
etag: "adc65a2f1db538fb21306d2173aab22b"
age: 208
x-cache: HIT
content-length: 36389
x-amz-id-2: zH+JTjeL3wu8/VPTqZ5lY0/Jgz07kNoMYbUTLvCIW9pRxAvS5b2iqqLELydpXNPdzZs9aD6yGdQ=
x-served-by: cache-fra19153-FRA
last-modified: Wed, 27 Oct 2021 08:55:16 GMT
server: AmazonS3
x-timer: S1635325778.199530,VS0,VE1
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: Accept-Encoding
x-amz-request-id: 59YB222N0KRNHN95
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 96
x-cache-hits: 1

GET
H2 200 heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
4 KB 76ms
76ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 3055
x-rq: ewr4 0 2 9980
last-modified: Tue, 12 Oct 2021 03:31:27 GMT
server: nginx
etag: W/"6165018f-1f69"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1364209
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Fri, 12 Nov 2021 04:06:27 GMT

GET
H2 200 35d20a8f3d1cceb893fd1f9d7633b695
content.api.news/v3/images/bin/ 73 KB
73 KB 229ms
194ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/35d20a8f3d1cceb893fd1f9d7633b695?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c99087229b2898e284b810cb0f9b2fd1e9e81164d0afc756ebfd8cf0bb58ea02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 35d20a8f3d1cceb893fd1f9d7633b695
date: Wed, 27 Oct 2021 09:09:38 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: e94802f0d8e35285860415bd0b4cca65-35d20a8f3d1cceb893fd1f9d7633b695-650
x-serial: 811
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5176320
last-modified: Wed, 27 Oct 2021 07:01:09 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 74432
expires: Sun, 26 Dec 2021 07:01:38 GMT

GET
H2 200 5ecc231779220fa32804ebb71bfd0400
content.api.news/v3/images/bin/ 4 KB
4 KB 217ms
182ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/5ecc231779220fa32804ebb71bfd0400?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 5bf7ad57d31465c6de59de470411fb338f16cc112a2c99b37e29100675ba5296

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 5ecc231779220fa32804ebb71bfd0400
date: Wed, 27 Oct 2021 09:09:38 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 8f0b7f399f867a317ce4419e3a823e05-5ecc231779220fa32804ebb71bfd0400-150
x-serial: 1848
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5180988
last-modified: Wed, 27 Oct 2021 08:18:47 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 4139
expires: Sun, 26 Dec 2021 08:19:26 GMT

GET
H2 200 a4d3fe190e440014fa4d830ede485373
content.api.news/v3/images/bin/ 3 KB
4 KB 1475ms
1440ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/a4d3fe190e440014fa4d830ede485373?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e377e2843856483cbbb61c2882a6e171f6de9eb9a7f7d74d7180913987f614a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: a4d3fe190e440014fa4d830ede485373
date: Wed, 27 Oct 2021 09:09:39 GMT
last-modified: Wed, 27 Oct 2021 09:00:57 GMT
server: Akamai Image Manager
etag: 71ae8b41152045378ce25b4d419d5f5d-a4d3fe190e440014fa4d830ede485373-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5183465
access-control-allow-headers: x-newsapi-api-key
content-length: 3436
expires: Sun, 26 Dec 2021 09:00:44 GMT

GET
H2 200 0775fe4a8829f92d51cfbb653acfe07b
content.api.news/v3/images/bin/ 6 KB
6 KB 221ms
186ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/0775fe4a8829f92d51cfbb653acfe07b?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6dcf1bb1525ff7a430d3965d486f41d5324f8b740845ad98ddfaf100f866752e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 0775fe4a8829f92d51cfbb653acfe07b
date: Wed, 27 Oct 2021 09:09:38 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: f56dec82d5fc76a81178edfc673d67db-0775fe4a8829f92d51cfbb653acfe07b-150
x-serial: 1797
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5168527
last-modified: Wed, 27 Oct 2021 04:49:49 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 6089
expires: Sun, 26 Dec 2021 04:51:45 GMT

GET
H2 200 c3eda355dc73cd6764e38d331cbdcc82
content.api.news/v3/images/bin/ 3 KB
4 KB 221ms
186ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/c3eda355dc73cd6764e38d331cbdcc82?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 348451afc7aa376e5ab6ea5c9719df196639ee7dbb926dfb443c458aa334e202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: c3eda355dc73cd6764e38d331cbdcc82
date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Wed, 27 Oct 2021 06:53:01 GMT
server: Akamai Image Manager
etag: 572a63547f671ae995a6a9c10ac33ed4-c3eda355dc73cd6764e38d331cbdcc82-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5175800
access-control-allow-headers: x-newsapi-api-key
content-length: 3506
expires: Sun, 26 Dec 2021 06:52:58 GMT

GET
H2 200 65515a0dd185589dddda1ec3f477530b
content.api.news/v3/images/bin/ 36 KB
37 KB 211ms
176ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/65515a0dd185589dddda1ec3f477530b?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: dbf919c623fe30cf34fd247642269e4f68f956992de6c5f087cf860448efdeb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 65515a0dd185589dddda1ec3f477530b
date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Wed, 27 Oct 2021 07:20:05 GMT
server: Akamai Image Manager
etag: 3bc0fc1e42b8a86c8632857cdf9da0bc-65515a0dd185589dddda1ec3f477530b-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5177497
access-control-allow-headers: x-newsapi-api-key
content-length: 37248
expires: Sun, 26 Dec 2021 07:21:15 GMT

GET
H2 200 443f36f25b8484aa479c594d135dcab2
content.api.news/v3/images/bin/ 61 KB
61 KB 137ms
137ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/443f36f25b8484aa479c594d135dcab2?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: faea28c78d4591d21a557db7e72596f8155d4ffd54e1f6a9110c98d0815f235f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 443f36f25b8484aa479c594d135dcab2
date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Wed, 27 Oct 2021 07:22:08 GMT
server: Akamai Image Manager
etag: f276c4ef2879f6c5cedecbbc33f44bcc-443f36f25b8484aa479c594d135dcab2-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5177519
access-control-allow-headers: x-newsapi-api-key
content-length: 62092
expires: Sun, 26 Dec 2021 07:21:37 GMT

GET
H2 200 BOB_Image_350x197_GENERIC.png
origin.go.heraldsun.com.au/wp-content/uploads/2021/09/ 48 KB
48 KB 45ms
8ms Image
image/png 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.heraldsun.com.au/wp-content/uploads/2021/09/BOB_Image_350x197_GENERIC.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f980ffcfddfbb4055da9bda5186257486054907e98eb4d3718062948138d73d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
x-rq: hhn2 109 200 443
last-modified: Wed, 01 Sep 2021 00:39:19 GMT
server: nginx
etag: "a02712ca928a289a"
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49380
expires: Sat, 17 Sep 2022 22:45:30 GMT

GET
H/1.1 200
OK rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 28 KB
28 KB 1224ms
314ms Image
image/png 52.95.132.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.86 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 09:09:40 GMT
Last-Modified: Thu, 09 Sep 2021 21:17:00 GMT
Server: AmazonS3
x-amz-request-id: B4VMB7S87B203YFN
ETag: "731035d55715734eff2f2a0f9afb31e7"
Content-Type: image/png
x-amz-version-id: fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Accept-Ranges: bytes
Content-Length: 28648
x-amz-id-2: MFKB0Z4AgRLzG7eOvbPTXmv7jjjuODv1Iz0QMMp44N9VVp4CmQzzT0EZdyjjgW7Y5aGdDAugpN4=

GET
H/1.1 200
OK games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 4 KB
5 KB 1194ms
304ms Image
image/svg+xml 52.95.132.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.86 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 09:09:40 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: B4VSWJDV9Z6CMFCS
ETag: "2fa79b1c302fa407df95b287a47e01bc"
Content-Type: image/svg+xml
x-amz-version-id: mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges: bytes
Content-Length: 4533
x-amz-id-2: 9jbNYVM2tQIXfYDnW/jvjAsixeIUbauz+5lQFBSZM5gTuz3lk9OEaZn7aIagONsbSg5MFyAey9s=

GET
H/1.1 200
OK horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 9 KB
9 KB 1195ms
306ms Image
image/svg+xml 52.95.132.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.86 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 09:09:40 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: B4VRG2ZHSC262CS9
ETag: "e9dc4230a2305a0cb7743e2ade763349"
Content-Type: image/svg+xml
x-amz-version-id: NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Accept-Ranges: bytes
Content-Length: 9223
x-amz-id-2: 3hZp2nmcMGrZFeH01otuStPJdv6oYePjYL3XZZL6NO+7Cys4+WKFa0wToKgJgaFgjQv9B+uimok=

GET
H2 200 get_image.aspx
edition.pagesuite.com/ 53 KB
53 KB 205ms
156ms Image
image/jpeg 2600:9000:223e:e00:1f:1414:da40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edition.pagesuite.com/get_image.aspx?pbid=38d72c05-d55e-479e-a6ea-985d57be1901&h=400
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:e00:1f:1414:da40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 63a5af013d073900218199a20fcdda3e591952307b883ae986a82e5d9af5824f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
via: 1.1 ab23076896ec73a1a830c9cdc49fcac5.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 18:16:12 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA56-P4
x-powered-by: ASP.NET
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: private
x-amz-cf-id: n6tkBK08DR59UnMWx8tTx3ce5g5jor5vAF5SNMvsOHq9IU4TKY1APQ==

GET
H2 200 heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
3 KB 77ms
76ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 2891
x-rq: ewr4 0 2 9980
last-modified: Sun, 17 Oct 2021 22:25:36 GMT
server: nginx
etag: W/"616ca2e0-1e5e"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1940889
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 18 Nov 2021 20:17:47 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 3 KB
2 KB 181ms
155ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding: gzip
etag: "1a868d280f9424f5d82876d6cf0c46b9"
age: 42
x-cache: HIT, HIT
content-length: 1123
x-amz-id-2: gK5id+X9+ibWb3nthsvI1pbw+BUwuzk6MJvJC+1Fi8clZx6bf8i503vQ3SFuQMsSQQgxqCZkI0A=
x-served-by: cache-sna10722-LGB, cache-fra19175-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1635325778.317161,VS0,VE147
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: Accept-Encoding,,
x-amz-request-id: 1DPFXZZN2KQCPZVV
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20211027-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 595 KB
121 KB 9ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8236a4d608808856af09b9251e7b8a7d581597e8cca68a092b3573fc0b3ce294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 7vhNL0B8bVW0vN4pxY_zaSSQnaNY7M1g
content-encoding: br
etag: "7ed1ae8a8cb1174d3e699b09b794d5f0"
age: 1650
x-cache: HIT
content-length: 124015
x-amz-id-2: O47Db7h+2R0ik5fOogWPFlEuCG3nEUS+4MxNhLF9fk9IfMv7L056N4vM6/G9uPcaJg7Z/dbXRnU=
x-served-by: cache-fra19153-FRA
last-modified: Wed, 27 Oct 2021 08:41:28 GMT
server: AmazonS3-br
x-timer: S1635325778.235011,VS0,VE0
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: Accept-Encoding
x-amz-request-id: FG5B6XSBGRMPV5YN
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 4
x-cache-hits: 2840

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 34ms
9ms Script
application/javascript 13.32.99.21

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 Seattle, United States, ASN (),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 01:44:30 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 110212
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0c792defeeaa18965559ad74895ea56b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: Dg5Pbz-sRrFla0tFeU81WxPE1iTDnWKS8iXYUsUy0W3t30bZAUEmFA==

