www.heraldsun.com.au Open in urlscan Pro
184.30.20.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heraldsun.com.au/
Effective URL:
https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Submission: On April 06 via manual (April 6th 2021, 1:50:34 pm UTC) from GB

Summary HTTP 296 Redirects Links 54 Behaviour Indicators

Summary

This website contacted 74 IPs in 8 countries across 66 domains to perform 296 HTTP transactions. The main IP is 184.30.20.111, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2021. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.79.88.36 104.79.88.36	16625 (AKAMAI-AS) (AKAMAI-AS)
5 32	184.30.20.111 184.30.20.111	16625 (AKAMAI-AS) (AKAMAI-AS)
2 9	184.30.20.190 184.30.20.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
1 15	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	2a04:fa87:fff... 2a04:fa87:fffd::c000:42d0	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:212... 2600:9000:2127:8400:1e:c291:240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.95.134.242 52.95.134.242	16509 (AMAZON-02) (AMAZON-02)
1	52.95.132.167 52.95.132.167	16509 (AMAZON-02) (AMAZON-02)
11	104.75.88.206 104.75.88.206	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2 9	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	18.158.93.70 18.158.93.70	16509 (AMAZON-02) (AMAZON-02)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
7 13	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
5 7	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	99.81.198.244 99.81.198.244	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 5	54.36.109.166 54.36.109.166	16276 (OVH) (OVH)
2 2	52.57.251.82 52.57.251.82	16509 (AMAZON-02) (AMAZON-02)
1 1	54.246.18.165 54.246.18.165	16509 (AMAZON-02) (AMAZON-02)
4 4	51.83.111.34 51.83.111.34	16276 (OVH) (OVH)
1 1	172.104.121.22 172.104.121.22	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	52.58.55.232 52.58.55.232	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
4	104.117.204.209 104.117.204.209	16625 (AKAMAI-AS) (AKAMAI-AS)
4	184.24.9.204 184.24.9.204	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:2000:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
16	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:206... 2600:9000:206f:9000:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:218... 2600:9000:2182:f400:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.76 13.226.159.76	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:212... 2600:9000:2127:8800:4:77d:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.111.247.190 104.111.247.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	107.23.100.244 107.23.100.244	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.90.27 65.9.90.27	16509 (AMAZON-02) (AMAZON-02)
1 14	54.154.123.210 54.154.123.210	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
13	52.211.22.238 52.211.22.238	16509 (AMAZON-02) (AMAZON-02)
1	52.30.135.179 52.30.135.179	16509 (AMAZON-02) (AMAZON-02)
2	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1 1	54.171.42.33 54.171.42.33	16509 (AMAZON-02) (AMAZON-02)
1	80.252.91.52 80.252.91.52	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	13.226.89.119 13.226.89.119	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:295::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
12	52.16.188.154 52.16.188.154	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
22	52.21.116.104 52.21.116.104	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.246.217.185 54.246.217.185	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:de00:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	199.127.207.180 199.127.207.180	26120 (RHYTHMONE) (RHYTHMONE)
2	54.72.253.164 54.72.253.164	16509 (AMAZON-02) (AMAZON-02)
1 1	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
1 1	107.21.231.45 107.21.231.45	14618 (AMAZON-AES) (AMAZON-AES)
1	52.51.159.158 52.51.159.158	16509 (AMAZON-02) (AMAZON-02)
1 1	23.45.110.176 23.45.110.176	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
8 8	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
1 1	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
296	74

1 104.79.88.36 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)

heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 184.30.20.111 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-111.deploy.static.akamaitechnologies.com

www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mhr.talk.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 184.30.20.190 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)

origin.go.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:8400:1e:c291:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

s1.rui.au.reastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.134.242 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

news-networkeditorial.s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.132.167 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com

s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.75.88.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-206.deploy.static.akamaitechnologies.com

resourcesssl.newscdn.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.93.70 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.33.221.90 (Amsterdam, Netherlands) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.81.198.244 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-198-244.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.36.109.166 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: p10.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.251.82 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.18.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.83.111.34 (France) 4 redirects

ASN16276 (OVH, FR)

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.121.22 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.55.232 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.117.204.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.24.9.204 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-9-204.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

ts2020-indies-client.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:2000:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:9000:1e:a43d:b640:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2182:f400:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seccdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-76.dus51.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:8800:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.247.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-190.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.100.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.90.27 (United States)

ASN16509 (AMAZON-02, US)

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.154.123.210 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.211.22.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.135.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.42.33 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.252.91.52 (Amsterdam, Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0d3e994a32f79f23ee2be6c7cf92181a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.89.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-89-119.prg50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:295::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.16.188.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 52.21.116.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.217.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:de00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

vrqoifp0xs5ycwwpmoydlll67x8jt1617717014.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.180 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.253.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-253-164.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.27.153 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.231.45 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.159.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.110.176 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-110-176.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.14.49 (Frankfurt am Main, Germany) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.151 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.150 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	568 KB
31	doubleclick.net 7 redirects cm.g.doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net 8228261.fls.doubleclick.net googleads.g.doubleclick.net	156 KB
27	googlesyndication.com pagead2.googlesyndication.com 0d3e994a32f79f23ee2be6c7cf92181a.safeframe.googlesyndication.com tpc.googlesyndication.com	86 KB
25	taboola.com 3 redirects cdn.taboola.com trc.taboola.com trc-events.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com	166 KB
21	heraldsun.com.au 6 redirects heraldsun.com.au www.heraldsun.com.au origin.go.heraldsun.com.au metrics.heraldsun.com.au	637 KB
15	demdex.net 1 redirects dpm.demdex.net newscorpau.demdex.net	19 KB
14	adnxs.com 7 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	15 KB
14	api.news content.api.news	169 KB
11	imrworldwide.com 1 redirects secure-gl.imrworldwide.com cdn-gl.imrworldwide.com seccdn-gl.imrworldwide.com secure-dcr.imrworldwide.com vrqoifp0xs5ycwwpmoydlll67x8jt1617717014.nuid.imrworldwide.com	77 KB
11	newscdn.com.au resourcesssl.newscdn.com.au	74 KB
10	google.com adservice.google.com www.google.com	950 B
10	news.com.au 2 redirects tags.news.com.au mhr.talk.news.com.au	214 KB
9	everesttech.net 9 redirects cm.everesttech.net sync-tm.everesttech.net	2 KB
8	adsrvr.org 4 redirects match.adsrvr.org js.adsrvr.org insight.adsrvr.org	7 KB
7	googletagservices.com www.googletagservices.com	243 KB
5	id5-sync.com 4 redirects id5-sync.com	7 KB
4	google.de adservice.google.de www.google.de	915 B
4	tiqcdn.com tags.tiqcdn.com	22 KB
4	newscorpaustralia.com login.newscorpaustralia.com	12 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com	2 KB
3	casalemedia.com 2 redirects ssum.casalemedia.com dsum-sec.casalemedia.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	googleadservices.com www.googleadservices.com	44 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	21 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	pubmatic.com simage2.pubmatic.com image5.pubmatic.com image2.pubmatic.com	2 KB
3	rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	692 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	amazonaws.com news-networkeditorial.s3-ap-southeast-2.amazonaws.com s3-ap-southeast-2.amazonaws.com	37 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	470 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	528 B
2	googletagmanager.com www.googletagmanager.com	70 KB
2	chartbeat.net ping.chartbeat.net	337 B
2	crazyegg.com script.crazyegg.com	3 KB
2	360yield.com 2 redirects ice.360yield.com	1012 B
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	828 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	perfectmarket.com widget.perfectmarket.com	32 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	591 B
1	facebook.com www.facebook.com	240 B
1	t.co t.co	449 B
1	twitter.com analytics.twitter.com	652 B
1	bluekai.com 1 redirects tags.bluekai.com	838 B
1	eyeota.net 1 redirects ps.eyeota.net	418 B
1	scanscout.com 1 redirects dt.scanscout.com	692 B
1	turn.com 1 redirects d.turn.com	402 B
1	mookie1.com au-gmtdmp.mookie1.com	608 B
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	vidora.com assets.vidora.com	4 KB
1	newscgp.com au.tags.newscgp.com	48 KB
1	chartbeat.com static.chartbeat.com	24 KB
1	web.app ts2020-indies-client.web.app	3 KB
1	rfihub.com 1 redirects p.rfihub.com	780 B
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	gumgum.com 1 redirects rtb.gumgum.com	303 B
1	criteo.com 1 redirects dis.criteo.com	525 B
1	emxdgt.com e1.emxdgt.com	59 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	fontawesome.com use.fontawesome.com	13 KB
1	reastatic.net s1.rui.au.reastatic.net	9 KB
1	speedcurve.com cdn.speedcurve.com	7 KB
296	66