GET
H2 200 title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 540 B
860 B 29ms
10ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Wed, 16 Sep 2020 23:56:43 GMT
server: AmazonS3
x-amz-request-id: 4R7K4V2MCP8N6R9R
etag: "4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=553048
accept-ranges: bytes
content-length: 540
x-amz-id-2: yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
expires: Tue, 02 Nov 2021 18:47:06 GMT

GET
H2 200 title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 535 B
855 B 27ms
14ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Thu, 17 Sep 2020 00:28:25 GMT
server: AmazonS3
x-amz-request-id: BX6X5G9GEK1G9M4M
etag: "b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=216162
accept-ranges: bytes
content-length: 535
x-amz-id-2: DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
expires: Fri, 29 Oct 2021 21:12:20 GMT

GET
H2 200 source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 10ms
10ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Tue, 01 Sep 2020 04:31:33 GMT
server: AmazonS3
x-amz-request-id: 34B4778288C88CAA
etag: "899c8f78ce650d4009d42443897aa723"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=441931
accept-ranges: bytes
content-length: 16112
x-amz-id-2: 0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
expires: Mon, 01 Nov 2021 11:55:09 GMT

GET
H2 200 source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 13ms
13ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Tue, 22 Sep 2020 06:30:09 GMT
server: AmazonS3
x-amz-request-id: B9F079BFD69B8BC1
etag: "c85615b296302af51e683eecb5e371d4"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=109735
accept-ranges: bytes
content-length: 15948
x-amz-id-2: DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
expires: Thu, 28 Oct 2021 15:38:33 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 40ms
19ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1405814
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EABP876Q5FGX8041
x-amz-id-2: s/sgUlOc3ETlJ+nSPmVIslFdTw76yEDKnYPaexQIwJhiluvZfd1YmyLRd9TFou5RQFXTAWgZ4WU=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kf8qh6tqlcCSHppPqOZmppdLMAg324EqsrJXvtCjaN8brQO0e2dJjDUMEqRZ1lNW4UBD%2B41gGgX90oxwvKAOwc694iIgy6NwnVURoeT8RBp0oE4v7Utf6eLFRwF6v6hM5Usw0mhGbWXH5mXcxDyz3UqL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6a4ac962da057051-FRA

GET
H2 200 json Show response
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 2 KB
2 KB 49ms
42ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=09%3A09%3A38.385&lti=deflated&data=%7B%22id%22%3A554%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1635324909821%2C%22vi%22%3A1635325778360%2C%22cv%22%3A%2220211027-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A10610%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A973%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c0b3f6edd440330e57b0dfc7702b54e3e755bef2d4e12d7ed50ecdc40f7c331

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 34
date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
server: nginx
x-timer: S1635325778.398525,VS0,VE34
x-served-by: cache-fra19153-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1635325778406&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1635325778406&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%2...

64 B
330 B

13ms
12ms

Image
image/gif

13.32.99.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1635325778406&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Server: 13.32.99.21 Seattle, United States, ASN (),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
via: 1.1 0c792defeeaa18965559ad74895ea56b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Jr2mVn6yiCz5iRKlC_XozExprBiGue9hdWpNbuS38_BRsV0C3ACNTg==

Redirect headers

date: Wed, 27 Oct 2021 09:09:38 GMT
via: 1.1 0c792defeeaa18965559ad74895ea56b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1635325778406&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=
content-length: 277
x-amz-cf-id: tx-T6R1OiBUcs3RraZQM5hPq5wvfJnqVr5eEkWqZj9UWU6UmW45E9Q==

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 8ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6843ebbc25aab2ea0a89c3941516fe680ef1c8e24f0cc679cfded40613fac3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: EXXeY0x5KsfcYGZ_pU0T0nnlw5SBMrLo
content-encoding: gzip
etag: "710c3d899a609dd58f4c5ec9617e7b53"
age: 22589
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5995
x-amz-id-2: Q+Zh2dJ2v3Ar81Pq6q403ueFczvs7qhGGdRczrTVne46L0iFzke/g+QYGVTGanga9C32soAy7Qk=
x-served-by: cache-fra19153-FRA
last-modified: Tue, 05 Oct 2021 10:52:45 GMT
server: AmazonS3
x-timer: S1635325778.450016,VS0,VE0
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: Accept-Encoding
x-amz-request-id: MV865EZ7HGFZC99Z
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 4
x-cache-hits: 151175

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
940 B 9ms
8ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: xNHw6tYbIMmRvQuUVymAr__rbKgbLLLL
content-encoding: gzip
etag: "978cfe7fd9cd031786ca00806b338a40"
age: 22594
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 714
x-amz-id-2: sKK0KG3hL465MzjKb4OjlkBvKS8cNhm1KbNUDIByskxPrzh4+gt2ykbZgqDbkP1xQue6zlAQ+4c=
x-served-by: cache-fra19153-FRA
last-modified: Tue, 05 Oct 2021 10:52:45 GMT
server: AmazonS3
x-timer: S1635325778.450275,VS0,VE0
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: Accept-Encoding
x-amz-request-id: 7867YK4FAP67BPYV
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 4
x-cache-hits: 147521

GET
H2 200 tfa-eid.20211027-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 9ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20211027-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85344bb97aa113a5a5cea00cdd7c3aa1d317a49641bfeff51b31de9260f99c25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: yRFK8tjxsOfl.p6kjlNhQBzMacXFlxyl
content-encoding: gzip
etag: "d90d45d594cf3fab21bed023e53e84a7"
age: 902
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5062
x-amz-id-2: 8msE0S9EFGc4xMK1GaszdlYek9+bUH3iHuw4XXZNeXmMY0V1GDul74ew6JDKGl/wZjdNvf3oruU=
x-served-by: cache-fra19153-FRA
last-modified: Wed, 27 Oct 2021 08:53:30 GMT
server: AmazonS3
x-timer: S1635325778.451440,VS0,VE0
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: Accept-Encoding
x-amz-request-id: KFN966RV2950ZZTN
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 4
x-cache-hits: 2282

GET
H2 200 sha256.20211027-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 9ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20211027-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fcc8641a1a3950e4b44ffd383ce04caeccfc2e78f28d7928bfc926800d43d4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: GvqzWcPKzAlS88aEYafw41ZTDe0LwL.i
content-encoding: gzip
etag: "a6ff97d69833df8c11fdd2a54751c40d"
age: 902
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2590
x-amz-id-2: B1M6zHkKiksaW2WA1QppshaN8HljcxzHz40sQ25pmeVxUe0Gcz0BrgRsn5SU37S/WedzZtEU/n0=
x-served-by: cache-fra19153-FRA
last-modified: Wed, 27 Oct 2021 08:54:11 GMT
server: AmazonS3
x-timer: S1635325778.451541,VS0,VE0
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: Accept-Encoding
x-amz-request-id: KFN02J0WXCXJSWAC
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 4
x-cache-hits: 2120

GET
H2 200 distance-from-article.20211027-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 9ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20211027-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 700b9eeb42358c5804fbb9c6f1e1592d2a9c6bded9e2fc8524823022b87e9a20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: kExhLTWi9Ib4R0zho_0TiwV5mjHTgwJw
content-encoding: gzip
etag: "e051dc98058163ccd428474ba02eb5a1"
age: 567
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1005
x-amz-id-2: z66bYPsBn9D0WIykYPIKCBxqA7Qt8AG4Fyqmer/q3NrNYw+Ady6NkuHp4ix/0t/jWdg9ThPnDO0=
x-served-by: cache-fra19153-FRA
last-modified: Wed, 27 Oct 2021 08:56:36 GMT
server: AmazonS3
x-timer: S1635325778.454919,VS0,VE0
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: Accept-Encoding
x-amz-request-id: W0QRAT1FFN0NJJFT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 4
x-cache-hits: 679

GET
H2 200 article-detection.20211027-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 9ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20211027-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb1bd0db878926b6ac2177d3fda76e6dd9d01abe37810eb6db1a1b252a30ff89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 5tFpQtDPe_dvwOQpAYMvAmwc5hHE8DgL
content-encoding: gzip
etag: "972417dc0a8102e19785605bc39ffd4c"
age: 738
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 856
x-amz-id-2: jjGfSYkGZAWC10wQ29WjT3JS65f9M5tgWsH9xNSnCpxwB6heYGc76C0kZpqhSc7apiDnFgxHeHU=
x-served-by: cache-fra19153-FRA
last-modified: Wed, 27 Oct 2021 08:56:59 GMT
server: AmazonS3
x-timer: S1635325778.455146,VS0,VE0
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: Accept-Encoding
x-amz-request-id: Y512A4N1M8RQ55B8
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 4
x-cache-hits: 736

GET
H2 204 debug
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 0
89 B 57ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=09%3A09%3A38.452&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-midrail-native&llvl=2&id=1982&cv=20211027-2-RELEASE&lt=deflated&pct=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9049

GET
H2 204 supply-feature
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
312 B 20ms
20ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=fb6d49b9e12317dbfa72e5ec502a3b8f&sd=v2_844a4b44beaa6ed25b69d1b676d5c72a_a7758fa2-d804-4f72-9504-979561b35ec0-tuct8729cd2_1635325778_1635325778_CIi3jgYQgPNHGLizjIjMLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGjr5LqW88T3vnFwAA&ui=a7758fa2-d804-4f72-9504-979561b35ec0-tuct8729cd2&pi=/&wi=873729681997272865&pt=home&vi=1635325778360&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A553%2C%5C%22articleClasses%5C%22%3A%5C%22site-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22SECTION%5C%22%2C%5C%22threshold%5C%22%3A%5C%22246%5C%22%7D%22%7D&tim=09%3A09%3A38.469&id=4672&llvl=2&cv=20211027-2-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 27 Oct 2021 09:09:38 GMT
via: 1.1 varnish
server: nginx
x-timer: S1635325778.472283,VS0,VE9
x-served-by: cache-fra19153-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 111 KB
30 KB 10ms
10ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding: gzip
etag: "b7fcedf037c57085d364b689ca46f32e"
age: 1107111
x-cache: HIT, HIT
content-length: 30954
x-amz-id-2: sIbiP2Xvrv+Zl/vs9bXSIzy7zvq8BbD7jA6SJx/dbd8NYlVJxZG268YmnI0LK8tODiaE4Ti1HgU=
x-served-by: cache-lax10636-LGB, cache-fra19175-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1635325778.475099,VS0,VE1
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: Accept-Encoding,,
x-amz-request-id: 0FHGR5M7DAZX1XRR
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 204 social
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
230 B 20ms
20ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=fb6d49b9e12317dbfa72e5ec502a3b8f&sd=v2_844a4b44beaa6ed25b69d1b676d5c72a_a7758fa2-d804-4f72-9504-979561b35ec0-tuct8729cd2_1635325778_1635325778_CIi3jgYQgPNHGLizjIjMLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGjr5LqW88T3vnFwAA&ui=a7758fa2-d804-4f72-9504-979561b35ec0-tuct8729cd2&pi=/&wi=873729681997272865&pt=home&vi=1635325778360&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=09%3A09%3A38.515&id=8781&llvl=2&cv=20211027-2-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 27 Oct 2021 09:09:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 55 B
680 B 133ms
133ms Stylesheet
text/css 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=15

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 74
x-rq: ewr4 0 2 9980
last-modified: Mon, 25 Oct 2021 05:36:47 GMT
server: nginx
etag: "6176426f-37"
vary: User-Agent
content-type: text/css
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 27 Oct 2021 09:09:39 GMT

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 274 KB
82 KB 92ms
91ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

6a6a1c4e3f91242324434c60436455edc50ebc32c660e2fe712aa8375ab4fd0f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "0ea9ea367c657f79b1dd4a270c339816:1632474195.614185"
vary: User-Agent, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=999
date: Wed, 27 Oct 2021 09:09:38 GMT
is-https: true
x-opw: 4
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 27 Oct 2021 09:26:17 GMT