	Domain	Requested by
22	dt.adsafeprotected.com	www.heraldsun.com.au
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
17	www.heraldsun.com.au	5 redirects www.heraldsun.com.au
15	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net www.heraldsun.com.au www.googletagservices.com
14	dpm.demdex.net	1 redirects www.heraldsun.com.au tags.news.com.au
14	content.api.news	www.heraldsun.com.au
13	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.heraldsun.com.au
12	static.adsafeprotected.com	pixel.adsafeprotected.com www.heraldsun.com.au
11	resourcesssl.newscdn.com.au	www.heraldsun.com.au ts2020-indies-client.web.app
9	tags.news.com.au	2 redirects tags.tiqcdn.com au.tags.newscgp.com
8	sync-tm.everesttech.net	8 redirects
8	cdn.taboola.com	www.heraldsun.com.au cdn.taboola.com
7	www.google.com	securepubads.g.doubleclick.net www.heraldsun.com.au
7	www.googletagservices.com	securepubads.g.doubleclick.net
7	cm.g.doubleclick.net	5 redirects www.heraldsun.com.au
7	ib.adnxs.com	4 redirects www.heraldsun.com.au
6	secure.adnxs.com	3 redirects www.heraldsun.com.au
6	trc.taboola.com	1 redirects cdn.taboola.com www.heraldsun.com.au
5	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
5	cdn-gl.imrworldwide.com	www.heraldsun.com.au seccdn-gl.imrworldwide.com secure-gl.imrworldwide.com cdn-gl.imrworldwide.com
5	id5-sync.com	4 redirects www.heraldsun.com.au
4	8228261.fls.doubleclick.net	2 redirects www.heraldsun.com.au
4	tags.tiqcdn.com	www.heraldsun.com.au tags.tiqcdn.com
4	login.newscorpaustralia.com	www.heraldsun.com.au login.newscorpaustralia.com
4	cookie-matching.mediarithmics.com	4 redirects
4	match.adsrvr.org	4 redirects
4	sync.taboola.com	2 redirects www.heraldsun.com.au
3	www.google.de	www.heraldsun.com.au
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com
3	adservice.google.com	securepubads.g.doubleclick.net 8228261.fls.doubleclick.net
3	x.bidswitch.net	3 redirects
3	trc-events.taboola.com	www.heraldsun.com.au cdn.taboola.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.heraldsun.com.au
2	sync.1rx.io	2 redirects
2	sync.search.spotxchange.com	1 redirects www.heraldsun.com.au
2	us-u.openx.net	1 redirects www.heraldsun.com.au
2	insight.adsrvr.org	js.adsrvr.org
2	ssum.casalemedia.com	2 redirects
2	secure-dcr.imrworldwide.com	www.heraldsun.com.au
2	px.ads.linkedin.com	1 redirects www.heraldsun.com.au
2	www.googletagmanager.com	secure-ds.serving-sys.com
2	js.adsrvr.org	secure-ds.serving-sys.com
2	metrics.heraldsun.com.au	tags.news.com.au www.heraldsun.com.au
2	ping.chartbeat.net	www.heraldsun.com.au
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
2	secure-gl.imrworldwide.com	1 redirects www.heraldsun.com.au
2	ice.360yield.com	2 redirects
2	sync-t1.taboola.com	www.heraldsun.com.au
2	ce.lijit.com	1 redirects www.heraldsun.com.au
2	bh.contextweb.com	1 redirects www.heraldsun.com.au
2	pixel.rubiconproject.com	www.heraldsun.com.au
2	rtb.mfadsrvr.com	2 redirects
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	news-networkeditorial.s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	sync.targeting.unrulymedia.com	1 redirects
1	www.facebook.com	www.heraldsun.com.au
1	image2.pubmatic.com	www.heraldsun.com.au
1	dsum-sec.casalemedia.com	www.heraldsun.com.au
1	t.co	www.heraldsun.com.au
1	analytics.twitter.com	static.ads-twitter.com
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net	www.heraldsun.com.au
1	usermatch.krxd.net	1 redirects
1	ps.eyeota.net	1 redirects
1	dt.scanscout.com	1 redirects
1	vrqoifp0xs5ycwwpmoydlll67x8jt1617717014.nuid.imrworldwide.com	www.heraldsun.com.au
1	image5.pubmatic.com	www.heraldsun.com.au
1	token.rubiconproject.com	www.heraldsun.com.au
1	d.turn.com	1 redirects
1	www.linkedin.com	1 redirects
1	au-gmtdmp.mookie1.com	www.heraldsun.com.au
1	acdn.adnxs.com	www.heraldsun.com.au
1	snap.licdn.com	www.heraldsun.com.au
1	static.ads-twitter.com	www.heraldsun.com.au
1	0d3e994a32f79f23ee2be6c7cf92181a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	cdn.adsafeprotected.com	tags.news.com.au
1	seccdn-gl.imrworldwide.com	tags.news.com.au
1	assets.vidora.com	www.heraldsun.com.au
1	au.tags.newscgp.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	ad.doubleclick.net	tags.tiqcdn.com
1	ts2020-indies-client.web.app	www.heraldsun.com.au
1	p.rfihub.com	1 redirects
1	cds.taboola.com	www.heraldsun.com.au
1	bttrack.com	www.heraldsun.com.au
1	s.c.appier.net	1 redirects
1	rtb.gumgum.com	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	www.heraldsun.com.au
1	rtb-csync.smartadserver.com	www.heraldsun.com.au
1	simage2.pubmatic.com	www.heraldsun.com.au
1	match.taboola.com	www.heraldsun.com.au
1	mhr.talk.news.com.au	www.heraldsun.com.au
1	use.fontawesome.com	cdn.taboola.com
1	s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	s1.rui.au.reastatic.net	www.heraldsun.com.au
1	origin.go.heraldsun.com.au	www.heraldsun.com.au
1	cdn.speedcurve.com	www.heraldsun.com.au
1	heraldsun.com.au	1 redirects
296	106

This site contains links to these domains. Also see Links.

Domain
www.plusrewards.com.au
myaccount.heraldsun.com.au
www.escape.com.au
supercoach.com.au
tips.com.au
supercoach.heraldsun.com.au
www.realestate.com.au
heraldsun.digitaleditions.com.au
www.facebook.com
www.twitter.com
www.instagram.com
heraldsun.com.au
myaccount.news.com.au
www.newsletters.news.com.au
www.mytributes.com.au
www.newscorpaustralia.com
www.newsphotos.com.au
www.newsconcierge.com.au
www.dailytelegraph.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.news.com.au
www.theaustralian.com.au
www.themercury.com.au
www.geelongadvertiser.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.townsvillebulletin.com.au
www.thechronicle.com.au
www.ntnews.com.au
www.weeklytimesnow.com.au
www.buysearchsell.com.au
leader.local.heraldsun.com.au
www.foxsports.com.au
www.foxtel.com.au
hipages.com.au
kayosports.com.au
www.punters.com.au
www.odds.com.au
www.racenet.com.au
apps.apple.com
play.google.com
preferences.news.com.au
vip.wordpress.com

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2021-02-25` - `2022-02-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2020	`2020-12-09` - `2022-01-10`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
origin.go.heraldsun.com.au R3	`2021-03-06` - `2021-06-04`	3 months	crt.sh
s1.rui.au.reastatic.net Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.id5-sync.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
web.app GTS CA 1D4	`2021-03-17` - `2021-06-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
au.tags.newscgp.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
*.vidora.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2021-03-17` - `2022-03-22`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
metrics.heraldsun.com.au DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2021-07-15`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
dt.adsafeprotected.com Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2020-06-26` - `2021-07-26`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh

This page contains 41 frames:

Primary Page: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Frame ID: 34D76871DD2EB6056FDAC8CFBDB16E35
Requests: 143 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d9d6a21f-a318-4168-a33f-90a38dbb4104&tbid=81e299e7-4382-4eca-8f02-745f381aeb00-tuct765ec95&query=taboola_hm%3Dd9d6a21f-a318-4168-a33f-90a38dbb4104&isDirect=0
Frame ID: 98309EDD33173FB10469B53106737A14
Requests: 18 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=LaEdOgqfa49Kt3pO.pheZvfQgrxeT2TE&nonce=wokYz5zRnmCevRBURl.S3mmsjqF8ZY4J&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: 0EB542993EB2366D8F00ECF0013C20EE
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=XlY9QHaPYG4xpmeMu7SeoCH_Kx5ZLxgZ&nonce=8C7P6U8f1aX-Vd383DPBlN8J~0dg3M~d&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: A831EBB7CBF91B975A5BDCDBADD38308
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=dihrS~Mf4QuEZU2mNge9BeXwsQIB5Tvv&nonce=JvstREoMqXayZ7RnTuCmeuVxRaAHw~I-&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: 51B37A849C3B2D9156205FDE5A4D9352
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=KnsY46OhOSdwMdicapTBjT8M0VYr1KYt&nonce=cxSajYsSskYwkUgQdImkBZY09KfOXKXu&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: CF4FD75863A3C82F725EAAC8C55B60D4
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 10D3217B9B300C217030FAC412DEA8BA
Requests: 22 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 2D2CA2B5ECE5536AD852ED1836FC90B7
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 28E303F4D803025D6BF4C7778434DCD4
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 44BD205A7E4597421B2ADD5D1D3C9730
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: D09712BA0526812AEA643BCD9F4089DD
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 2D6843D4CE311A37399ACC1DA706D4A8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 54D15CFFFFAEAA2BCDD790B08DBA7B8D
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJiEp8Hh6e8CFQMLBgAdpX4AaQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1565510562737.4133
Frame ID: 4E11CB8980133F7823082612AE82952C
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CO-Fp8Hh6e8CFVQcBgAdn_8AkQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2840590316216.738
Frame ID: 377EE33EA74E732886387107E1FFD43D
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 84AE753AC458A4C2F40B5C6CC20DF836
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 83E1B9ADA12357E85CB07FD6DF587320
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 0E493D2728A1E24064787B21061CDA0F
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 18BB56179D4FB33A9F1C634DF4B64ECA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4JkK6AR9EqTuCWp5L_3vWpta0_r_DcWQ3vSdCGrAYCobEJsk6ovc8VFwV910e8D73vYX_h4e_IDcsB-W1HhD0iDFPgrYDqC7Fd-4DtEOgKmDQvgMtFpQnzPp3--2NbAl12uo6xxm6O2kRfYyx4EUcQKl0t-9O4mKFRflYowlPHX7TGYBSL2beVJi1Lk8zSkhrgk3StnJV9pMh13BCE5vyB25N0Xl9jfUNo9LYo25MzafwrlhNzhh2S9ozptUuIGCG2gX36sFnHp0EyOWuo-UmZJ1xjAZPLJwwqa1GhYESsGfjOA&sai=AMfl-YQcB7xkSDTkrehjFhXt0h5XyZQAK517EdnO3bRLuXddAAv7Qgk8_CEQrXSyo4mGVwT_LN0cdABfkyUK&sig=Cg0ArKJSzPlgwvwwiZp5EAE&adurl=
Frame ID: 1104C65E4D846A308E76E2C9BEC537F6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0jyhcz1OaoJOf3qAwQLS3cIvVqhCZn_JjNLlQ08EQiCxHtSQtn_ucZXa8K2Q3QIRQVxZDEptn5g5uttQPCmm7nkFkA9hWVSXE9xO64MOhFYhHRkCPAE0l0Dh063xrKF-KV3ot8bGQKjRvZ7LS3T4LR-FSrORU_Z7ah5IQr7-KioUHbmGycdSApKsa5CIBz6JHqVNJx5RprvDpylSbJxcgtIr_whjVuEsAeoIfkizgGTlSUCMy-9E7N5gdxnorWZD4XidM7madYfJpcVhzCBjtPMLf47-28CpqGWJsCEVlpEK3Lg&sai=AMfl-YSjUZ6k_Ro5nvhSbrEMRvmR_jNN8zURzxnNNS-kHl8-aXAc3BJOcd0RgjBD0XRKIYypeF_TgtyeBUYT&sig=Cg0ArKJSzFp9qb32kF2uEAE&adurl=
Frame ID: 5B62EEA303A1CFC35F2705AF1E24FE6C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmAJLddmzhhYP1ugN5fGs9OC4Ggm5Dra33MNk5-U2C_XBEEMVQfUUcTxBtRbUo4MIukYLq3ypg9c7DUk9-ChYovHir_lAirIWfHqKUeDcNGuHJu0P4pgb1krbjVIfrn2f1bdroTwwrC2_a20xe8_CRt1GH5NJKmyH2bB52nLsMy1EfMUZHp3jkO0ogTb1gws2wvSH2vyq7DgsYom8faWwufPq29GYZuce-AbdKmd9QFTzWnVzExvwJnricOj3Gpy1H0Dnfz2Z6ccpm8Nusi3YNRhRSOfI3V6rx-leKBHkmo2lFfw&sai=AMfl-YQoVQ2QKa8YzBd9Foqm8x9B8DhdvbupEvKJJFwHBIE7-JlQpa9fEDFgQl3O-I-HKVgWjiHMXDd_jFG2&sig=Cg0ArKJSzK3YwR4jhI66EAE&adurl=
Frame ID: 5B581E350F8328182B7BDC21EE7C6EF1
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXWrTUSb60RkH9hlTbd0bnAJBoKhIpE1fNyVDgNvVApjKO01aRBKoKzxKpie-aGuuBYxvVqnOFmGsf8-IUVHynPThUxdW5mehjf62cwuIDp2EZ8bPaN8B4yz2eWJ221hEGeb5Rd4phXNtFWVYukMZxNhGHwTdRRHp4XBLxD7XJbw9XdPln4hai4aO-vA4t7eFiz7DhKvFt9zsyrVxZuKvWbXzpnaviqQgxjGyyEBhhr6gfVjlsZuLjRNonn5gHJ_ASK-iubdOFp6obeIBKIGIiM1yaVy81lBHxMusr6JCLmRSmjA&sai=AMfl-YRfQ1ZTilewxAMUEkPhXkCs_RqDWpRbwMOY7U-kbbin-vOWx6gFSbx7tryGGVJQhTDpPPEJ1YsxWjVt&sig=Cg0ArKJSzKGoLz_RyysBEAE&adurl=
Frame ID: 18BE5345318ACF8B04F96B788DEEF0A2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-mvbxkF6Yx-JRnPWVWgHeh12wOdpQqaAjCFRcGEj7rFYFP-LRa20Jv0jsI7SXR5EBi2G5c8-wBoOmgI9txjUMSMv98qLM0idx93iHWE2H7J5_3SHVtWC4DYBpVc3-i5xPO6zLaquIi4Dg8QyhKbPEe9p2v-FfTSW5Mml6_5Z_lBWydtHga-c06twOZK36Dv8pN4tDlLElS97bzXNRQhB5TVEFIsAcB6MrsAzEDseZJICBVWre98_V8V0Xt7rWEgoFH5JgotB9fD1wN4_L_Edc2NmlGVkVhh4MSaCXYFTFJS-8Dw&sai=AMfl-YRv60-5s91wdBNVvs8pqhaWwojDpWl-UUrdSzZSL7ARWOqY-9KqMNeQF57gLVwT4_juSDCqNYXV_tak&sig=Cg0ArKJSzNRpPi33PvfXEAE&adurl=
Frame ID: 94A12E019DBA0BF8E160329A67DA4D11
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst71t63Bgk7FI9EW86F-7IORfZF_kxaCNMn0h2upUrNjFhcigbUSXgub_lss8AxS1hObjG74A2hlcybjeB08rntr7ppplbiteasb-c9yjDyMC5qiC49J5c_pJCUBejvSTwa8S2Kpx1eWlC5tzsstmrOjWkhE2WkSZ3ggTLo9aBaw9nrF0J-JoFtGfT2zYmnXfOoLw1xa1aW2Zj1mqnMrpRUoUZA5T-_I448nsE5AWLkZWgbYwjd1XpGbZzuePLLKZgJAmQh_DikcHm8SwzR0tpYjbRePLtdpLBOQkWFvrG5vxTQvA&sai=AMfl-YRNYhemyZs4atdQAf_XClcIWG8i7xw4s35SWoP1pwiHSZLvfWqpHONtnu3rgx6xgVUVC1ax2OKeyhSt&sig=Cg0ArKJSzOPdbLUeM0GeEAE&adurl=
Frame ID: A7EF2E52172C60FD70D9089C6AA6A69E
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1664530819&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e0-96df-11eb-bfee-0a6fa201f3de
Frame ID: 231340E3595BDDBAF7161DBEB6201876
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|3&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=500022270&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e1-96df-11eb-bfee-0a6fa201f3de
Frame ID: 5DF0024F03BC24D74BE04332D7F4A8A2
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1200041157&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e5-96df-11eb-bfee-0a6fa201f3de
Frame ID: 64BE2605E4766D556546D1A2EB5F93B7
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=394379399&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e4-96df-11eb-bfee-0a6fa201f3de
Frame ID: 643725C63ED3EC1E0DAA0714C70E9780
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=770797985&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e2-96df-11eb-bfee-0a6fa201f3de
Frame ID: D7D8A172554BC1D2C3804DF1ECB2C7A5
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1180391997&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e3-96df-11eb-bfee-0a6fa201f3de
Frame ID: F9C49A5CFC10C759DE5B9F9D7462D597
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 11AB684458E8E45514485FB4AEF3B25E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 0BAEAD72FB77537F9CE50372AF864067
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 0AA4D160D4C138E06B6AB717EC82BA8E
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 2A566AB3B5150F24D57E616CF59C12E6
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: CD1BC8D1D37786EC33206788CB41784D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 149DDF0A01BE0D92B25CBE86B0871DC9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: D0A64B01D10854C96635372C44F92695
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 4D03C6CADAE2126A39877E84046431B5
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 0666F1A3BC645CE08ABB47A9566A0992
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 068CB560A4E8C24DB2DCDE7F9B915425
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://heraldsun.com.au/ HTTP 301
http://www.heraldsun.com.au/ HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&161... HTTP 302
https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /serving-sys\.com\//i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