GET
H2 200 js-metro-desktop-lazy.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 69 KB
21 KB 167ms
166ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=15

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

43dc251072564d8ae1f9a77833e8c6c521f57f66dbd1d9680f27c2aff045143f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 20893
x-rq: ewr4 0 2 9980
last-modified: Tue, 26 Oct 2021 00:20:01 GMT
server: nginx
etag: W/"617749b1-11441"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=41
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 27 Oct 2021 09:10:19 GMT

GET
H2 200 js-weather.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 169ms
168ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=15

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a633854d157f49f803a6b5dfeb03f2e2e0956474a7974db7d25c396e0c2132a1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 2095
x-rq: ewr4 0 2 9980
last-modified: Mon, 25 Oct 2021 05:36:47 GMT
server: nginx
etag: W/"6176426f-18f2"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 27 Oct 2021 09:09:39 GMT

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame A9C5 2 KB
3 KB 418ms
383ms Document
text/html 104.111.230.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=nZfdqd8tU8jPXHzCzHxtyo9QyHmlpw6z&nonce=cL~9BZF1pERACeap0t3AReA4Too-FD9e&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi40In0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.230.77 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-230-77.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

08fbe794a08de3335828c27e5fe054f5e6682b92cbe233d0db4f0673679d2bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 6a4ac96508134a85-FRA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 6a4ac96508134a85
ot-tracer-sampled: true
ot-tracer-spanid: 2eb9cc4f5077a382
ot-tracer-traceid: 48ca8eb340a220c7
x-auth0-requestid: 3ebc5494b1b92a9bcb28
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1635325779
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 535 0 pmb=mTOE,3
expires: Wed, 27 Oct 2021 09:09:39 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 27 Oct 2021 09:09:39 GMT
content-length: 811
vary: Accept-Encoding

GET
H2 200 indies-loader.js Show response
ts2020-indies-client.web.app/ 7 KB
3 KB 43ms
7ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ts2020-indies-client.web.app/indies-loader.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Mon, 19 Jul 2021 06:51:34 GMT
x-timer: S1635325779.712549,VS0,VE0
etag: "5c2c9c77edcfefaf1619408144b41c5b44f64c00ae68f3981ff348f0dc03807f-br"
x-served-by: cache-fra19164-FRA
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 27 Oct 2021 09:09:38 GMT
accept-ranges: bytes
content-length: 2347
x-cache-hits: 1047

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 4 KB
2 KB 120ms
36ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 75ad826047f2673a90f0aaf4bc97d59642141e4601e86e863c9319f815dffa8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 02:18:19 GMT
server: AkamaiNetStorage
etag: "ac2a93bce982c071710ce77941f14c45:1632190699.493129"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1552
expires: Wed, 27 Oct 2021 09:14:38 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 67 KB
18 KB 123ms
39ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ebae52cb771e4e0cc30cb97f975ec51d1bffe1308433d70181ff2957edf4e946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 02:18:19 GMT
server: AkamaiNetStorage
etag: "27da2379fdba83fee24e95be9f8295c3:1632190699.032015"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 18403
expires: Wed, 27 Oct 2021 09:14:38 GMT

GET
H2 200 js-c3po-bundle.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 177 KB
42 KB 140ms
140ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=15

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8e0849ef09c818766247280c33b36da6c6dfc3ea269ed23f2b86cc678fe53dbf

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 42322
x-rq: ewr4 0 2 9980
last-modified: Wed, 27 Oct 2021 00:57:36 GMT
server: nginx
etag: W/"6178a400-2c3ac"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 27 Oct 2021 09:09:39 GMT

GET
H2 200 js-vidora-client.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 7 KB
4 KB 132ms
131ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=15

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

267e084c66023a12777e6c8384540d9afb4efb2e195132db185594357e0501a4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 2987
x-rq: ewr4 0 2 9980
last-modified: Mon, 25 Oct 2021 05:36:47 GMT
server: nginx
etag: W/"6176426f-1b27"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=30
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 27 Oct 2021 09:10:08 GMT

GET
H2 200 comments-count Show response
mhr.talk.news.com.au/api/v1/ 1 KB
946 B 918ms
886ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mhr.talk.news.com.au/api/v1/comments-count?ids=05d4420e31f9d6a7eb2ead10f7a6f25a,34fa73e9edae85258b5911b05fafdcb2,1b2d4f8440b2c9626de4077452f60b13,8c968d4eb1fe0fd144e65eb4e0b76f65,485eee48afd58ce936996e551f868c21,886741ce7e85d0e7a1f3e80916edf71a,94a136342de7ae9fafc8ea0598d8be98,9b01be6b272e29f4a61e0999012d4568,9df5e9c386201fc890fdbd05132fae54,6d5fea5566863cf6b048f18cd3cb2fcc,961e21eef98cf41f3e790f344b2845d7,50e06bba833916c8130167a513829d28,79da56a4255844fd637744cc08c23699,a73629341a79fa30c8a3629306ae15ce,1df2b97cbd051da3fec8366bd7396c76,d51e341ccb85a47f36ef36034bb9ca7b,fbd417917f3ce22d8e3da846ede20774,67fd4e29bbe165fefe14d55381d36dce,e713c008bb84413bb74652d6b3ac82d4,0cb9bc30e07df337a44dd578327d7e11,c6ebaf3b379faf5723da5493f79468c1,7bcc9f26b878586a94d361d21a360d4d,4f57fe80459509afcb4c41cdf2dba5df,8e0252f0f9e8cc741c3602bd998c2985,25366b6ba111cfcd0a88d0cccc86dc70,5b9dd13a585b04bd10493a09f8e8794f,d9e8212bafa933b1ba9d32262a3d54fe,62ca9053a2b9c361483e04d33755070f,7de06043a4a94ee4bb57e7a4fe81f000

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=15

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx/1.20.1 /

Resource Hash

94d5d667a730c3f1ab0d4538ae0856d720351a34a84bb4bfaa95362a2561fe97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.20.1
etag: W/"442-f9oZsP6k6VQOW8sshUSo+wOokNU"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
access-control-allow-origin: *
date: Wed, 27 Oct 2021 09:09:39 GMT
x-talk-trace-id: 9d498cd0-3705-11ec-9f83-ffd214f2eeed
vary: Accept-Encoding
content-length: 631
x-xss-protection: 1; mode=block

GET
H2 200 3000 Show response
www.heraldsun.com.au/wp-json/api/weather/ 2 KB
2 KB 150ms
150ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-json/api/weather/3000

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=15

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c752cb4807682d7f0b122b104cf554f76d67529d2fa2e107f43660308ae0073b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options: nosniff
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 1706
x-rq: ewr4 0 2 9980
allow: GET
server: nginx
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: User-Agent
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=16
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 27 Oct 2021 09:09:54 GMT

GET
H2 200 38db1bd277b525c97437c8dd7591169c
content.api.news/v3/images/bin/ 6 KB
6 KB 52ms
51ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/38db1bd277b525c97437c8dd7591169c?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e0c9d8c4902557d8bcefcbf5610193a06e02fe8e104e8010f195dbeb75fa5890

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 38db1bd277b525c97437c8dd7591169c
date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Mon, 20 Sep 2021 03:43:21 GMT
server: Akamai Image Manager
etag: b97142b5d47aa03210b3a33961921476-38db1bd277b525c97437c8dd7591169c-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=1967603
access-control-allow-headers: x-newsapi-api-key
content-length: 5939
expires: Fri, 19 Nov 2021 03:43:01 GMT

GET
H2 200 5aec9a5d871339d4b8c941c4441cec40
content.api.news/v3/images/bin/ 6 KB
6 KB 68ms
67ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/5aec9a5d871339d4b8c941c4441cec40?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6042d3933a14d9d01a3a91c69124e46788812a8492182ff47dd18c73577a088f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 5aec9a5d871339d4b8c941c4441cec40
date: Wed, 27 Oct 2021 09:09:38 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: ea7850c64b13a913f19c09a316d38697-5aec9a5d871339d4b8c941c4441cec40-150
x-serial: 1161
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5139450
last-modified: Tue, 26 Oct 2021 20:48:12 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 5754
expires: Sat, 25 Dec 2021 20:47:08 GMT

GET
H2 200 2d6a9dd4626414ebd5a6290016a780ff
content.api.news/v3/images/bin/ 8 KB
8 KB 62ms
62ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/2d6a9dd4626414ebd5a6290016a780ff?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 952468aa139af415dbecb1cfd65636891c63f0367d3a59c3499f85bd21242e0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 2d6a9dd4626414ebd5a6290016a780ff
date: Wed, 27 Oct 2021 09:09:38 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 200ad6e4de26aae511729fba9c7826cb-2d6a9dd4626414ebd5a6290016a780ff-150
x-serial: 255
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5139341
last-modified: Tue, 26 Oct 2021 20:46:55 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 7767
expires: Sat, 25 Dec 2021 20:45:19 GMT

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 13ms
12ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16353257788060.2741984464345286
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5974cfb305a44fe8655dcbbc844af9516725106b48d2f63d8212d5c7b8dd43d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 831
expires: Wed, 27 Oct 2021 09:09:38 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
904 B 12ms
11ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
cache-control: max-age=21910
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 B7670439;dcadv=4149947;sz=1x2;ord=702111466422.5894 Show response
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 29 KB
11 KB 73ms
33ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=702111466422.5894?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

53f984595ab7af27823f40966586a63e69315641052ffa658e42d0bc38503392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11002
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 30ms
11ms Script
application/x-javascript 2600:9000:223c:5400:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:04:30 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:14:48 GMT
server: nginx
age: 308
etag: W/"60e794f8-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 8qQkA8-_ISzhrnXYFu56km9GW6cQUNvdz6sfYxH_PdiDA2bfSWVqtg==
expires: Wed, 27 Oct 2021 11:04:30 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 179 KB
62 KB 31ms
31ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cc6cdeb45441b1edd12c17a29641742a0d5e3c3d47b32c78f1018494e43ad8b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "e9b5b90cbd1495779100b92dc20631ea:1635290167.614591"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=50743
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 85 KB
27 KB 20ms
19ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6c50713af717a2645ed35d9ba6a58e5ed135a4647884d4fd3597afd97405599d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "06b8d8af960565e7ab814431ae3ca257:1634627200.511335"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=10118
content-type: application/x-javascript
content-length: 27458

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 45ms
18ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

816fb7089d8322b25c2d39abb1daca3d1149815587e98f162588141dd648cadf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1025 / 428 of 1000 / last-modified: 1635324113"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27210
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 09:09:38 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 310 KB
98 KB 47ms
47ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: beeda9a17b4eee343f7ec43d45f3046b4133b8eea4b23ea0667d206c1d5f7d36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "a10134beab56207257f1f2ac785713ee:1632115066.493479"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=11246
content-type: application/x-javascript

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 184 KB
57 KB 38ms
9ms Script
application/x-javascript 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 489d91bed61ef8d1c31f9de5b1c13777a03ac0864206094dd594ad82ef266ca7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 10:28:42 GMT
content-encoding: br
age: 81657
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:f3f3bcb1-d653-4795-a242-0bc52f20e334
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 7fac56bbf391534ba4d108d9d1c5ede96a619703863f7695a7d7c98a8fea4662
x-amz-meta-codebuild-content-md5: 99ea7c9ae879eabed07b623c4b48c3a2
last-modified: Tue, 26 Oct 2021 10:28:36 GMT
server: AmazonS3
etag: W/"319188f4e162198ee578ba6e65904ead"
vary: Accept-Encoding
x-amz-version-id: aNI79gymn36SdL1OCQ9XQoRn1j6ap8oY
via: 1.1 3296b04068551f925d5fafd1b785ff31.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-type: application/x-javascript
x-amz-cf-id: UqJF3m8WnoV_84w6ThfY4iO0lyd0YQc4_q_bVauf0hbCySJKn5HfAQ==

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 25 KB
10 KB 13ms
12ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b6ed52620b0e664886b8e980fe5acc99a3abcdfc1e63ab42cfaab3f5c37d2cc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "5f7339d587fa5267589cad826aed6c7b:1633930260.853289"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=19966
content-type: application/x-javascript
content-length: 9762

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 63ms
9ms Script
text/javascript 13.32.99.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-93.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89734c02492d82d9541efd36f0536204494afdc762a0676a1041b9907af3ffed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 08:50:38 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 27 Sep 2021 05:38:59 GMT
Server: AmazonS3
Age: 1141
ETag: W/"50061cbd590b509a060f1162b459b261"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: fuu96ppPQnUcLBRF_VH3Jliuwj5rRSu1VwVzd6TWXaioh5P-2XYP6Q==

GET
H2 200 2988.js Show response
script.crazyegg.com/pages/scripts/0018/ 5 KB
2 KB 73ms
37ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d91e1f1004c910402c81c62dc28a79609f7381f6f8e5fd5118c0a08ff40a96a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 56278
cf-polished: origSize=4899
cf-ray: 6a4ac965e92bdfa9-FRA
ce-version: 11.1.351
last-modified: Tue, 26 Oct 2021 17:31:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 2 KB
1 KB 42ms
8ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85bda895995d4050c0fd10ac66d74eaf597c11c4c2c10c0ca19203b84c1595d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: UglknaxZwqDxauvcZhiwEapwHEKEgOTj
content-encoding: gzip
etag: "ba3d8bad9aa5da5f9752cd9d5f63bd42"
age: 176273
via: 1.1 varnish
x-cache: HIT
content-length: 665
x-amz-id-2: 1sddNj/g9Iimyt3fcWkWWvpNV743cdDx6f4pDzQepAS7yBTWfzopkp7lPRBnoyDys8UdKJ7Aiv0=
x-served-by: cache-fra19149-FRA
last-modified: Fri, 01 Oct 2021 02:40:35 GMT
server: AmazonS3
x-timer: S1635325779.865993,VS0,VE0
date: Wed, 27 Oct 2021 09:09:38 GMT
vary: Accept-Encoding
x-amz-request-id: XZSD1QVH0MQ9S747
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1522

GET
H2 200 utag.985.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 2 KB
1 KB 12ms
12ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 02:18:16 GMT
server: AkamaiNetStorage
etag: "479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 899
expires: Thu, 11 Nov 2021 09:09:38 GMT

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 9 KB
4 KB 55ms
7ms Script
application/javascript 2600:9000:2251:3000:4:77d:a0c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3000:4:77d:a0c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78b0d29893c756fc8033183d15c66a93c5c72d34fb4567e40e2ebd991c0184b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 27 Oct 2021 01:00:00 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 00:02:09 GMT
server: AmazonS3
age: 29379
etag: W/"57466c5c999c095bc1e641f83cee3240"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: nzWFYNP-wWoe6Z9Vuwx-M_JfXFRjhmT8fiLOPtNC9nsHgcVdO7uukQ==

GET
H2 200 mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 366 KB
366 KB 144ms
143ms Image
image/png 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 373561
x-rq: ewr4 0 2 9980
last-modified: Sun, 17 Oct 2021 23:21:00 GMT
server: nginx
etag: W/"616cafdc-5b713"
vary: User-Agent
content-type: image/png
cache-control: max-age=396075
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Sun, 31 Oct 2021 23:10:53 GMT

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 59 KB
19 KB 58ms
10ms Script
application/javascript 23.55.110.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.16 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-16.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: f6a9ed90057ad36a18b61529450500cf51a3a6878960eace920c4e10ccd99ca9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 14:32:05 GMT
server
x-powered-by: ARR/2.5
etag: "bcfb20c5f5b9d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=478
accept-ranges: bytes
content-length: 18961

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 8ms
8ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202109210218&cb=1635325778850
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 27 Oct 2021 09:19:38 GMT

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 33 KB
7 KB 53ms
11ms Script
application/javascript 2600:9000:2240:a200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e44b948d9cc4fe04b41f390f115c009a2cefe3205c3da2b1a8a3dde3fbe203f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: q7wDuxVf4eHxVhqkNnitDmErD1SU3dcE
content-encoding: gzip
etag: W/"677b361606c5cd14126a947bc3625eef"
last-modified: Tue, 26 Oct 2021 17:18:45 GMT
server: AmazonS3
age: 2511
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5f.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Wed, 27 Oct 2021 09:00:26 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: jMGAzkhINF_M6vcFSPMj1Dp1HpY2m_2wbhzqe166bwe3Fc-aj7GEaQ==

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 56ms
9ms Script
application/javascript 52.222.214.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 16:16:13 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 60806
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P3
X-Amz-Cf-Id: 4rUbCWtrJqHVYPgvSIfhPVwXCIqbhh2GV4x4rccyC8lQbor8AUrlMQ==

GET
H2 200 85ed65c674f3e095082e05f42eaf5a03
content.api.news/v3/images/bin/ 10 KB
11 KB 65ms
64ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/85ed65c674f3e095082e05f42eaf5a03?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 40cfc7215c577bbd3c77dafefd31839c3d73fed490eefbace9e37901d7651d4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 85ed65c674f3e095082e05f42eaf5a03
date: Wed, 27 Oct 2021 09:09:38 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: bd238afa9ed155d477e0709a53959cd6-85ed65c674f3e095082e05f42eaf5a03-320
x-serial: 1602
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5173319
last-modified: Wed, 27 Oct 2021 06:13:39 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 10399
expires: Sun, 26 Dec 2021 06:11:37 GMT

GET
H2 200 918a3c3c431db07dc5b8209ca21e55a3
content.api.news/v3/images/bin/ 9 KB
10 KB 69ms
69ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/918a3c3c431db07dc5b8209ca21e55a3?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 043c07c02c61430ab3b27573843fe13db96e02e5bcaf381452a1b57cfbbc5321

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 918a3c3c431db07dc5b8209ca21e55a3
date: Wed, 27 Oct 2021 09:09:38 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: e4a2eba3f564ba8300b142c924496fb0-918a3c3c431db07dc5b8209ca21e55a3-320
x-serial: 1722
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5180419
last-modified: Wed, 27 Oct 2021 08:11:08 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 9377
expires: Sun, 26 Dec 2021 08:09:57 GMT

GET
H2 200 35aa2e35edadb3ffaa40eec0cf35f9a6
content.api.news/v3/images/bin/ 9 KB
9 KB 1420ms
1420ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/35aa2e35edadb3ffaa40eec0cf35f9a6?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8d367ba4cafcc93cbdf6096b34c9ff4372aa9f7f4108d334b317884dd19d7188

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 35aa2e35edadb3ffaa40eec0cf35f9a6
date: Wed, 27 Oct 2021 09:09:40 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 91823f1285a09c9b1aa8295d47301c61-35aa2e35edadb3ffaa40eec0cf35f9a6-320
x-serial: 816
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5183865
last-modified: Wed, 27 Oct 2021 09:08:36 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 9289
expires: Sun, 26 Dec 2021 09:07:25 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 319ms
103ms Image
image/gif 34.192.234.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=DkHVCH-bkTLDBi-LN&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11222&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2901&t=DAA5__CjRa5PCVvDr7BoBkdIB6BPF5&V=128&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=0&_acct=anon&sn=1&sv=BIGT2TDvy9sRBWc1kID0L2lxC1irJy&sd=1&im=06030402&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.234.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-234-155.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 09:09:39 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1635325778937
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1635325778937

5 KB
2 KB

42ms
42ms

XHR
application/json

34.247.192.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1635325778937

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

34.247.192.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-192-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

30b7ddf1ec82e63550adc90d6176aafb34c73029dd6d15bd5009ce1f103234c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0ff20dc55.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: pndfx8z/Sho=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1539
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v019-0cac9a0e9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.heraldsun.com.au
X-TID: dptPMCIbRag=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1635325778937
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 2988.json Show response
script.crazyegg.com/pages/data-scripts/0018/ 25 KB
3 KB 72ms
35ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0018/2988.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b325422052351546a5be2cf7114ddb632ff9d748185aee2b6985fbb10cdb497

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 56283
ce-version: 11.1.351
content-length: 2358
timing-allow-origin: *
last-modified: Tue, 26 Oct 2021 17:31:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6a4ac966ddc56963-FRA

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ 8 KB
4 KB 62ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=702111466422.5894?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:56:37 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
495 B 115ms
43ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvV30FjPdeJ4WAAyxJmsbcoZVNdC-XT5DLn-DjUjqwAc1h4Rt-6I7jOsEHi8t1jGqK1XTLZBG_yx0EXVGHcrHggZrs7DXnZrbf5D9MM8KIVjIK0JJka2RMD89G7Jqw1Q8k1oz3Iir4&sig=Cg0ArKJSzEyb9hJfzqkREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20211020.67737&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=702111466422.5894?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 09:09:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pubads_impl_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 32ms
31ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 122594
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 09:09:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 141 B
128 B 55ms
25ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a86e367c410aeae763f5e66015e6ce692957cec67f31162d9cbfc217a795f0ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 103
x-xss-protection: 0
expires: Wed, 27 Oct 2021 09:09:39 GMT

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 63 B
362 B 510ms
472ms XHR
text/plain 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 674a7952492ff90ab0f581273f4df05b250e978477150834003dc278e4322ed1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 09:09:39 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "519053bf13ef3980b8829a5ec0f4dbc4:1632729087.383686"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 63
mime-version: 1.0
expires: Wed, 27 Oct 2021 09:09:39 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 192 KB
54 KB 9ms
9ms Script
application/javascript 2600:9000:2240:a200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: tnxqFQqGT1ELPIx0GRfinwCzm_ufX7R9
content-encoding: gzip
etag: W/"bd1ffd9a8dc416cfddcde665f3111e22"
last-modified: Mon, 18 Oct 2021 14:09:23 GMT
server: AmazonS3
age: 4296
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5f.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 27 Oct 2021 08:57:58 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: TX0Fh7Est06TGexvLW9pMRnPz8xrjpvpJLRW8NnL_7HIFFicNcQoUQ==

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 17 KB
2 KB 37ms
8ms XHR
application/octet-stream 23.55.110.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.110.16 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-110-16.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 4a45c5183f6784e1905d857a5c03453165d3883b59d0d9f8eaf6ab3786847ee5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 8.zQqtkLax0ACcIeRLb3eX6FnEBRRpSb
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 05:05:09 GMT
server: ATS/7.1.0
x-amz-request-id: TFBXVZQ095P7BPFC
etag: "42b502aa43dccbe8b83d3e45426165a8"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=290
date: Wed, 27 Oct 2021 09:09:39 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 1265
x-amz-id-2: v8MqPLlpd9BxMJOru3xND2jiD5ukUuu6JFHRAOf/UMYlXOvE64QMjxIKpgFjCnIkcC1F8XNK/nE=

GET
H2 200 11.1.351.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 67 KB
22 KB 15ms
15ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.351.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daab314890951d408604603cdd77b31b63ae2ca9cc3c313673ce259c1575f695

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 04 Oct 2021 04:51:34 GMT
server: cloudflare
age: 56283
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6a4ac9676b0edfa9-FRA
content-length: 22342

GET
H2 200 4c6e7912150fe282901353a68fa4f59a
content.api.news/v3/images/bin/ 17 KB
17 KB 71ms
71ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/4c6e7912150fe282901353a68fa4f59a?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 1efa5e3b4e61c14e4a2a8efa2ef602776128d2b06824b7754434976a0a47e408