296
Requests

95 %
HTTPS

23 %
IPv6

66
Domains

106
Subdomains

74
IPs

8
Countries

2777 kB
Transfer

7631 kB
Size

32
Cookies

54 Outgoing links

These are links going to different origins than the main page.

URL: https://www.plusrewards.com.au/heraldsun/offers
Title: Rewards

Search URL Search Domain Scan URL

URL: https://myaccount.heraldsun.com.au/s
Title: My account

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/
Title: Travel

Search URL Search Domain Scan URL

URL: https://supercoach.com.au/
Title: SuperCoach

Search URL Search Domain Scan URL

URL: http://tips.com.au/afl/?source_code=HSWEB_TIP1271
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/racing
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/nrl
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://tips.com.au/nrl/
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/travel-advice/why-cant-we-cruisec/news-story/fd3c2f3ae2026d670088807fc4cf64d8

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/destinations/new-zealand/13-things-to-know-before-you-go-to-new-zealand/image-gallery/9bffd9feac46fda14f75b83333a17629?ad_sec2=new-zealand
Title: 13 things you’re getting wrong in NZ

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/top-lists/answer-the-call-of-the-aussie-outback-with-these-standout-station-stays/image-gallery/3d9705fb9846e3ffd96451a39e7d5310?galleryimage=10
Title: 10 standout outback stays

Search URL Search Domain Scan URL

URL: https://heraldsun.digitaleditions.com.au/index.php
Title: Front pageRead today's paper as it was printed.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heraldsun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/theheraldsun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldsunphoto

Search URL Search Domain Scan URL

URL: http://heraldsun.com.au/help-rss

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_GCRACA_W52&hideRegistrationTnC=true
Title: Group/Corporate subscriptions

Search URL Search Domain Scan URL

URL: https://www.newsletters.news.com.au/heraldsun
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.mytributes.com.au/
Title: My Tributes

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/careers
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_SDO_SDO5A_M01
Title: Subscription terms

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_LAPP_17A_W04#subscribe
Title: App only subscription terms

Search URL Search Domain Scan URL

URL: http://www.newsphotos.com.au/C.aspx?VP3=CMS3&VF=Home
Title: Photo Sales

Search URL Search Domain Scan URL

URL: https://www.newsconcierge.com.au/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: The Daily Telegraph

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: Courier Mail

Search URL Search Domain Scan URL

URL: http://www.adelaidenow.com.au/
Title: The Advertiser

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: The Australian

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: The Mercury

Search URL Search Domain Scan URL

URL: https://www.geelongadvertiser.com.au/
Title: Geelong Advertiser

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: The Cairns Post

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: Gold Coast Bulletin

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: Townsville Bulletin

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: The Chronicle

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: NT News

Search URL Search Domain Scan URL

URL: https://www.weeklytimesnow.com.au/
Title: The Weekly Times

Search URL Search Domain Scan URL

URL: https://www.buysearchsell.com.au/
Title: Buy Search Sell

Search URL Search Domain Scan URL

URL: http://leader.local.heraldsun.com.au/
Title: Find Your Local

Search URL Search Domain Scan URL

URL: http://www.foxsports.com.au/
Title: Foxsports

Search URL Search Domain Scan URL

URL: https://www.foxtel.com.au/index.html
Title: Foxtel

Search URL Search Domain Scan URL

URL: https://hipages.com.au/
Title: Hipages

Search URL Search Domain Scan URL

URL: https://kayosports.com.au/
Title: Kayo

Search URL Search Domain Scan URL

URL: https://www.punters.com.au/
Title: Punters

Search URL Search Domain Scan URL

URL: https://www.odds.com.au/
Title: odds.com.au

Search URL Search Domain Scan URL

URL: https://www.racenet.com.au/
Title: racenet.com.au

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/herald-sun/id392582225

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newscorp.heraldsun

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##collect
Title: Find out more about our policy and your choices, including how to opt-out.

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##optout
Title: Relevant ads opt-out

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heraldsun.com.au/ HTTP 301
http://www.heraldsun.com.au/ HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1617717008952785530 HTTP 302
https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1617717010876&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617717010876&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1

Request Chain 53

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d9d6a21f-a318-4168-a33f-90a38dbb4104 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d9d6a21f-a318-4168-a33f-90a38dbb4104&tbid=81e299e7-4382-4eca-8f02-745f381aeb00-tuct765ec95&query=taboola_hm%3Dd9d6a21f-a318-4168-a33f-90a38dbb4104&isDirect=0

Request Chain 55

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=3zY00VkG5e4n&ev=1&orig=trc&pid=562107

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPxXcJ00iN1LlLrgdP98f84&google_cver=1

Request Chain 59

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=81e299e7-4382-4eca-8f02-745f381aeb00-tuct765ec95 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=81e299e7-4382-4eca-8f02-745f381aeb00-tuct765ec95&google_tc=

Request Chain 60

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=065be7d2-a5fc-46ff-a716-d82939cb0177

Request Chain 61

https://ce.lijit.com/merge?pid=42&3pid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 65

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=cf05b75a-da48-4171-97d8-d5506897169a

Request Chain 66

https://id5-sync.com/s/464/9.gif?puid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOIQ7ROuzeg4hHE3Oq_y1IDw4tEAydp6S_m_NVfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOIQ7ROuzeg4hHE3Oq_y1IDw4tEAydp6S_m_NVfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=f81f6c43-c898-4de3-9955-ed75be910d64&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/5/3.gif?puid=e_359012f0-a30f-4006-9eac-553cc94ea432&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEOBTdDoNpdWzpgzL8lHEL3c&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOBTdDoNpdWzpgzL8lHEL3c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEOBTdDoNpdWzpgzL8lHEL3c%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7489696145080625759&opid=apx&ops=&utidl=tech:goo:CAESEOBTdDoNpdWzpgzL8lHEL3c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A16742283896&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

Request Chain 67

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zXfeazs1BkW7ZX5CFWdsYA

Request Chain 70

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=1871597494005300954&expires=30&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6e5c5bb6-1bcf-4175-8396-c3a9f990bfc2

Request Chain 88

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 101

https://www.heraldsun.com.au/undefined HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fundefined HTTP 302
https://www.heraldsun.com.au/undefined HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fundefined&1617717014272875206 HTTP 302
https://www.heraldsun.com.au/undefined?nk=38bb71113ec9746575ae32c31812de25-1617717014

Request Chain 102

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1617717013902 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1617717013902

Request Chain 115

https://cm.everesttech.net/cm/dd?d_uuid=34988654886707717811519152965927344553 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YGxnFgAAADtN0xHl

Request Chain 131

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1565510562737.4133 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJiEp8Hh6e8CFQMLBgAdpX4AaQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1565510562737.4133

Request Chain 132

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2840590316216.738 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CO-Fp8Hh6e8CFVQcBgAdn_8AkQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2840590316216.738

Request Chain 136

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Request Chain 137

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Request Chain 138

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

Request Chain 176

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7546337079938510754

Request Chain 177

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1617717014348&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1617717014348%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1617717014348&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true

Request Chain 196

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4246001032646500585

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzQ5ODg2NTQ4ODY3MDc3MTc4MTE1MTkxNTI5NjU5MjczNDQ1NTM= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNYaTOvhmtY6fdUs0kUHjM&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 226

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=fdf9d5b3-84d1-477f-971a-f682250cfdd8

Request Chain 253

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YGxnF8qyHcELqIFYOQOIZwAA%261122

Request Chain 254

https://dt.scanscout.com/ssframework/uid?UIAA=34988654886707717811519152965927344553&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-232ad95515dca6284384e12bf41c0692

Request Chain 258

https://ps.eyeota.net/match?bid=6j5b2cv&uid=34988654886707717811519152965927344553&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 261

https://usermatch.krxd.net/um/v2?partner=adobe&id=34988654886707717811519152965927344553 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=34988654886707717811519152965927344553

Request Chain 263

https://tags.bluekai.com/site/43981?id=34988654886707717811519152965927344553&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=gKn%2F%2Fx9999eSpshQ

Request Chain 266

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUd4bkZnQUFBRHROMHhIbA==

Request Chain 270

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YGxnFgAAADtN0xHl&expires=90

Request Chain 271

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YGxnFgAAADtN0xHl

Request Chain 273

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YGxnFgAAADtN0xHl

Request Chain 274

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YGxnFgAAADtN0xHl HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YGxnFgAAADtN0xHl

Request Chain 277

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YGxnFgAAADtN0xHl

Request Chain 278

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YGxnFgAAADtN0xHl&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YGxnFgAAADtN0xHl&img=1&__user_check__=1&sync_id=048a0b7b-96df-11eb-95a1-1a7ccaea4906

Request Chain 279

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YGxnFgAAADtN0xHl&t=2592000&o=0

Request Chain 280

https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=ec446ca7-0c31-4714-9f9a-ad732a51c38f-tuct765ec96

Request Chain 281

https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1617717016568 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-85c2d461-e54b-40fe-b9fb-6985c2881f33-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-85c2d461-e54b-40fe-b9fb-6985c2881f33-003 HTTP 302
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-85c2d461-e54b-40fe-b9fb-6985c2881f33-003

296 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldsun.com.au/
Redirect Chain

http://heraldsun.com.au/
http://www.heraldsun.com.au/
https://www.heraldsun.com.au/
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1617717008952785530
https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008

407 KB
72 KB

1737ms
1737ms

Document
text/html

184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

984715c39dc0245d7df016d5a165dea655750acd9af57fc3297a8f4c74d8163d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.heraldsun.com.au
:scheme: https
:path: /?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: n_regis=123456789
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=WQlyDPmymAtuAwZTAJz0xCLawELfBtMnq04IzDCSqOQHAuqQs8sntDYZTv5AZwobcBA6K020T8ay1LOUkWmRpKZGtUs6aDIoQZ48AdOyt1OAiqQp6HEUQ+9WAfvI; Expires=Tue, 13 Apr 2021 13:50:09 GMT; Path=/ nk=310324cfa5bc6eeeeb75bd5cff4bff7c; expires=Fri, 05 Apr 2024 13:50:10 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=WQlyDPmymAtuAwZTAJz0xCLawELfBtMnq04IzDCSqOQHAuqQs8sntDYZTv5AZwobcBA6K020T8ay1LOUkWmRpKZGtUs6aDIoQZ48AdOyt1OAiqQp6HEUQ+9WAfvI; Expires=Tue, 13 Apr 2021 13:50:09 GMT; Path=/; SameSite=None; Secure
x-powered-by: WordPress VIP <https://wpvip.com>
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=310324cfa5bc6eeeeb75bd5cff4bff7c
x-arrrg5: BlaizeHappened
x-rq: ewr4 119 71 3093
x-xss-protection: 1
x-content-type-options: nosniff
host-header: a9130478a60e5f9135f765b23f26593b
content-encoding: gzip
cache-control: max-age=5
expires: Tue, 06 Apr 2021 13:50:15 GMT
date: Tue, 06 Apr 2021 13:50:10 GMT

Redirect headers

server: AkamaiGHost
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
set-cookie: nk=310324cfa5bc6eeeeb75bd5cff4bff7c; expires=Fri, 05 Apr 2024 13:50:08 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version: 1.0
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary: Accept-Encoding
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
expires: Tue, 06 Apr 2021 13:50:08 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Tue, 06 Apr 2021 13:50:08 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 55 B
674 B 203ms
202ms Stylesheet
text/css 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 74
x-rq: ewr4 114 24 3161
last-modified: Wed, 10 Mar 2021 01:11:17 GMT
server: nginx
etag: "60481cb5-37"
vary: User-Agent
content-type: text/css
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 06 Apr 2021 13:50:11 GMT

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 21 KB
7 KB 26ms
8ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 8e0cf75c2cfcb35edbce8e01875f1690dc3ffbfbb3eff4f3e02f69da5a5d6846

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
via: 1.1 vegur, 1.1 varnish
age: 181
x-cache: HIT
x-cache-hits: 4
content-encoding: gzip
content-length: 6820
x-served-by: cache-hhn4065-HHN
last-modified: Tue, 06 Apr 2021 13:47:10 GMT
server: Apache
x-timer: S1617717011.670405,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Apr 2021 13:47:10 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 256 KB
35 KB 24ms
8ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82514e1e462f6457909cf3b5dff7604e9bbc3041896b6fdf55760e15a485f0e3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YxrV.P3tdHyV73AMg0GNMPs0CHFjK6MF
content-encoding: gzip
etag: "402b07e0f546be095cdd8eec2cba4585"
age: 12412
x-cache: HIT
content-length: 35586
x-amz-id-2: AUMV+eNM0lVrsiCn+N+bHQL9JZF/uJEJfcMkNCcfvVDyVvdJ7yKOuut9oK+QXJvhRNYEXXxseBI=
x-served-by: cache-hhn11546-HHN
last-modified: Tue, 06 Apr 2021 10:19:28 GMT
server: AmazonS3
x-timer: S1617717011.679766,VS0,VE0
date: Tue, 06 Apr 2021 13:50:10 GMT
vary: Accept-Encoding
x-amz-request-id: NRPEN6Q8C0B7V9Q0
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 57
x-cache-hits: 2

GET
H2 200 heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
4 KB 30ms
30ms Image
image/svg+xml 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 3055
x-rq: bom2 116 215 3090
last-modified: Fri, 06 Nov 2020 23:30:15 GMT
server: nginx
etag: W/"5fa5dc87-1f69"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1344279
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 22 Apr 2021 03:14:49 GMT

GET
H2 200 3e7a7f223d6c6159f1793e1fe82ddc37
content.api.news/v3/images/bin/ 45 KB
45 KB 147ms
144ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/3e7a7f223d6c6159f1793e1fe82ddc37?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d2f590122902bfd8ad07c47e79ae0f0808bd7fca0d65a1051b7e69f10747eae7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 3e7a7f223d6c6159f1793e1fe82ddc37
date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Tue, 06 Apr 2021 10:43:08 GMT
server: Akamai Image Manager
etag: 1df8dbf2b899099df0ff2a73603d2cad-3e7a7f223d6c6159f1793e1fe82ddc37-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5172826
access-control-allow-headers: x-newsapi-api-key
content-length: 45668
expires: Sat, 05 Jun 2021 10:43:56 GMT

GET
H2 200 6dda349323a3d8d5aef362f9f80892fe
content.api.news/v3/images/bin/ 4 KB
4 KB 142ms
139ms Image
image/webp 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/6dda349323a3d8d5aef362f9f80892fe?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 375a340d4f7ef918da866a93a72fca1a4c97f2df3ae5846952bda81fd4583ea4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 6dda349323a3d8d5aef362f9f80892fe
date: Tue, 06 Apr 2021 13:50:10 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: ff68c697138764b5add658216926c674-6dda349323a3d8d5aef362f9f80892fe-150
x-serial: 963
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5173596
last-modified: Tue, 06 Apr 2021 10:55:32 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 3932
expires: Sat, 05 Jun 2021 10:56:46 GMT

GET
H2 200 2133815416e2719f68c02230c0856cb7
content.api.news/v3/images/bin/ 3 KB
4 KB 159ms
155ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/2133815416e2719f68c02230c0856cb7?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e8fac3132dbd328ef02a496f32da02013056cbdf074dcb9ee4a46bd6c90bfbdb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 2133815416e2719f68c02230c0856cb7
date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Tue, 06 Apr 2021 09:17:21 GMT
server: Akamai Image Manager
etag: 59f31141403182f29ce11c99a6260dc1-2133815416e2719f68c02230c0856cb7-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5167706
access-control-allow-headers: x-newsapi-api-key
content-length: 3460
expires: Sat, 05 Jun 2021 09:18:36 GMT

GET
H2 200 0ec2a2333029ca986b732894b5c30643
content.api.news/v3/images/bin/ 5 KB
5 KB 148ms
145ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/0ec2a2333029ca986b732894b5c30643?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3b7a4d21db7aa4f3a436d1810359a145761bdba6d2841e32ea4746ac828e7d93

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 0ec2a2333029ca986b732894b5c30643
date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Tue, 06 Apr 2021 10:16:21 GMT
server: Akamai Image Manager
etag: d3a11250c65b2a088fbc9066d559be29-0ec2a2333029ca986b732894b5c30643-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5171208
access-control-allow-headers: x-newsapi-api-key
content-length: 4627
expires: Sat, 05 Jun 2021 10:16:58 GMT

GET
H2 200 fbda59d5140ed721cedb48e0c0d3cb2e
content.api.news/v3/images/bin/ 4 KB
5 KB 127ms
124ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/fbda59d5140ed721cedb48e0c0d3cb2e?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 1dc8fc20df07f904a8fb522851580fa578aeeb0b575a0d602c4bb0eed4edb96b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: fbda59d5140ed721cedb48e0c0d3cb2e
date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Tue, 06 Apr 2021 02:51:43 GMT
server: Akamai Image Manager
etag: b739a37022eb8d2b7ce62fa81024263e-fbda59d5140ed721cedb48e0c0d3cb2e-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5144413
access-control-allow-headers: x-newsapi-api-key
content-length: 4499
expires: Sat, 05 Jun 2021 02:50:23 GMT

GET
H2 200 269c86011d51de1b5704034e022d4afc
content.api.news/v3/images/bin/ 30 KB
30 KB 85ms
83ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/269c86011d51de1b5704034e022d4afc?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8c540ef7c6126c4804e6a5bd4af25a78b0a124493221a25a9e3ae1109b685b61