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

edge-cache-tag: 4c6e7912150fe282901353a68fa4f59a
date: Wed, 27 Oct 2021 09:09:39 GMT
last-modified: Wed, 27 Oct 2021 02:30:33 GMT
server: Akamai Image Manager
etag: 46dd3cd4e753c8d426e5e453d3fb0aa1-4c6e7912150fe282901353a68fa4f59a-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5159987
access-control-allow-headers: x-newsapi-api-key
content-length: 17195
expires: Sun, 26 Dec 2021 02:29:26 GMT

GET
H2 200 6e0ef458
login.newscorpaustralia.com/akam/11/ Frame A9C5 32 KB
0 15ms
15ms Script
application/javascript 104.111.230.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/akam/11/6e0ef458
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=nZfdqd8tU8jPXHzCzHxtyo9QyHmlpw6z&nonce=cL~9BZF1pERACeap0t3AReA4Too-FD9e&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi40In0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.77 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-77.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=nZfdqd8tU8jPXHzCzHxtyo9QyHmlpw6z&nonce=cL~9BZF1pERACeap0t3AReA4Too-FD9e&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi40In0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:03:19 GMT
etag: "ab8611eac6de8bbdfb55fc3ebea7f5ffa9af73a6d7caa9968691b87dadbf0d1e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 10446
expires: Wed, 27 Oct 2021 09:09:39 GMT

GET
H2 200 x52GGoB
login.newscorpaustralia.com/yxSK/m6Xk/LMG/LMy/Nj7w/9bz1c6rcaGz5/RSlQbENwKAI/cVRdE/ Frame A9C5 77 KB
0 13ms
13ms Script
application/javascript 104.111.230.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/yxSK/m6Xk/LMG/LMy/Nj7w/9bz1c6rcaGz5/RSlQbENwKAI/cVRdE/x52GGoB
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=nZfdqd8tU8jPXHzCzHxtyo9QyHmlpw6z&nonce=cL~9BZF1pERACeap0t3AReA4Too-FD9e&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi40In0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.77 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-77.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=nZfdqd8tU8jPXHzCzHxtyo9QyHmlpw6z&nonce=cL~9BZF1pERACeap0t3AReA4Too-FD9e&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi40In0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 16:10:06 GMT
etag: "d1dbb955755ca44a0b872a64f97c471a45b14e941f69d082c19f792576ae34fb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 19642

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 852D 12 KB
4 KB 8ms
7ms Document
text/html 2600:9000:2240:a200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:a200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
last-modified: Mon, 18 Oct 2021 14:09:23 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: fWy1EzHp9Q0L9DPiegymkYQaHVC9sb1R
server: AmazonS3
content-encoding: gzip
date: Wed, 27 Oct 2021 08:16:28 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: B5cOXNMrX6MMrjTXN6FOQsHo6W3Sbhl0aQSK4OmWPArGllJm0U1a9g==
age: 6788

GET
H2 200 Serving Show response
bs.serving-sys.com/ 10 KB
3 KB 53ms
13ms Script
text/html 35.158.236.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=2765181381739085571&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D4545045329212486568$$&ns=0&rnd=8080491129186869
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.236.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-236-52.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d974a3d87169969cac5d93bcdb6c6276780b7a5ed254d797f0790569c3a11821

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: text/html; charset=UTF-8
content-length: 2430
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 673 B
911 B 128ms
49ms XHR
application/json 63.33.102.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=93eac612-86ab-245b-a9ed-60d04e3fc38e&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.102.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-102-111.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 189e738c3fc4a5f0959c6fea29e02a6cb65acd4e81f924f6ddcfd5067d208dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
x-server-name: app05.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H/1.1 200
OK dest5.html Show response
newscorpau.demdex.net/ Frame C40B 7 KB
3 KB 153ms
38ms Document
text/html 34.240.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.240.91.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-240-91-113.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 27 Oct 2021 09:09:39 GMT
DCS: dcs-prod-irl1-2-v019-02cd5e33a.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 14 Oct 2021 11:09:04 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: Z7OeVhFOQVk=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
metrics.heraldsun.com.au/ 48 B
515 B 72ms
17ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=06684889323481403080978999962304415210&ts=1635325779188

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

cb4ee0d3052fea0056634cbf4bf2f52abfcd0b0c1d871b4b070d5dfc1cd05427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-b4c7fdd79-5cprp
vary: Origin
x-c: main-1540.I13d07b.M0-522
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YXkXUwAAALhOdgQf
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=06706123455546844300981386709355058416
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YXkXUwAAALhOdgQf

42 B
945 B

70ms
38ms

Image
image/gif

34.247.192.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YXkXUwAAALhOdgQf

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

34.247.192.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-192-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0f559dd6e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: C70LqZYLR4I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YXkXUwAAALhOdgQf
Date: Wed, 27 Oct 2021 09:09:39 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 2988.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0018/ 2 KB
647 B 29ms
29ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0018/2988.json?t=454257
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.351.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ff89c4a91938feb06d9cbdfb55e7ee14f8ee11547d50727aa093757901ddaec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4161
ce-version: 11.1.351
content-length: 554
timing-allow-origin: *
last-modified: Wed, 27 Oct 2021 08:00:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6a4ac96808ff6963-FRA

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame ED7E 4 KB
2 KB 40ms
8ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 06:07:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 10906
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: NB3Mi4buTSFItsX3zA92iD6RX3GFpqZ9sEhUNjGbTfoxDx4g0tBVTQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 5983 14 KB
6 KB 27ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-BY
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100038-IAD, cache-hhn11549-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame FFF6 5 KB
2 KB 26ms
8ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 09:09:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=27332
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame A513 96 KB
38 KB 59ms
36ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3845ca01b14ee8443a67afa06ac6700ef618faf4390fa0c504c77f5f5b52ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39134
x-xss-protection: 0
expires: Wed, 27 Oct 2021 09:09:39 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 1899 4 KB
2 KB 24ms
8ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 06:07:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 10906
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb5.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: mBc08oSPICSUVOo-xCPNVkVi-xFtGV0shx-LF9UtkyhxnwmpKNsovg==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 4EAF 9 KB
4 KB 31ms
8ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 09:09:39 GMT
Content-Encoding: gzip
Age: 12190
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21952-LGA, cache-fra19158-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1635325779.269713,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 2, 3260

GET
H3

200

activityi;dc_pre=CO_-qaGf6vMCFdLoUQodBIIJnQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8862215880520.64 Show response
8228261.fls.doubleclick.net/ Frame 1949
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8862215880520.64?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CO_-qaGf6vMCFdLoUQodBIIJnQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=886221588052...

401 B
353 B

48ms
31ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CO_-qaGf6vMCFdLoUQodBIIJnQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8862215880520.64?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

c994b391079dc38db0b6357d793c7efcabd93dcc4112b25990dfadac2e22b9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 27 Oct 2021 09:09:39 GMT
expires: Wed, 27 Oct 2021 09:09:39 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 328
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 27 Oct 2021 09:09:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CO_-qaGf6vMCFdLoUQodBIIJnQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8862215880520.64?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3

200

activityi;dc_pre=CIr9qaGf6vMCFUzK1QodlC0DrQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587346093911.9343 Show response
8228261.fls.doubleclick.net/ Frame 3204
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587346093911.9343?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIr9qaGf6vMCFUzK1QodlC0DrQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=158734609391...

403 B
355 B

46ms
28ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CIr9qaGf6vMCFUzK1QodlC0DrQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587346093911.9343?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

10a8b49f918f3a8cf2a6d0fd1eef18394a43f3e4d5ec5625efcf86dbeb13c421

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 27 Oct 2021 09:09:39 GMT
expires: Wed, 27 Oct 2021 09:09:39 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 27 Oct 2021 09:09:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIr9qaGf6vMCFUzK1QodlC0DrQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587346093911.9343?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3F60 96 KB
39 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-820018408

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85270cebffca132bca82d3e2894fa14df8549c498bd31f13c49c05350c3b929b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39132
x-xss-protection: 0
expires: Wed, 27 Oct 2021 09:09:39 GMT

GET conversion.js
www.googleadservices.com/pagead/ Frame 97F1 0
0

GET activity
au-gmtdmp.mookie1.com/t/v2/ Frame 2D07 0
0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame C4E5
Redirect Chain

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

43 B
1023 B

13ms
13ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:39 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: db61cd1a-518b-49fe-9611-e0230170e1b6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:39 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8f5d4219-20fc-4334-b1f5-88933979bc2d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

0
1007 B

28ms
28ms

Image
application/javascript

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:39 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b9369438-afd2-4582-acc8-c7434544faa5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:39 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b8cb02a9-adaf-4e96-9380-fab65047f4b1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

0
1007 B

59ms
59ms

Image
application/javascript

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:39 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c2ad85cd-7e29-4534-a6d8-801ba99c1553
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:39 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5f66f8db-e4cb-42cc-b464-3d6b3b04258d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 28 B
135 B 129ms
47ms XHR
text/plain 34.255.166.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1635325779332
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.351.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.166.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 54d7ac8721fcdcdfbd9351b75897f7935c5772aa6944b0642113916edf707c67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Oct 2021 09:09:39 GMT
cache-control: no-store
server: awselb/2.0
content-length: 28
content-type: text/plain

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 39ms
39ms XHR
application/json 34.247.192.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=06684889323481403080978999962304415210&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01b803b5fbc23565aac56386c999a5e3cf%011&ts=1635325779337

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.192.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-192-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c3707978595f0587ac83287ce372411c648f43257346d5de528475f57db9082e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v019-02e73bb60.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: mdAr3WY3TQs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1539
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
716 B 39ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 207 KB
21 KB 81ms
80ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3469510845957924&correlator=1422321582683903&output=ldjh&impl=fifs&hxva=1&scor=3638259125127197&eid=31061815%2C31063082%2C31063136%2C31063318&vrg=2021102501&ptt=17&co=1&npa=1&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D9d2a1e00-3705-11ec-acdf-02bf2b86cc68%26vw%3D40%26grm%3D40%7Cpos%3D1%26id%3D9d2a1e01-3705-11ec-acdf-02bf2b86cc68%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7Cpos%3D2%26id%3D9d2a1e02-3705-11ec-acdf-02bf2b86cc68%7Cpos%3D1%26id%3D9d2a1e03-3705-11ec-acdf-02bf2b86cc68%7Cpos%3D2%26id%3D9d2a1e04-3705-11ec-acdf-02bf2b86cc68%7Cpos%3D1%26id%3D9d2a1e05-3705-11ec-acdf-02bf2b86cc68&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3Db803b5fbc23565aac56386c999a5e3cf%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26abtest%3Da%26pvid%3Db803b5fbc23565aac56386c999a5e3cf-00000000000000000000000000000000-1635325778844-871174%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1635325779&dt=1635325779361&dlt=1635325778151&idt=1012&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=48%2C462%2C9409%2C10604%2C3497%2C11269&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C300x0%7C300x0%7C1600x665%7C1248x0%7C1600x11269&msz=728x93%7C300x276%7C1248x250%7C1000x0%7C728x0%7C0x0&ga_vid=1883981545.1635325779&ga_sid=1635325779&ga_hid=1205332779&ga_fc=false&fws=640%2C640%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3af3b9d514c449c10af5f558f2578cf482766b66beb58e9affbcbd9153be0364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234025461,138234025065,138234025548,138234082178,138234025551,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
31b4fa49d3d5ce239fa436066892950b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB56 0
0 59ms
16ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31b4fa49d3d5ce239fa436066892950b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 09:09:39 GMT
expires: Thu, 27 Oct 2022 09:09:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 s94845581655019
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
440 B 19ms
19ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s94845581655019?AQB=1&ndh=1&pf=1&t=27%2F9%2F2021%209%3A9%3A39%203%200&cid.&newsnkidcookie.&id=b803b5fbc23565aac56386c999a5e3cf&as=1&.newsnkidcookie&.cid&vid=b803b5fbc23565aac56386c999a5e3cf&mid=06684889323481403080978999962304415210&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D29&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=8%3A09%20PM%7CWednesday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=29&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=de%7Cby%7Cnurnberg%7C49.45%7C11.07%7Cgmt%2B1%7Cunknown&v79=de&v80=b803b5fbc23565aac56386c999a5e3cf-00000000000000000000000000000000-1635325778844-871174&v111=0&v161=35.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
x-content-type-options: nosniff
x-c: main-1540.I13d07b.M0-522
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 28 Oct 2021 09:09:39 GMT
server: jag
xserver: anedge-b4c7fdd79-mv4n9
etag: 3511835369715499008-4619608756347048206
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 26 Oct 2021 09:09:39 GMT

GET collect
px.ads.linkedin.com/ Frame FFF6 0
0

GET pixie
ib.adnxs.com/ Frame 4EAF 0
0

GET adsct
t.co/i/ Frame 5983 0
0

GET dc_pre=CIr9qaGf6vMCFUzK1QodlC0DrQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587346093911.9343
adservice.google.com/ddm/fls/z/ Frame 3204 0
0

GET dc_pre=CO_-qaGf6vMCFdLoUQodBIIJnQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8862215880520.64
adservice.google.com/ddm/fls/z/ Frame 1949 0
0

GET gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 852D 0
0

GET /
kehwffki4dcjgapq9gmh5fsubtwm41635325779.nuid.imrworldwide.com/ Frame 852D 0
0

GET conversion_async.js
www.googleadservices.com/pagead/ Frame 3F60 0
0

GET conversion_async.js
www.googleadservices.com/pagead/ Frame A513 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 45ms
45ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9VEJs68AoVT-detEAkz53mD8TomJ-AOSLJwmnOmLBialP788ShXp0yMlvhalBFOhDHoE01ojKGpFTPXyTgTb7NcSpUMgCECxwLo4-Q5qwQojHTi3uvEznrRWEYAleaQxwpprjcNea1gA3DAIcUy6hgBGQvBl19Q92qdzAJLVHrur-WrAGX9pF2dcl4w3hn-usmG0oqGTovvxVweNOgVWaNxCNPie5rqu9WWZ0jGJFq4AuoKsNFbYPZGKZyAB5MPx7DnaTxl4ZDvWskzjctGJ1o_Gtiq4zIzkwWj0cDDVf9zONVPNt-DOX1Ec9&sai=AMfl-YQzaKmIp1_Mo3XGOQeN1lDMEvy16KGXyEnlpIR5sxg5vpef7VUS5J2955ACd1x-anMCZ1-QBGP30yqk&sig=Cg0ArKJSzMvo_W3hl-8wEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=b803b5fbc23565aac56386c999a5e3cf-1635325776

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 09:09:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ 18 KB
8 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 27 Oct 2021 09:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 09:08:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ 3 KB
1 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 09:03:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 120 KB
37 KB 45ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 09:09:39 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 40ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRweNL60oxlTgG7o4NfNw5YcTUvpy_P82CbNoNBFnx66RZZwRU4QR3qvous2xn600IdFPSS
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 7114969398400660195
tpc.googlesyndication.com/simgad/ 68 B
418 B 33ms
10ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 18:06:18 GMT
x-content-type-options: nosniff
age: 54201
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Oct 2022 18:06:18 GMT

POST
H2 204 bulk Show response
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
104 B 17ms
17ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211027-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Wed, 27 Oct 2021 09:09:39 GMT
via: 1.1 varnish
server: nginx
x-timer: S1635325780.501496,VS0,VE8
x-served-by: cache-fra19153-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
BLOB 200
OK f2cdcb99-5c8c-4c1d-8585-926bf1bbb9f7
https://www.heraldsun.com.au/ 218 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/f2cdcb99-5c8c-4c1d-8585-926bf1bbb9f7
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5916e8ec7e52ac38c27502c20b1faf6303c163776ad63cc89543a56b03dbedc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 218
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 133b78270fed67d736d16b76506df47d2abc7652f3aacb3d644684c8e082d9d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame AB1B 48 KB
14 KB 126ms
60ms Script
application/javascript 63.33.102.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=2011465159&custom=homepage&custom3=168400391&adsafe_par&impId=9d2a1e00-3705-11ec-acdf-02bf2b86cc68
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.102.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-102-111.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 09aafa7a1f70be0de6c6c7d26036e7d022b8d6e560c841887a2aaf125634fa32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
x-server-name: app22.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 main.gr.19.8.254.js Show response
static.adsafeprotected.com/ Frame AB1B 187 KB
60 KB 136ms
57ms Script
application/javascript 34.253.79.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.254.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=2011465159&custom=homepage&custom3=168400391&adsafe_par&impId=9d2a1e00-3705-11ec-acdf-02bf2b86cc68
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.79.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-79-107.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: a735b37c9a8c3b661aaae8aede4d5130ed16bb77601195629927521cba629a27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 21:49:24 GMT
server: nginx/1.16.1
age: 6
etag: W/"a7295a572e90c9466b34e461a03e960e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 5AD4 80 KB
21 KB 31ms
31ms Script
application/javascript 34.253.79.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.79.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-79-107.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:39 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 5792737
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 33ms
33ms Image
image/gif 63.33.102.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=2011465159&custom=homepage&custom3=168400391&adsafe_par&impId=9d2a1e00-3705-11ec-acdf-02bf2b86cc68&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:69693842-e920-3bd7-b1d4-25801a839c13,c:sexx3G,sl:inView,em:false,fr:true,thd:1,mn:app22ie,pt:1-5-15,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1.KBsRy1,nbld:0,mtim:180,fm:sN1Wjzo+1*.10507%7C11,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:194,oid:9d646804-3705-11ec-b2ca-06da572054ee,v:19.8.254,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.102.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-102-111.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 09:09:39 GMT
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 290ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=69693842-e920-3bd7-b1d4-25801a839c13&tv=%7Bc:sexx3T,pingTime:0,time:207,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:193%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:207,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:193,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~100%5D,as:%5B23~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sN1Wjzo+1*.10507%7C11,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:40 GMT
X-Server-Name: dt32.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 291ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=69693842-e920-3bd7-b1d4-25801a839c13&tv=%7Bc:sexx3W,pingTime:-2,time:210,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:131,beZ:133,mfA:311,cmA:313,inA:313,inZ:318,prA:318,prZ:321,si:325,poA:326,poZ:336,cmZ:336,mfZ:336,loA:339,loZ:340,ltA:341,ltZ:341%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:193%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:210,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:193,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B26~100%5D,as:%5B26~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sN1Wjzo+1*.10507%7C11,idMap:1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,slid:%5B%5D,sinceFw:16,readyFired:true%7D&br=c
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:40 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 campaigns Show response
resourcesssl.newscdn.com.au/indies/ 3 KB
1 KB 20ms
20ms XHR
application/json 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by: Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash: 4233fb95029f6d4ca239244aff2f6d408577d0fbe9eff15769a361f93b63fdd7

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Oct 2021 09:09:40 GMT
content-encoding: gzip
etag: W/"afd-lyyTMmntRT/5H4FFmZ1XNgeBtAk"
x-powered-by: Express
x-cache-hits: 0
content-length: 818
x-served-by: cache-ams21082-AMS
x-fh-no-setcookie-unroll: true
server: Google Frontend
x-timer: S1635297961.412206,VS0,VE407
x-i: true
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 0d8d52208078d3b5660ec70401b599a9
cache-control: private, max-age=576928
function-execution-id: amknscigb1rh
accept-ranges: bytes
x-orig-accept-language: en-US,en;q=0.9
x-country-code: DE
expires: Wed, 03 Nov 2021 01:25:08 GMT

OPTIONS
H2 204 campaigns
resourcesssl.newscdn.com.au/indies/ Frame 0
0 181ms
180ms Preflight
text/html 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-type: text/html
function-execution-id: mefab7m0771t
server: Google Frontend
x-cloud-trace-context: a86547133f632d9c83002e7c031c4a16
x-country-code: DE
x-fh-no-setcookie-unroll: true
x-powered-by: Express
accept-ranges: bytes
x-served-by: cache-ams21076-AMS
x-cache-hits: 0
x-timer: S1635325780.160675,VS0,VE158
cache-control: private, max-age=604800
expires: Wed, 03 Nov 2021 09:09:40 GMT
date: Wed, 27 Oct 2021 09:09:40 GMT
x-i: true