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 269c86011d51de1b5704034e022d4afc
date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Tue, 06 Apr 2021 08:44:35 GMT
server: Akamai Image Manager
etag: f432566598dd7d21c6d6158e306ba8f6-269c86011d51de1b5704034e022d4afc-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5165639
access-control-allow-headers: x-newsapi-api-key
content-length: 30707
expires: Sat, 05 Jun 2021 08:44:09 GMT

GET
H2 200 5bec146d61b4cd6ca3f6e526525195d5
content.api.news/v3/images/bin/ 20 KB
21 KB 57ms
56ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/5bec146d61b4cd6ca3f6e526525195d5?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a13530920002b36c6554067b4e9adbef0dceb3d14928f775743bbf539f7a8d9f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 5bec146d61b4cd6ca3f6e526525195d5
date: Tue, 06 Apr 2021 13:50:10 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 58a51829bc7b1fc6a2d9bcf350578c38-5bec146d61b4cd6ca3f6e526525195d5-650
x-serial: 1845
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5176722
last-modified: Tue, 06 Apr 2021 11:48:40 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 20981
expires: Sat, 05 Jun 2021 11:48:52 GMT

GET
H2 200 1for28-Jan21-MP-BOB-Image-350x197-1.jpg
origin.go.heraldsun.com.au/wp-content/uploads/2021/02/ 43 KB
44 KB 26ms
6ms Image
image/jpeg 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.heraldsun.com.au/wp-content/uploads/2021/02/1for28-Jan21-MP-BOB-Image-350x197-1.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e9dea41b08c540db79054b5440e3312cc8cb429c40b9f78dd2abbffd277a05f4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
x-rq: hhn2 109 144 443
last-modified: Wed, 03 Feb 2021 04:23:14 GMT
server: nginx
etag: "058b11c021b931c7"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 44497
expires: Thu, 03 Feb 2022 04:29:32 GMT

GET
H2 200 rea-logo-v4.png
s1.rui.au.reastatic.net/rui-static/img/ 8 KB
9 KB 55ms
11ms Image
image/png 2600:9000:2127:8400:1e:c291:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.rui.au.reastatic.net/rui-static/img/rea-logo-v4.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8400:1e:c291:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Nov 2020 21:19:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Fri, 11 Aug 2017 05:25:43 GMT
server: AmazonS3
age: 13451413
etag: "7fb1763135890cdfa60dcb405cd51572"
x-cache: Hit from cloudfront
x-amz-version-id: itrxET0Vrz4We1UVf0nZMlYhOyBF2D8w
cache-control: max-age=20221025
x-amz-replication-status: COMPLETED
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: image/png
content-length: 8533
x-amz-cf-id: jXhRToIUM7Dxd8aguEVt0gdLVdcfmOIZ8RbIGNlzr0m-bjgVKs1TlQ==

GET
H/1.1 200
OK games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 4 KB
5 KB 1199ms
306ms Image
image/svg+xml 52.95.134.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.242 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 13:50:12 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: CATW18JJE0QDZNXB
ETag: "2fa79b1c302fa407df95b287a47e01bc"
Content-Type: image/svg+xml
x-amz-version-id: mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges: bytes
Content-Length: 4533
x-amz-id-2: 62yd9py0zqpfYK5wSU/U24dfLQvYfJSOXSzBQvAJ7tTK7tgdmmblp5uu8jh2sDUsqGENXogCnH0=

GET
H/1.1 200
OK horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 9 KB
9 KB 1196ms
308ms Image
image/svg+xml 52.95.134.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.242 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 13:50:12 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: CATTJTMFPW9BT4AT
ETag: "e9dc4230a2305a0cb7743e2ade763349"
Content-Type: image/svg+xml
x-amz-version-id: NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Accept-Ranges: bytes
Content-Length: 9223
x-amz-id-2: N5fhLbZXSJPIJkqLwB6dCqVhchDKOzR+uWV5pHgEJSYkLk/cQq/9gytgrjfuc9tI62QKus/8DzY=

GET
H/1.1 200
OK NCHRS_thumb.jpg
s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/ 22 KB
22 KB 1232ms
324ms Image
image/jpeg 52.95.132.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/NCHRS_thumb.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.167 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 76ac1493aecf8ca2ed7e0661545482b57d72faaf8c6a3d1726c34eb717e8f15e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 13:50:12 GMT
Last-Modified: Mon, 05 Apr 2021 16:01:07 GMT
Server: AmazonS3
x-amz-request-id: CATNHDWZ1229FW5T
ETag: "aa16c3de414b51c2783b8427e4a904e7"
x-amz-version-id: 39anys9xh2YrucVUQkKIsmwBtZnv00SS
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 22502
x-amz-id-2: RDZr6RcKFYJnZi3fiNXMV7hTMQaD9alM6GcKpn8YooZxBYaaFvyMhAhOhDLWWXM0jYZfPGkZt2M=
x-amz-meta-s3b-last-modified: 20210405T155237Z

GET
H2 200 heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
3 KB 98ms
97ms Image
image/svg+xml 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2891
x-rq: ewr4 113 245 3165
last-modified: Tue, 02 Feb 2021 00:35:25 GMT
server: nginx
etag: W/"60189e4d-1e5e"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1408276
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 22 Apr 2021 21:01:26 GMT

GET
H2 200 js-critical-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 5 KB
2 KB 242ms
242ms Script
application/javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4c7108c3e044640422f7b3315ab438261953270b64e941b82a38f1d474e01ded

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 1906
x-rq: ewr4 118 215 3242
last-modified: Wed, 24 Mar 2021 02:23:22 GMT
server: nginx
etag: W/"605aa29a-1246"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 06 Apr 2021 13:50:11 GMT

GET
H2 200 title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 540 B
860 B 81ms
23ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Wed, 16 Sep 2020 23:56:43 GMT
server: AmazonS3
x-amz-request-id: 4R7K4V2MCP8N6R9R
etag: "4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=253699
accept-ranges: bytes
content-length: 540
x-amz-id-2: yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
expires: Fri, 09 Apr 2021 12:18:29 GMT

GET
H2 200 title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 535 B
855 B 38ms
26ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Thu, 17 Sep 2020 00:28:25 GMT
server: AmazonS3
x-amz-request-id: BX6X5G9GEK1G9M4M
etag: "b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=215231
accept-ranges: bytes
content-length: 535
x-amz-id-2: DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
expires: Fri, 09 Apr 2021 01:37:21 GMT

GET
H2 200 source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 93ms
23ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Tue, 01 Sep 2020 04:31:33 GMT
server: AmazonS3
x-amz-request-id: 34B4778288C88CAA
etag: "899c8f78ce650d4009d42443897aa723"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=404728
accept-ranges: bytes
content-length: 16112
x-amz-id-2: 0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
expires: Sun, 11 Apr 2021 06:15:38 GMT

GET
H2 200 source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 95ms
26ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Tue, 22 Sep 2020 06:30:09 GMT
server: AmazonS3
x-amz-request-id: B9F079BFD69B8BC1
etag: "c85615b296302af51e683eecb5e371d4"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=559600
accept-ranges: bytes
content-length: 15948
x-amz-id-2: DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
expires: Tue, 13 Apr 2021 01:16:50 GMT

GET
H2 200 charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 12 KB
12 KB 113ms
43ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: EE3D21683166F96F
etag: "da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=544927
accept-ranges: bytes
content-length: 12440
x-amz-id-2: BGzA4H6MhiNFsVMRHnDid7w0RneCV9f+L69FdEMmbqtC5J6BXqShCVeo7uP6Jum7BVtWfb2VAeI=
expires: Mon, 12 Apr 2021 21:12:17 GMT

GET
H2 200 charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 107ms
38ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 03A09A05F9B00284
etag: "c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=79228
accept-ranges: bytes
content-length: 11472
x-amz-id-2: 7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
expires: Wed, 07 Apr 2021 11:50:38 GMT

GET
H2 200 charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
11 KB 110ms
44ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 4N2W2Y6HDY8Z3Q2W
etag: "29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=106989
accept-ranges: bytes
content-length: 11372
x-amz-id-2: Z1HhaEEhR+4SW45rFV+SZJ/QiklrgDUhrbvWmFxzzpa1Kifm2MvbbI9Ateo09sYRHNLYlfgsmGM=
expires: Wed, 07 Apr 2021 19:33:19 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 3 KB
2 KB 210ms
162ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding: gzip
etag: "1a868d280f9424f5d82876d6cf0c46b9"
age: 159
x-cache: HIT, MISS
content-length: 1123
x-amz-id-2: eNlZtOICWO6KiOJdC+yZO0IKnmF1UQ4nDWJLggQEmUbac/AVNhqrBcs1iEuWeyEbd+D8TUAoLT0=
x-served-by: cache-sna10722-LGB, cache-fra19175-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1617717011.896173,VS0,VE148
date: Tue, 06 Apr 2021 13:50:11 GMT
vary: Accept-Encoding,,
x-amz-request-id: 1B4A80E5B7FD8AB9
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20210406-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 476 KB
109 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83d8954d30034cc91b28572289b43478e10982fa4149cc358456a2493c2b1d66

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rLJ92lBU3RqOJMTJh5LXtsaSRAioZ1uE
content-encoding: br
etag: "3a83308a8fe7086bc32fe56d25665737"
age: 21896
x-cache: HIT
content-length: 111743
x-amz-id-2: Pi39iwY3X2JbJp01BFHzbvmsboe8VKjl2WO9O1O2mOHe4Zu4hmGzHjMdcQ8kPK9wG5SLFJmJeZc=
x-served-by: cache-hhn11546-HHN
last-modified: Tue, 06 Apr 2021 07:27:59 GMT
server: AmazonS3-br
x-timer: S1617717011.849746,VS0,VE0
date: Tue, 06 Apr 2021 13:50:10 GMT
vary: Accept-Encoding
x-amz-request-id: 2DFNPWZQKMJ7RDBQ
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 0
x-cache-hits: 147458

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 29ms
9ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 13:50:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 07 Apr 2021 13:50:10 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1617717010876&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=ht...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617717010876&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=h...

0
528 B

8ms
7ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617717010876&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:10 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1617717010876&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:10 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
13 KB 7ms
7ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:10 GMT
content-encoding: gzip
last-modified: Thu, 20 Dec 2018 17:45:13 GMT
server: NetDNA-cache/2.2
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 json Show response
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 3 KB
2 KB 227ms
225ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=15%3A50%3A10.894&lti=deflated&data=%7B%22id%22%3A733%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1617704366352%2C%22vi%22%3A1617717010893%2C%22cv%22%3A%2220210406-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A10235%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A977%2C%22mw%22%3A194%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 10864dee76224887c8561485c8e2df963076c1f3c21fe7cf01c9a25fd94ac6f5

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 218
date: Tue, 06 Apr 2021 13:50:11 GMT
content-encoding: gzip
server: nginx
x-timer: S1617717011.901520,VS0,VE218
x-served-by: cache-hhn11546-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 267 KB
83 KB 2589ms
2588ms Script
application/x-javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

f3ee7f733586379df35b59416987e636427861079c0780e08be2feff3c2af0a1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "c9af8698c6758bd5b432f7c4daa8bddc:1617077678.533746"
vary: User-Agent, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1240
date: Tue, 06 Apr 2021 13:50:13 GMT
is-https: true
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 06 Apr 2021 14:10:53 GMT

GET
H2 200 js-metro-desktop-lazy.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 46 KB
15 KB 235ms
234ms Script
application/javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0d1a3c54c054a009aae3234768136c7eade13470e35960191f533fd775bdce00

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:11 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 14414
x-rq: ewr4 119 71 3093
last-modified: Mon, 29 Mar 2021 02:36:00 GMT
server: nginx
etag: W/"60613d10-b700"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=36
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 06 Apr 2021 13:50:47 GMT

GET
H2 200 js-weather.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
2 KB 2005ms
2004ms Script
application/javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2a2faf3cda959657a8da8280aa148ade2cff908e398ecf290cf0e45800e5b6aa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:12 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 1936
x-rq: ewr4 116 88 3255
last-modified: Wed, 24 Mar 2021 02:23:26 GMT
server: nginx
etag: W/"605aa29e-17b8"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=35
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 06 Apr 2021 13:50:47 GMT

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 111 KB
30 KB 15ms
14ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding: gzip
etag: "b7fcedf037c57085d364b689ca46f32e"
age: 3461988
x-cache: HIT, HIT
content-length: 30954
x-amz-id-2: XYQIZuXRGQLKpCjteWRIfe40KimlZFo+XFfJxMKCMpux3s7oK/kaztSR9488086wgvaYehwdgxg=
x-served-by: cache-lax10642-LGB, cache-fra19175-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1617717011.060760,VS0,VE0
date: Tue, 06 Apr 2021 13:50:11 GMT
vary: Accept-Encoding,,
x-amz-request-id: A8BCB608B0341C35
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 2

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 13 KB
5 KB 10ms
10ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2b270cc83dab8052ff0d72ba98dacdef370d7fb2d32dd2ec0fe8c1250f69a91

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: L1kbHDbf_e0AqKDowoOJuBKROhpDLM7M
content-encoding: gzip
etag: "430fabf2750cc6378996bf4e9374bf14"
age: 11685
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4445
x-amz-id-2: fXPUgbv/QRUxo+WJ77rfT/Pqff+kBxk8xbB3YlD5dNAWR6tyAmyFA9l1+4epHIubDv2dOFqJBXc=
x-served-by: cache-hhn11546-HHN
last-modified: Mon, 05 Apr 2021 10:35:07 GMT
server: AmazonS3
x-timer: S1617717011.134677,VS0,VE0
date: Tue, 06 Apr 2021 13:50:11 GMT
vary: Accept-Encoding
x-amz-request-id: JMYW4M8H6H99QGWJ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 0
x-cache-hits: 135152

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
931 B 10ms
10ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce0858f83676ad66028a164ec2f9f09419b4eb7189de81011e83e3b62e9aa80c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: BCBvei2OCeA391d16bHrGNyf2RfDpAMD
content-encoding: gzip
etag: "d8bffbb4d1e02ff053e984129b839203"
age: 11681
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 683
x-amz-id-2: uDqNizeR9umMjHpG2zI+CyxDzJnyD/2GCLAnaWqDO8lPSydRN9gtarrHbi4q4Ns3iVYnqqnJS64=
x-served-by: cache-hhn11546-HHN
last-modified: Mon, 05 Apr 2021 10:35:08 GMT
server: AmazonS3
x-timer: S1617717011.134662,VS0,VE0
date: Tue, 06 Apr 2021 13:50:11 GMT
vary: Accept-Encoding
x-amz-request-id: Q8W3G6D5N8T5X516
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 0
x-cache-hits: 134718

GET
H2 200 tfa-eid.20210406-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 9ms
8ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210406-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26d7181620be300c6568ac9d72aac042d93498380bc83d5545db0d22073e21ea

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Dhr715km3x8DBJebrOJDM2LRfDWhz7_4
content-encoding: gzip
etag: "31cd0debd1e5c63aede5c89d58243786"
age: 11414
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4857
x-amz-id-2: yv8B5QSl9U03WfFzIEXhSRo8mAuXrXnZBmr5J+duCnoqeovCbr1etAfjLVZCwFeb3gAEUaAkH7E=
x-served-by: cache-hhn11546-HHN
last-modified: Tue, 06 Apr 2021 10:39:55 GMT
server: AmazonS3
x-timer: S1617717011.137782,VS0,VE0
date: Tue, 06 Apr 2021 13:50:11 GMT
vary: Accept-Encoding
x-amz-request-id: F02CYXRKK861C3SA
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 0
x-cache-hits: 119319

GET
H2 200 sha256.20210406-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210406-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99da5c0f78a0aa5fde3c413e67522c36d2d97af7a2823e892afd082e38d052b1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lj9aJl4qBHDhe_27jkbraYLBUOL86FSP
content-encoding: gzip
etag: "c1a4b4e5c8315bf49a86715df01ea1f5"
age: 11406
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2596
x-amz-id-2: NeTOMdUi3aAmIff0qKl6Pci+8ndM1ltFiQHN/K0J4E4R+mpsfUHzNN81Ko+u/WQf11bzVzzBx9o=
x-served-by: cache-hhn11546-HHN
last-modified: Tue, 06 Apr 2021 10:40:05 GMT
server: AmazonS3
x-timer: S1617717011.137649,VS0,VE0
date: Tue, 06 Apr 2021 13:50:11 GMT
vary: Accept-Encoding
x-amz-request-id: S651ZQ3RW84HRH8M
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 0
x-cache-hits: 113519

GET
H2 200 distance-from-article.20210406-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20210406-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39329adf9781c76871395285f61b410dacef156ac5bd7d8a52e49743ed986269

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lY.jVbj7anz_qCYhj0a.46TQ6dh80ZOj
content-encoding: gzip
etag: "af19d0215ab4a16495259ab3f98e90f5"
age: 11379
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1012
x-amz-id-2: tIkGUxQJc6AwJd5nzZG1vZaGudtmod0mANdMUkTTgXcf6VTEv/qlcXP/tIoRREsJT1lRXpMWvpo=
x-served-by: cache-hhn11546-HHN
last-modified: Tue, 06 Apr 2021 10:40:29 GMT
server: AmazonS3
x-timer: S1617717011.141808,VS0,VE0
date: Tue, 06 Apr 2021 13:50:11 GMT
vary: Accept-Encoding
x-amz-request-id: 0J8Q0G0YBRMDPY7V
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 0
x-cache-hits: 9930

GET
H2 200 article-detection.20210406-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20210406-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c54d59b7fe2d9ab259d3dfc093728caf146b5841056fb0f39aaf9a8eb48d1eb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3HE0SUDeypiAYw7kkg8SP2B0_ipkIiMF
content-encoding: gzip
etag: "db2a1c7d8cfcb561acf8571d2f9bd740"
age: 11364
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 864
x-amz-id-2: djhYqBpj/jOz+dy0RghVtwOZZcCh0EA8t1s2ecHCjRGESYoQioHN2H74C1hrYbh8kca/U6h21oo=
x-served-by: cache-hhn11546-HHN
last-modified: Tue, 06 Apr 2021 10:40:39 GMT
server: AmazonS3
x-timer: S1617717011.142084,VS0,VE0
date: Tue, 06 Apr 2021 13:50:11 GMT
vary: Accept-Encoding
x-amz-request-id: 5NSJ6T2VAS5G3WQ8
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 0
x-cache-hits: 9908

GET
H2 204 debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 0
278 B 66ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=15%3A50%3A11.136&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-midrail-native&id=302&cv=20210406-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:11 GMT
server: nginx
x-fastly-to-nlb-rtt: 12061
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.34.222:10213

GET
H2 204 social
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
276 B 38ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=28619590deb3f11d24d79175c652129e&sd=v2_6e1dfa96db909f8774b772a3c4711a50_70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92_1617717010_1617717010_CIi3jgYQgPNHGM3DyruKLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ui=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&pi=/&wi=873729681997272865&pt=home&vi=1617717010893&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=15%3A50%3A11.168&id=3142&llvl=1&cv=20210406-4-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:11 GMT
server: nginx
x-fastly-to-nlb-rtt: 12061
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.175:10213

GET
H2 204 supply-feature
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
290 B 21ms
20ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=28619590deb3f11d24d79175c652129e&sd=v2_6e1dfa96db909f8774b772a3c4711a50_70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92_1617717010_1617717010_CIi3jgYQgPNHGM3DyruKLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ui=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&pi=/&wi=873729681997272865&pt=home&vi=1617717010893&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A557%2C%5C%22articleClasses%5C%22%3A%5C%22site-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22SECTION%5C%22%2C%5C%22threshold%5C%22%3A%5C%22246%5C%22%7D%22%7D&tim=15%3A50%3A11.180&id=2335&llvl=1&cv=20210406-4-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 06 Apr 2021 13:50:11 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617717011.188016,VS0,VE9
x-served-by: cache-hhn11546-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 comments-count Show response
mhr.talk.news.com.au/api/v1/ 1 KB
1 KB 120ms
96ms Fetch
application/json 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mhr.talk.news.com.au/api/v1/comments-count?ids=423c4cedd12a64950edf6dc3b1c96f08,7774a64f8e157816f7a364ad4655ddee,152b648e287786bb41b7ac374cd22783,4752defcddd48c96e55fb9ef6ab1614f,3f2445a91cd145b49703e7edb5bf4bf5,1c77c48a423ac852f769fe427747662c,8b3bc811094f97a5c79828a2285fa985,15c03c97bf8ae962622eb0e2c786ffa7,a65143668d61d7c781afb1d35a8a9eab,c8bc270cd894c3a20788682fd9e611bf,0177ea7be40e9bf23c3d562a27f23512,b3ad4577eafc4516087f7ac6b361719b,e1bbbe43960e0d8680589b3cc1902e62,967dcd127244af0a6179582b608dfb3f,2a8240fee95f30864e3f01940b80ade5,f6cebf32983aba684a70450e1e84b77b,472d5b58bc89f3a23bc1ab94d045e22e,8ee48258625cc177f9df39fc9dbfdb00,531c5345031ae227d9dbb90453eb53d9,b4b844eef11c967508d9ceac9feb7e82,1d735da7b5c10012e983b5a74a73274f,852b1275bd06aa583b2edba20cfbd5d2,ea3fc97eec354f8f4acd8b202c91f051,b3bb61cb2c4f17c965d926f9ba6dd2ef,4aaa2813ac02421a41795d2632507caa,5cbbb519d96859bb600a7bd1bd34c697,7b926e42857ead44b8ed758cbe50d133,c60b0bc513d178ba1dfa3a3190ad5e65,aab8595ef95f48fa566e38b137eb2014,bcf98869412390464400b76b11724754,38f8cdc96ae7528729a8a88334119564,9790ea27bbebcf6c78d33b86328c7a24,34e2c7b90738cd7d609a66116a660f42,3fb01651b588bf7f5d3f7ea1292a778b,a8e8ca217d9ac8073f9a126a79abd41a,eee0a65e688bfb34ee88d23f3f3116a6,392ff0738137df193e512641b1f22894,a89d5c3337189c59c772cc9259dec330,4b3affee0b0610a47afade42396db09e