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 94ms
94ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=69693842-e920-3bd7-b1d4-25801a839c13&tv=%7Bc:sexx8V,pingTime:-10,time:519,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1635325780228%7C%7C3bc353ade7727e52b736b588b37c7a9b%7C%7Cc7e7172c7781b034963ef5178f1479dd%7C%7C7c40151dbe5f0bc15d263f555c88a4a1%7C%7C5ebba01fd2c4bf60542022cba9a53742%7C%7Ca848ee8cee83f5648668a50c7bbe0f87%7C%7C02508c2ca7ed9f01a8ecb064ab8717f9%7C%7C4c816a08180ca1b2b0dc4fb415cd29e8%7C%7C1629390669%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:40 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 44ms
22ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61d94177f43d0efae2ed5932584636d379cb29801efc0be27d4c5719bfb15e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 09:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8619
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 42ms
42ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFAHe-7zWpMrhcXMXHNpwVb-FDkSl5ga3laJVxZoYDxnW0lKhDLFhG_rw2cniU6q2lu3thZdn_VGIOeNCPnaj7qJtnm5VbQYnVnhHd_M4fTMCdY6lKcLYzISbVG-OyxCrycqxanklRaa-PQvOHnG2pO3kdIKxN90ldLX-YRTrBG57AuCWOOeFj6ZS3eGuXHbNspzt8EXVc5YNVB1QLwSuSDUty0ZCRlwUUZJLFI4Yi8E-2RgVHB1tzZ6inf7fR_fiOXnc_gluFRd-octR0l3fXSW3z-TkX9sazTMSDGsmONMqU9PQTF8TGE0z8Oqs&sai=AMfl-YT7owEZ_vZnjlUxxETaOzacEwH1j8Ea6WaKWajwo7JgG_5r0s6qqWglhaY-mUkDTVUt5UfhHuh_LfRr&sig=Cg0ArKJSzHZjkAz7KalFEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 09:09:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 27 Oct 2021 09:09:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3073 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 27 Oct 2021 08:57:33 GMT
expires: Thu, 27 Oct 2022 08:57:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 91DE 783 B
1003 B 18ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b2c2b3a279c12a4e2d23e03d513c3cd3449f779d45829cc19d380246d9713f4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6iZM6O8bh98JYNO4xAUE+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 27 Oct 2021 09:09:40 GMT
date: Wed, 27 Oct 2021 09:09:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-6iZM6O8bh98JYNO4xAUE+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js Show response
pagead2.googlesyndication.com/bg/ Frame 3073 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 08:57:33 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 91DE 0
0 47ms
46ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102501&jk=3469510845957924&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 49ms
48ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102501&jk=3469510845957924&bg=!VFelVxPNAAbUs_yW1LM7ACkAdvg8Wr73T6i79ivLoBgRQ1OVkhAnsUkyeNYHH4BhNxm46LVWKSkiGgIAAABeUgAAAAxoAQeZAsIMHwEQLpYe6F96K9wpCw6b66BtjIGs1rNsGUUj7ad2byKSomz5ZrndOlWBudXQUr2pCiA1F-Zh6qrgSqKgVk-FOeDIbWvC3sIjzQ2ezxlIbKAP8W127cXa2xeuVXOv9qXBYrzrZB1L16c_RemUnMInewikQ0mxzc10JkLws_ZJo8yvyaI0arou-HE43s4pFhx59rCCIEoYMxNQVN5f9Iu6L_0I6xXjltqaM31RQ1jqFZUi_r0X1H8xuYZhldTfVZ4q7-tgnuPPRwJPxFar9i5nliO7UP7DeEodskz3MHg1iMZbw0ruK5b-RpNerJ_-9GiH0jtLdPu0_TwFc4d49eJq9OApmL3Eh43baEICqGZ6OrUAMigTyaraeIJW8hRGSELyF--FMXjQqxznL8ry0m3gbhN-oNlcUNEy8EXpqC7gmQbtSc1O-lUY1STwM4scxRjBOSmkjXq0WBmmYqKT3BQcRsi40m5QdqbR4FxvRSrRPpDdUswxSHQoAxgldb30R1VmNk5StiAi-kpaARR8b8xWjTi4bgGVFb5Jsr0HYcRViHuSqnfxRWAFALK23HvXLATR5ALavkkFiTxrFS4KCv7gPhwHKHLi6bVjGGc_0PpijjQ6yBGXrxRGHGOHNNDj6SGycYFt8QIP-gxxF5qXxMvg9vNnBBqMFtrggUAJiKzTBt28vcS8aSj40sO94veXgomZwXOskTrmyY_u1U90c9vo-T529D_Ls0pNvWpyZVKt1Lh_144sgw8ShvJyfIQXXN6pCrQL58II0bcAqOp3l5BiAOrwOvSuQSe-84NPNgmSbRtT7DG-ei1QTELYigROWulFm9K3lXPITxhFX-gGchXOolSdX2qmbJlHnOsKjb9rNESF1YwWKmw6QXUxUp6ZZShxqI-ND9ycBBxQmlJLuDGjBsA_Rb4Kty0FhlvBmLYK7Ttr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 09:09:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 validate
assets.vidora.com/v1/ 0
313 B 279ms
278ms Ping
application/octet-stream 2600:9000:2251:3000:4:77d:a0c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by: Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3000:4:77d:a0c0:93a1 , United States, ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 09:09:41 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: LrwBpgAKdw3Kv9BP48imBDV2fVABsT0n_V5SUNdsGsBc7lzIExADYw==
expires: Wed, 27 Oct 2021 09:09:40 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 90ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=69693842-e920-3bd7-b1d4-25801a839c13&tv=%7Bc:sexxk3,pingTime:1,time:1209,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:193%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1209,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:193,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1025~100%5D,as:%5B1025~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:96,fm:sN1Wjzo+1*.10507%7C11,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:40 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 92ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=69693842-e920-3bd7-b1d4-25801a839c13&tv=%7Bc:sexxk3,pingTime:1,time:1209,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:193%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1209,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:193,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1025~100%5D,as:%5B1025~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:96,fm:sN1Wjzo+1*.10507%7C11,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:40 GMT
X-Server-Name: dt32.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 181ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=69693842-e920-3bd7-b1d4-25801a839c13&tv=%7Bc:sexxk4,pingTime:1,time:1210,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:193%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1210,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:193,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1026~100%5D,as:%5B1026~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:96,fm:sN1Wjzo+1*.10507%7C11,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:41 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 185ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=69693842-e920-3bd7-b1d4-25801a839c13&tv=%7Bc:sexxk4,pingTime:1,time:1210,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:193%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1210,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:193,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1026~100%5D,as:%5B1026~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:96,fm:sN1Wjzo+1*.10507%7C11,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:41 GMT
X-Server-Name: dt32.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ 44 B
563 B 38ms
38ms Image
image/gif 63.32.150.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=kehwffki4dcjgapq9gmh5fsubtwm41635325779&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,zy7vjkuroy05ilsiugdxlj2fxcmni1635325779&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16353257791369323&c30=bldv,6.0.0.602&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1635325778852&c3=st,c&c64=starttm,1635325780&adid=1635325778852&c58=isLive,false&c59=sesid,&c61=createtm,1635325781&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&c62=sendTime,1635325781&rnd=634116
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.150.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-150-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 09:09:41 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
174 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9HzqoCDE9EMDOpyj9fVWMGxOQXmcVQ2GSsb3RlM8jgBBrwEVlWSgp2apzJaDuMg088wmWPWtkn5Bgjpyl3mPET9LD4lMcDYSoAU44lHr7gSitSBY3&sig=Cg0ArKJSzGLABeaR-UgPEAE&id=lidar2&mcvt=1000&p=0,0,5,1&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211025&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1616217045&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635325776027&rpt=4308&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 09:09:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=69693842-e920-3bd7-b1d4-25801a839c13&tv=%7Bc:sexymy,pingTime:5,time:5208,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:193%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5208,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:193,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5024~100%5D,as:%5B5024~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:188,fm:sN1Wjzo+1*.10507%7C11,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:44 GMT
X-Server-Name: dt32.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 97ms
96ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=69693842-e920-3bd7-b1d4-25801a839c13&tv=%7Bc:sexymz,pingTime:5,time:5209,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:193%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5209,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:193,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5025~100%5D,as:%5B5025~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:188,fm:sN1Wjzo+1*.10507%7C11,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 09:09:44 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Domain: au-gmtdmp.mookie1.com
URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1635325779416&url=https%3A%2F%2Fwww.heraldsun.com.au%2F

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1635325779422&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1635325779422&et=1635325779423&if=1

Domain: t.co
URL: https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&event_id=9dbf0065-6c19-4471-8a53-eead768f8dbb&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Domain: adservice.google.com
URL: https://adservice.google.com/ddm/fls/z/dc_pre=CIr9qaGf6vMCFUzK1QodlC0DrQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1587346093911.9343

Domain: adservice.google.com
URL: https://adservice.google.com/ddm/fls/z/dc_pre=CO_-qaGf6vMCFdLoUQodBIIJnQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8862215880520.64

Domain: secure-sdk.imrworldwide.com
URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=kehwffki4dcjgapq9gmh5fsubtwm41635325779&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.602&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0

Domain: kehwffki4dcjgapq9gmh5fsubtwm41635325779.nuid.imrworldwide.com
URL: https://kehwffki4dcjgapq9gmh5fsubtwm41635325779.nuid.imrworldwide.com/

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Verdicts & Comments Add Verdict or Comment

278 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heraldsun.com.au/	1969-12-31 23:59:59	Name: n_regis Value: 123456789
.news.com.au/	1970-01-21 00:32:13	Name: nk Value: b803b5fbc23565aac56386c999a5e3cf
.heraldsun.com.au/	1970-01-21 00:32:13	Name: nk Value: b803b5fbc23565aac56386c999a5e3cf
www.heraldsun.com.au/	1970-01-19 22:15:27	Name: lux_uid Value: 163532577821411660
.scorecardresearch.com/	1970-01-20 15:32:13	Name: UID Value: 1TXT6R1OIBUCS3RRAZQM5Hg1635325778
www.heraldsun.com.au/	1970-01-20 07:01:01	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Da7758fa2-d804-4f72-9504-979561b35ec0-tuct8729cd2
www.heraldsun.com.au/	1970-01-19 22:15:27	Name: _tb_sess_r Value:
www.heraldsun.com.au/	1970-01-19 22:15:27	Name: _tb_t_ppg Value: https%3A//www.heraldsun.com.au/
.heraldsun.com.au/	1970-01-20 07:01:01	Name: utag_main Value: v_id:017cc1031b790008ae758f457e7703072001d06a00b08$_sn:1$_se:1$_ss:1$_st:1635327578810$ses_id:1635325778810%3Bexp-session$_pn:1%3Bexp-session
www.heraldsun.com.au/	1970-01-20 07:44:13	Name: _cb_ls Value: 1
www.heraldsun.com.au/	1970-01-20 07:44:13	Name: _cb Value: DkHVCH-bkTLDBi-LN
www.heraldsun.com.au/	1970-01-20 07:44:13	Name: _chartbeat2 Value: .1635325778919.1635325778919.1.BIGT2TDvy9sRBWc1kID0L2lxC1irJy.1
www.heraldsun.com.au/	1970-01-19 22:15:27	Name: _cb_svref Value: null
.heraldsun.com.au/	1970-01-20 07:01:01	Name: nc_eu Value: y
.heraldsun.com.au/	1970-01-19 22:15:27	Name: _ncg_sp_ses.ff50 Value: *
.heraldsun.com.au/	1970-01-20 15:46:37	Name: _ncg_sp_id.ff50 Value: 02377a40-ef19-4d85-a5d3-e4bac946a902.1635325779.1.1635325779.1635325779.53253431-5839-4503-9cc7-c9580ac39723
.demdex.net/	1970-01-20 02:34:37	Name: demdex Value: 06706123455546844300981386709355058416
login.newscorpaustralia.com/	1970-01-20 07:01:23	Name: did Value: s%3Av0%3A9cf440e0-3705-11ec-8a3b-c76b35d56dee.63Qtr0v%2FwOq6dY6mCBJirM7YnshvczBs1vwaZTclABQ
.heraldsun.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
bs.serving-sys.com/	1969-12-31 23:59:59	Name: OT_6630 Value: 1
.serving-sys.com/	1970-01-20 00:24:47	Name: ActivityInfo2 Value: 005amuA4J0_004c3mA4J0_
.serving-sys.com/	1970-01-20 00:24:47	Name: G4 Value: 0009fM00CX_
.serving-sys.com/	1970-01-20 00:24:47	Name: OT2 Value: 0001DC1piZ
.serving-sys.com/	1970-01-20 00:24:47	Name: u2 Value: 585f08e3-54c9-411a-8696-9562519460144DL060
.heraldsun.com.au/	1970-01-20 15:46:37	Name: s_ecid Value: MCMID%7C06684889323481403080978999962304415210
.everesttech.net/	1970-01-20 07:01:01	Name: everest_g_v2 Value: g_surferid~YXkXUwAAALhOdgQf
.doubleclick.net/	1970-01-20 07:37:01	Name: IDE Value: AHWqTUmw2jmy_djx4aCFFL7M1N-cgDQfyDB0gW69vHESJevqqY7WFGd2dJgFF_IZeVI
.adnxs.com/	1970-01-20 00:25:01	Name: uuid2 Value: 5381203768754217140
.adnxs.com/	1970-01-20 00:25:01	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVSr^Y3o!]tbP6j2F-XstGt!@DUL$eNee
.heraldsun.com.au/	1970-01-19 22:58:37	Name: s_nr Value: 1635325779406-New
.heraldsun.com.au/	1970-01-21 00:32:13	Name: s_gdslv Value: 1635325779407
.heraldsun.com.au/	1970-01-19 22:15:27	Name: s_gdslv_s Value: First%20Visit
.heraldsun.com.au/	1970-01-19 22:15:27	Name: s_ppn Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/	1969-12-31 23:59:59	Name: tp Value: 11269
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: hs%257Chome%257Chomepage%257Chomepage%2C11%2C11%2C1200
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-20 02:34:37	Name: dpm Value: 06706123455546844300981386709355058416
.heraldsun.com.au/	1970-01-20 00:25:01	Name: _gcl_au Value: 1.1.1052447742.1635325779
.heraldsun.com.au/	1970-01-20 15:46:37	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: -637568504%7CMCIDTS%7C18928%7CMCMID%7C06684889323481403080978999962304415210%7CMCAAMLH-1635930579%7C6%7CMCAAMB-1635930579%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-326480156%7CMCOPTOUT-1635332979s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18935%7CvVersion%7C5.1.1
.heraldsun.com.au/	1970-01-20 07:01:01	Name: _ce.s Value: v11.rlc~1635325779499
www.heraldsun.com.au/	1970-01-19 23:43:01	Name: vidoraUserId Value: s3in9dfks7gosaabglkbti0b7c34ag
.imrworldwide.com/	1970-01-20 07:37:01	Name: SSCVER Value: v1
.imrworldwide.com/	1970-01-20 07:37:01	Name: IMRID Value: 9e49e5d0-3705-11ec-ba8c-3fb251ebb53b