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx/1.16.1 /

Resource Hash

5b9aab3bb16d6352c51e70d63eb499b693ee9653fbb0ffe096089c27b7347ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.16.1
etag: W/"5b8-ud8Xb4c7kXMLvqYXaWSEjdPg0AE"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
access-control-allow-origin: *
date: Tue, 06 Apr 2021 13:50:11 GMT
x-talk-trace-id: d99bfe70-96dd-11eb-b1aa-2bacb53dee0c
vary: Accept-Encoding
content-length: 839
x-xss-protection: 1; mode=block

GET
H2 200 1d51fb1d59225f7e7b45d0ec076df166
content.api.news/v3/images/bin/ 4 KB
4 KB 197ms
196ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/1d51fb1d59225f7e7b45d0ec076df166?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4ffb9b8d2e1b755955b85e80bf72933d73ce975fe6985fe5c3ebc86c36c3bc63

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 1d51fb1d59225f7e7b45d0ec076df166
date: Tue, 06 Apr 2021 13:50:11 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 58cd5809ef1e342d03057e18cdd14b8e-1d51fb1d59225f7e7b45d0ec076df166-150
x-serial: 1687
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5168107
last-modified: Tue, 06 Apr 2021 09:25:18 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 3806
expires: Sat, 05 Jun 2021 09:25:18 GMT

GET
H2 200 9a5d822c33a58e7e5f2902d832f348c3
content.api.news/v3/images/bin/ 5 KB
6 KB 94ms
93ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/9a5d822c33a58e7e5f2902d832f348c3?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: ae487ffa26b6cf003611ae59150d9f11d30398cba701bed2b616e77ff55178c8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 9a5d822c33a58e7e5f2902d832f348c3
date: Tue, 06 Apr 2021 13:50:11 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 0ac4f9a4feba096ecad5286c8f5f2811-9a5d822c33a58e7e5f2902d832f348c3-150
x-serial: 127
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5174771
last-modified: Tue, 06 Apr 2021 11:16:49 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 5387
expires: Sat, 05 Jun 2021 11:16:22 GMT

GET
H2 200 b5511400553a12024f9f40045626c2ea
content.api.news/v3/images/bin/ 5 KB
5 KB 106ms
106ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/b5511400553a12024f9f40045626c2ea?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9da3abe7a4fb8b77d01d9c94cac4667a8be62737b1f50004cd3806533fcb5546

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: b5511400553a12024f9f40045626c2ea
date: Tue, 06 Apr 2021 13:50:11 GMT
last-modified: Tue, 06 Apr 2021 11:02:30 GMT
server: Akamai Image Manager
etag: 056c3006b4c4a2c56fcf2a613ef0043f-b5511400553a12024f9f40045626c2ea-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5173908
access-control-allow-headers: x-newsapi-api-key
content-length: 4967
expires: Sat, 05 Jun 2021 11:01:59 GMT

GET
H2 200 b4fbe0be3d337bef1f0995f6e180d354
content.api.news/v3/images/bin/ 15 KB
15 KB 52ms
51ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/b4fbe0be3d337bef1f0995f6e180d354?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: f6f0a9781ac75d4593a6d0d9bda1ad451ed838f4f31584364cf6d459cc9c62b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: b4fbe0be3d337bef1f0995f6e180d354
date: Tue, 06 Apr 2021 13:50:11 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 571b86f7220a29deea2d7ff8c4de9bfb-b4fbe0be3d337bef1f0995f6e180d354-320
x-serial: 1978
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5166956
last-modified: Tue, 06 Apr 2021 09:06:35 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 15429
expires: Sat, 05 Jun 2021 09:06:07 GMT

GET
H2 200 b14e5e5b7d22f6b98cd1c519c1b7479b
content.api.news/v3/images/bin/ 7 KB
8 KB 49ms
48ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/b14e5e5b7d22f6b98cd1c519c1b7479b?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b29ac2e462642e7f4a27a1bd40f3550658fe841227996f523cf86066e04fb2d7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: b14e5e5b7d22f6b98cd1c519c1b7479b
date: Tue, 06 Apr 2021 13:50:11 GMT
last-modified: Tue, 06 Apr 2021 07:59:45 GMT
server: Akamai Image Manager
etag: 2c8ec2a805d3c4aa1d749c2e8cf8f4c1-b14e5e5b7d22f6b98cd1c519c1b7479b-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5162971
access-control-allow-headers: x-newsapi-api-key
content-length: 7366
expires: Sat, 05 Jun 2021 07:59:42 GMT

GET
H2 200 11f12ce1a25055ad7ab994cc83806dfe
content.api.news/v3/images/bin/ 8 KB
8 KB 43ms
43ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/11f12ce1a25055ad7ab994cc83806dfe?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 34da3d30b3d87e34399a07435659176b310fcdce3111ddeae1b4dab1976ecf50

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 11f12ce1a25055ad7ab994cc83806dfe
date: Tue, 06 Apr 2021 13:50:11 GMT
last-modified: Tue, 06 Apr 2021 11:43:56 GMT
server: Akamai Image Manager
etag: 064e77cabb54272b49f9f7dfc7358da5-11f12ce1a25055ad7ab994cc83806dfe-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5176454
access-control-allow-headers: x-newsapi-api-key
content-length: 8332
expires: Sat, 05 Jun 2021 11:44:25 GMT

GET
H2 200 499b476496b57b226920a734f923d544
content.api.news/v3/images/bin/ 9 KB
9 KB 34ms
33ms Image
image/jpeg 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/499b476496b57b226920a734f923d544?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e98317784e1c99bcfb801ef6bdc02ba6ac9244d29d2277f244931a967ca59081

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 499b476496b57b226920a734f923d544
date: Tue, 06 Apr 2021 13:50:11 GMT
last-modified: Tue, 06 Apr 2021 03:33:36 GMT
server: Akamai Image Manager
etag: 3a3e222ccb2cd6aa9e805ce31450cfc3-499b476496b57b226920a734f923d544-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5146885
access-control-allow-headers: x-newsapi-api-key
content-length: 8949
expires: Sat, 05 Jun 2021 03:31:36 GMT

POST
H2 204 bulk Show response
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
106 B 17ms
16ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Tue, 06 Apr 2021 13:50:12 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617717012.174847,VS0,VE10
x-served-by: cache-hhn11546-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 9830
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d9d6a21f-a318-4168-a33f-90a38dbb4104
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d9d6a21f-a318-4168-a33f-90a38dbb4104&tbid=81e299e7-4382-4eca-8f02-745f381aeb00-tuct765ec95&query=taboola_hm%3Dd9d6a21f-a318-...

0
52 B

20ms
19ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d9d6a21f-a318-4168-a33f-90a38dbb4104&tbid=81e299e7-4382-4eca-8f02-745f381aeb00-tuct765ec95&query=taboola_hm%3Dd9d6a21f-a318-4168-a33f-90a38dbb4104&isDirect=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617717013.241527,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11546-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d9d6a21f-a318-4168-a33f-90a38dbb4104&tbid=81e299e7-4382-4eca-8f02-745f381aeb00-tuct765ec95&query=taboola_hm%3Dd9d6a21f-a318-4168-a33f-90a38dbb4104&isDirect=0
tbl-x-upstream: 10.40.0.195:10213
date: Tue, 06 Apr 2021 13:50:13 GMT
server: nginx
x-fastly-to-nlb-rtt: 12246

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 9830 0
239 B 87ms
22ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 9830
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=3zY00VkG5e4n&ev=1&orig=trc&pid=562107

0
218 B

19ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=3zY00VkG5e4n&ev=1&orig=trc&pid=562107
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Tue, 06 Apr 2021 13:50:13 GMT
server: nginx
x-fastly-to-nlb-rtt: 18412

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=3zY00VkG5e4n&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-kx42z
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 9830 43 B
690 B 45ms
14ms Image
image/gif 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:13 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid: d6ca7a98-7a44-4cb4-b13f-772ee76e580a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 9830
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPxXcJ00iN1LlLrgdP98f84&google_cver=1

0
200 B

17ms
17ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPxXcJ00iN1LlLrgdP98f84&google_cver=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 06 Apr 2021 13:50:13 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617717013.228885,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11546-HHN

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPxXcJ00iN1LlLrgdP98f84&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 9830 42 B
805 B 88ms
19ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92:$UID
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 13:50:13 GMT
X-lat: lhrpug017:0:328
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9830
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=81e299e7-4382-4eca-8f02-745f381aeb00-tuct765ec95
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=81e299e7-4382-4eca-8f02-745f381aeb00-tuct765ec95&google_tc=

170 B
484 B

35ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=81e299e7-4382-4eca-8f02-745f381aeb00-tuct765ec95&google_tc=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=81e299e7-4382-4eca-8f02-745f381aeb00-tuct765ec95&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 9830
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=065be7d2-a5fc-46ff-a716-d82939cb0177

0
57 B

16ms
16ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=065be7d2-a5fc-46ff-a716-d82939cb0177
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Tue, 06 Apr 2021 13:50:13 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617717013.266389,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11546-HHN

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=065be7d2-a5fc-46ff-a716-d82939cb0177
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 9830
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

16ms
16ms

Image
text/plain

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:13 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:13 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 9830 49 B
406 B 272ms
90ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-b75np
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 9830 43 B
697 B 57ms
23ms Image
image/gif 185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:12 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 9830 0
59 B 80ms
13ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9830
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=cf05b75a-da48-4171-97d8-d5506897169a

0
227 B

32ms
25ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=cf05b75a-da48-4171-97d8-d5506897169a
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Tue, 06 Apr 2021 13:50:13 GMT
server: nginx
x-fastly-to-nlb-rtt: 12950

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=cf05b75a-da48-4171-97d8-d5506897169a
cache-control: no-cache
date: Tue, 06 Apr 2021 13:50:12 GMT
server-processing-duration-in-ticks: 4070
content-type: text/html; charset=utf-8
content-length: 222
expires: Tue, 06 Apr 2021 00:00:00 GMT

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame 9830
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOIQ7ROuzeg4hHE3Oq_y1IDw4tEAydp6S_m_NVfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOIQ7ROuzeg4hHE3Oq_y1IDw4tEAydp6S_m_NVfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=f81f6c43-c898-4de3-9955-ed75be910d64&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/5/3.gif?puid=e_359012f0-a30f-4006-9eac-553cc94ea432&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOBTdDoNpdWzpgzL8lHEL3c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEOBTdDoNpdWzpgzL8lHEL...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7489696145080625759&opid=apx&ops=&utidl=tech:goo:CAESEOBTdDoNpdWzpgzL8lHEL3c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A16742283896&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

43 B
1 KB

25ms
25ms

Image
image/gif

54.36.109.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A16742283896&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.166 , France, ASN16276 (OVH, FR),

Reverse DNS

p10.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 13:50:12 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A16742283896&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
date: Tue, 06 Apr 2021 13:50:13 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 9830
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zXfeazs1BkW7ZX5CFWdsYA