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=702111466422.5894? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=702111466422.5894?(Line 145) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=702111466422.5894?(Line 145) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.heraldsun.com.au/ Message: The resource https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31b4fa49d3d5ce239fa436066892950b.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
am-trc-events.taboola.com
assets.vidora.com
ats.rlcdn.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
cm.everesttech.net
content.api.news
dpm.demdex.net
dt.adsafeprotected.com
edition.pagesuite.com
googleads4.g.doubleclick.net
heraldsun.com.au
ib.adnxs.com
js.adsrvr.org
kehwffki4dcjgapq9gmh5fsubtwm41635325779.nuid.imrworldwide.com
login.newscorpaustralia.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
sb.scorecardresearch.com
script.crazyegg.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
t.co
tags.news.com.au
tags.tiqcdn.com
tpc.googlesyndication.com
tracking.crazyegg.com
trc.taboola.com
ts2020-indies-client.web.app
use.fontawesome.com
widget.perfectmarket.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
adservice.google.com
au-gmtdmp.mookie1.com
ib.adnxs.com
kehwffki4dcjgapq9gmh5fsubtwm41635325779.nuid.imrworldwide.com
px.ads.linkedin.com
secure-sdk.imrworldwide.com
t.co
www.googleadservices.com
104.111.230.77
104.244.36.20
104.75.88.194
104.75.88.206
13.32.99.21
13.32.99.23
13.32.99.93
141.226.228.48
142.250.184.194
142.250.186.166
142.250.186.34
15.236.176.210
151.101.1.181
151.101.193.44
151.101.65.108
151.101.65.175
151.101.66.217
18.66.96.113
185.33.220.145
199.232.136.157
2.18.233.169
2.18.233.28
23.55.110.16
2600:9000:223c:5400:18:1fcd:34f:cdc1
2600:9000:223e:e00:1f:1414:da40:93a1
2600:9000:2240:a200:2:42d9:3100:93a1
2600:9000:2251:3000:4:77d:a0c0:93a1
2606:4700:3031::ac43:d645
2606:4700::6813:9308
2620:0:890::100
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2001
2a00:1450:4001:82f::2004
2a02:26f0:6c00::210:ba0a
2a04:fa87:fffd::c000:42d0
34.192.234.155
34.240.91.113
34.247.192.108
34.253.79.107
34.255.166.68
35.158.236.52
52.222.214.55
52.95.132.86
63.32.150.234
63.33.102.111
99.80.210.73
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
043c07c02c61430ab3b27573843fe13db96e02e5bcaf381452a1b57cfbbc5321
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08fbe794a08de3335828c27e5fe054f5e6682b92cbe233d0db4f0673679d2bb6
09aafa7a1f70be0de6c6c7d26036e7d022b8d6e560c841887a2aaf125634fa32
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77
0ff89c4a91938feb06d9cbdfb55e7ee14f8ee11547d50727aa093757901ddaec
10a8b49f918f3a8cf2a6d0fd1eef18394a43f3e4d5ec5625efcf86dbeb13c421
133b78270fed67d736d16b76506df47d2abc7652f3aacb3d644684c8e082d9d2
189e738c3fc4a5f0959c6fea29e02a6cb65acd4e81f924f6ddcfd5067d208dda
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1d91e1f1004c910402c81c62dc28a79609f7381f6f8e5fd5118c0a08ff40a96a
1efa5e3b4e61c14e4a2a8efa2ef602776128d2b06824b7754434976a0a47e408
1f69d0a336737adcc21c7211432617545e42418a2dbb96ca8520595a30df8b4c
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556
267e084c66023a12777e6c8384540d9afb4efb2e195132db185594357e0501a4
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2fcc8641a1a3950e4b44ffd383ce04caeccfc2e78f28d7928bfc926800d43d4c
30b7ddf1ec82e63550adc90d6176aafb34c73029dd6d15bd5009ce1f103234c9
348451afc7aa376e5ab6ea5c9719df196639ee7dbb926dfb443c458aa334e202
397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7
3af3b9d514c449c10af5f558f2578cf482766b66beb58e9affbcbd9153be0364
40cfc7215c577bbd3c77dafefd31839c3d73fed490eefbace9e37901d7651d4a
4233fb95029f6d4ca239244aff2f6d408577d0fbe9eff15769a361f93b63fdd7
43dc251072564d8ae1f9a77833e8c6c521f57f66dbd1d9680f27c2aff045143f
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
489d91bed61ef8d1c31f9de5b1c13777a03ac0864206094dd594ad82ef266ca7
4a45c5183f6784e1905d857a5c03453165d3883b59d0d9f8eaf6ab3786847ee5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52d726ba12639068985d5d8cfb1479cf4d3f5c2231901407459bf66a0c18b698
53f984595ab7af27823f40966586a63e69315641052ffa658e42d0bc38503392
54d7ac8721fcdcdfbd9351b75897f7935c5772aa6944b0642113916edf707c67
5974cfb305a44fe8655dcbbc844af9516725106b48d2f63d8212d5c7b8dd43d1
5bf7ad57d31465c6de59de470411fb338f16cc112a2c99b37e29100675ba5296
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
6042d3933a14d9d01a3a91c69124e46788812a8492182ff47dd18c73577a088f
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
63a5af013d073900218199a20fcdda3e591952307b883ae986a82e5d9af5824f
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
674a7952492ff90ab0f581273f4df05b250e978477150834003dc278e4322ed1
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6a6a1c4e3f91242324434c60436455edc50ebc32c660e2fe712aa8375ab4fd0f
6c50713af717a2645ed35d9ba6a58e5ed135a4647884d4fd3597afd97405599d
6dcf1bb1525ff7a430d3965d486f41d5324f8b740845ad98ddfaf100f866752e
700b9eeb42358c5804fbb9c6f1e1592d2a9c6bded9e2fc8524823022b87e9a20
71a8fdaf97655c40070a0fd034eeff672a5526d7d768ccd314f46567a440f57d
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c
75ad826047f2673a90f0aaf4bc97d59642141e4601e86e863c9319f815dffa8a
78b0d29893c756fc8033183d15c66a93c5c72d34fb4567e40e2ebd991c0184b6
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c0b3f6edd440330e57b0dfc7702b54e3e755bef2d4e12d7ed50ecdc40f7c331
7f980ffcfddfbb4055da9bda5186257486054907e98eb4d3718062948138d73d
816fb7089d8322b25c2d39abb1daca3d1149815587e98f162588141dd648cadf
8236a4d608808856af09b9251e7b8a7d581597e8cca68a092b3573fc0b3ce294
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
85270cebffca132bca82d3e2894fa14df8549c498bd31f13c49c05350c3b929b
85344bb97aa113a5a5cea00cdd7c3aa1d317a49641bfeff51b31de9260f99c25
85bda895995d4050c0fd10ac66d74eaf597c11c4c2c10c0ca19203b84c1595d9
89734c02492d82d9541efd36f0536204494afdc762a0676a1041b9907af3ffed
8b325422052351546a5be2cf7114ddb632ff9d748185aee2b6985fbb10cdb497
8d367ba4cafcc93cbdf6096b34c9ff4372aa9f7f4108d334b317884dd19d7188
8e0849ef09c818766247280c33b36da6c6dfc3ea269ed23f2b86cc678fe53dbf
94d5d667a730c3f1ab0d4538ae0856d720351a34a84bb4bfaa95362a2561fe97
952468aa139af415dbecb1cfd65636891c63f0367d3a59c3499f85bd21242e0a
9b2c2b3a279c12a4e2d23e03d513c3cd3449f779d45829cc19d380246d9713f4
9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a633854d157f49f803a6b5dfeb03f2e2e0956474a7974db7d25c396e0c2132a1
a735b37c9a8c3b661aaae8aede4d5130ed16bb77601195629927521cba629a27
a86e367c410aeae763f5e66015e6ce692957cec67f31162d9cbfc217a795f0ee
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6ed52620b0e664886b8e980fe5acc99a3abcdfc1e63ab42cfaab3f5c37d2cc3
beeda9a17b4eee343f7ec43d45f3046b4133b8eea4b23ea0667d206c1d5f7d36
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c3707978595f0587ac83287ce372411c648f43257346d5de528475f57db9082e
c670abf077bc3710acd054f18e0836fd03c6abd6cd6f0b000b9f46993bbe901b
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c752cb4807682d7f0b122b104cf554f76d67529d2fa2e107f43660308ae0073b
c99087229b2898e284b810cb0f9b2fd1e9e81164d0afc756ebfd8cf0bb58ea02
c994b391079dc38db0b6357d793c7efcabd93dcc4112b25990dfadac2e22b9a8
cb4ee0d3052fea0056634cbf4bf2f52abfcd0b0c1d871b4b070d5dfc1cd05427
cc6cdeb45441b1edd12c17a29641742a0d5e3c3d47b32c78f1018494e43ad8b5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d3845ca01b14ee8443a67afa06ac6700ef618faf4390fa0c504c77f5f5b52ab2
d5916e8ec7e52ac38c27502c20b1faf6303c163776ad63cc89543a56b03dbedc
d974a3d87169969cac5d93bcdb6c6276780b7a5ed254d797f0790569c3a11821
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
daab314890951d408604603cdd77b31b63ae2ca9cc3c313673ce259c1575f695
dbf919c623fe30cf34fd247642269e4f68f956992de6c5f087cf860448efdeb0
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e0c9d8c4902557d8bcefcbf5610193a06e02fe8e104e8010f195dbeb75fa5890
e377e2843856483cbbb61c2882a6e171f6de9eb9a7f7d74d7180913987f614a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44b948d9cc4fe04b41f390f115c009a2cefe3205c3da2b1a8a3dde3fbe203f9
e6843ebbc25aab2ea0a89c3941516fe680ef1c8e24f0cc679cfded40613fac3d
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
eb1bd0db878926b6ac2177d3fda76e6dd9d01abe37810eb6db1a1b252a30ff89
ebae52cb771e4e0cc30cb97f975ec51d1bffe1308433d70181ff2957edf4e946
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f1e4af594f586b36e4a1a89d6ad85a061f8139d8a44f4e9eb00e28434d5f599c
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f61d94177f43d0efae2ed5932584636d379cb29801efc0be27d4c5719bfb15e5
f6a9ed90057ad36a18b61529450500cf51a3a6878960eace920c4e10ccd99ca9
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
faea28c78d4591d21a557db7e72596f8155d4ffd54e1f6a9110c98d0815f235f
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.heraldsun.com.au Open in urlscan Pro 2.18.233.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

167 Requests

89 %HTTPS

32 %IPv6

40 Domains

63 Subdomains

50 IPs

7 Countries

2277 kBTransfer

6039 kBSize

43 Cookies

2 Outgoing links

Page URL History

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

89 %
HTTPS

32 %
IPv6

40
Domains

63
Subdomains

50
IPs

7
Countries

2277 kB
Transfer

6039 kB
Size

43
Cookies

167 HTTP transactions
1 data transactions