0
219 B

20ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zXfeazs1BkW7ZX5CFWdsYA
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.222:10213
date: Tue, 06 Apr 2021 13:50:14 GMT
server: nginx
x-fastly-to-nlb-rtt: 17011

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zXfeazs1BkW7ZX5CFWdsYA
date: Tue, 06 Apr 2021 13:50:13 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 9830 35 B
380 B 388ms
97ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Tue, 06 Apr 2021 13:49:32 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 9830 0
155 B 261ms
86ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=70f5cb84-13f7-4a76-bca6-1cea66bb5125-tuct765ec92&_r=4722584
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 06 Apr 2021 13:50:13 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9830
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=119&user_id=1871597494005300954&expires=30&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6e5c5bb6-1bcf-4175-8396-c3a9f990bfc2

0
226 B

19ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6e5c5bb6-1bcf-4175-8396-c3a9f990bfc2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Tue, 06 Apr 2021 13:50:13 GMT
server: nginx
x-fastly-to-nlb-rtt: 18412

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6e5c5bb6-1bcf-4175-8396-c3a9f990bfc2
date: Tue, 06 Apr 2021 13:50:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 0EB5 2 KB
3 KB 1414ms
1353ms Document
text/html 104.117.204.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=LaEdOgqfa49Kt3pO.pheZvfQgrxeT2TE&nonce=wokYz5zRnmCevRBURl.S3mmsjqF8ZY4J&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.117.204.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

376ae326aff23eac896646ae914b68623e275b4c86541623aa91cd8ea8e2e5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=LaEdOgqfa49Kt3pO.pheZvfQgrxeT2TE&nonce=wokYz5zRnmCevRBURl.S3mmsjqF8ZY4J&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 63bb7be74d864e9e-FRA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 09490bc49000004e9ea2290000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 63bb7be74d864e9e
ot-tracer-sampled: true
ot-tracer-spanid: 76e5772a66ae67ec
ot-tracer-traceid: 1a3ba17c1a1533ae
x-auth0-requestid: 4b9cdc96371fd9e4d770
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1617717015
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 532 0 pmb=mTOE,3
expires: Tue, 06 Apr 2021 13:50:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-length: 840
vary: Accept-Encoding
set-cookie: __cfduid=d7856fb99b907d1576c89566cee8e909e1617717013; expires=Thu, 06-May-21 13:50:13 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A03a3c530-96df-11eb-b3da-7f215113477d.SwJOU2oW9KNErVhvY4RMjumwy0AEiys8lUveDZGuIkw; Max-Age=31557600; Path=/; Expires=Wed, 06 Apr 2022 19:50:14 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A03a3c530-96df-11eb-b3da-7f215113477d.SwJOU2oW9KNErVhvY4RMjumwy0AEiys8lUveDZGuIkw; Max-Age=31557600; Path=/; Expires=Wed, 06 Apr 2022 19:50:14 GMT; HttpOnly; Secure ak_bmsc=82424F06EA5C636EECB4FB045F87FB885C7B7AB5764E000016676C608F000270~plKyvcPZGPAxQ74ZhMgapV2ub5K/KCocg4KaY4r47lUuzhrU13u5Q8tlh3ToKQ8aQWNCbzpwN0ysSBPJ5nnzaM0T26Pa1GTCp7p3VAJ8LkOqJuTRsiMggmxsW38V4MOksbZdFlMxFmtpV/mJLOUl6ACBeOWzI/DINWUeB8c44D7vEK8NmapyrcYFdWNBCo5GcxPBv8XmYjSG0Ar5wUoaL6gwk9QhEJPiIwj4HCokqYWJcZa5iYnQeZGzRGALJ1ORwr; expires=Tue, 06 Apr 2021 15:50:14 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=6A096D810B976E3A3EE080DB0C659E0F~qnw66G6yUIctuVlPpz50xTgE7F5V4mvADYIkSSj1PEJ4zkjcGUWBs1uR3zuqTgDDC9srVcHVa/lOjaEj6YrO8zO+CS1LxBthfpQp7oIwDT7uYCofnLHm7rNs0tPfRdeubEXXCk2MB8KzB+NH3w8NoywxujIYsvTqg36Fkk/n+2l4LppRQJvlmtfvo3iNV+/wwfgFy0909BOQy80rw1oUFWczxGbST7RtRL89pz6FmLg3V/h/s/J5LE5Y8cAvIwD0; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=D8BA87C539064CBC364DF5FCD5809886~YAAQtXp7XEw7HnJ4AQAAtLFypwsWYAgG4BJM5/UF6iymkjIdDTpmOYtWITqBGcRXFxsd/LO89UmIyUhzlyMwZpgDqmGQxO1IeF2esfa4enAQW3laZO2WBH3IM/ORJeVeN0vU24C6PKitv79csDnuj0kjDx811JDlmv6eMHMsGmOC7lu01Oc1cTN+EOllAK4IhPw17RENXfytZak=; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 06 Apr 2021 17:50:13 GMT; Max-Age=14399; HttpOnly _abck=7A5CBB48E586CA8BB2B9122A55AD6A85~-1~YAAQtXp7XE07HnJ4AQAAtLFypwV+aD5KDitY9dmGuHgR/eScWFZaAY+Nmn/K2Mholvb5l/aCAmOyqKL98LErbwH78PPU6GB+dnhhXtCqvs4YnQC9VQ828GW/y2uPpzHlMa9LK2nxDgvRZY+IxIlwaF4r4uACkbeshr2cX/C2fAIdLCgFiMcrX0ds1yIAVlX40hpKB/KUC0TAE4NZAK7TYfvquNEhNIy4s3SkBgFw2kMjdtjFAecwicYUJGo2N/fkOapEpp+m7dhUC2GOwOOQttuO06IyACem8vIaRMf3iXUvQwFQqawlwQMLxGTada6BojSNzTJxLr8Dfsj6cv2CW9yuqPz5CtH/A8ulxWVtZQh3QHdIErw/N28oifbIFTQgNcKlhjEeEQ==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 06 Apr 2022 13:50:14 GMT; Max-Age=31536000; Secure

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 88ms
29ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4d79d566257d4a072e7e70b71124179fee43502b10152b0aab33c4318193552e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 02:03:52 GMT
server: AkamaiNetStorage
etag: "120179b431bfa20a307b009b265abffc:1617069832.001495"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1233
expires: Tue, 06 Apr 2021 13:55:13 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 71 KB
19 KB 97ms
38ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 02a35fa71a9b6cc03cf88738c0e80a5817666dbe0454ec74989b3bfb65650d8a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 02:03:51 GMT
server: AkamaiNetStorage
etag: "506d3967b2b8c0f695b431d95817b0a3:1617069830.831326"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 19135
expires: Tue, 06 Apr 2021 13:55:13 GMT

GET
H2 200 indies-loader.js Show response
ts2020-indies-client.web.app/ 7 KB
3 KB 36ms
8ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ts2020-indies-client.web.app/indies-loader.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 17 Sep 2020 07:41:38 GMT
x-timer: S1617717014.597816,VS0,VE1
etag: "16a0649956d88d08059c392d3f4b3b1b1b6ee7a364d1e3444626bf6439417ed3-br"
x-served-by: cache-hhn4073-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Tue, 06 Apr 2021 13:50:13 GMT
accept-ranges: bytes
content-length: 2338
x-cache-hits: 1

GET
H2 200 js-c3po-bundle.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 155 KB
36 KB 131ms
129ms Script
application/javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6870f50dcf87161a935af2414f8b29b5397459e0e49fc510c70fc9eb69d51f05

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 36640
x-rq: ewr4 114 24 3161
last-modified: Wed, 31 Mar 2021 01:02:00 GMT
server: nginx
etag: W/"6063ca08-26dbf"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=26
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 06 Apr 2021 13:50:39 GMT

GET
H2 200 js-vidora-client.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 7 KB
3 KB 138ms
137ms Script
application/javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1619a1cea844a91e714edc0e21d3530cee6813ddbaf9a4d39f1ae5626f3305e7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2916
x-rq: mdw2 115 233 3201
last-modified: Wed, 24 Mar 2021 02:23:21 GMT
server: nginx
etag: W/"605aa299-1a12"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=60
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 06 Apr 2021 13:51:13 GMT

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame A831 2 KB
3 KB 453ms
433ms Document
text/html 104.117.204.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=XlY9QHaPYG4xpmeMu7SeoCH_Kx5ZLxgZ&nonce=8C7P6U8f1aX-Vd383DPBlN8J~0dg3M~d&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.117.204.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

154fc5459c6bf0a19b3aed1d761e69a837a6a0391a31c32d8eba2cb89ac2981e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=XlY9QHaPYG4xpmeMu7SeoCH_Kx5ZLxgZ&nonce=8C7P6U8f1aX-Vd383DPBlN8J~0dg3M~d&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 63bb7be74ac32c52-FRA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 09490bc49200002c52c3a97000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 63bb7be74ac32c52
ot-tracer-sampled: true
ot-tracer-spanid: 08d8458325513766
ot-tracer-traceid: 56b94019610f8db9
x-auth0-requestid: ce23eae4e0c750d82c4e
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1617717014
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 572 0 pmb=mTOE,3
expires: Tue, 06 Apr 2021 13:50:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-length: 845
vary: Accept-Encoding
set-cookie: __cfduid=de70ef7be9c460781327cc4b69c69360d1617717013; expires=Thu, 06-May-21 13:50:13 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A03167950-96df-11eb-9a59-b9a6fe354fb5.uQJ6W5VH0vtm%2FIxHccgme%2FSgTPy8y%2BZjd9dsmT6Xibo; Max-Age=31557600; Path=/; Expires=Wed, 06 Apr 2022 19:50:13 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A03167950-96df-11eb-9a59-b9a6fe354fb5.uQJ6W5VH0vtm%2FIxHccgme%2FSgTPy8y%2BZjd9dsmT6Xibo; Max-Age=31557600; Path=/; Expires=Wed, 06 Apr 2022 19:50:13 GMT; HttpOnly; Secure ak_bmsc=26E24647E9060BA07D953C61868AC5E05C7B7AB5764E000016676C601B3F7173~plGDJLPgGlOqyToEZLIOdEpyPkJuxUIBN5f5ZCxc2A/d27h3sxAn5BDpA5snFV7nIpQXVdICbhWOYQLUtKGxiS3r6v7iKve1Wu/GSJRKi0N3Yy7jPixF542F9d1LDC0n4sRwLaQl6RHaPyqU7wJO8RoLiONQTpLIDT1vFugqF4dWk1WkPq3YkDlo3yLwO0cJjuRiwqms4TqE3Uzcf3YANTgWVEe/cO8+XVHkdjPyrNjIa0EWYOpHJ2gjqfYobCjE+U; expires=Tue, 06 Apr 2021 15:50:14 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=E83ADAF011F22FA3B935171984B6E51F~qnw66G6yUIctuVlPpz50xWFoo43BIKZwvkjBUzD3pjGJPidQ4eu1L/7IPe4oz8Kj+viX80kr7xWUoa9I3SASMV3dOUuU+3ERItBo2ojLb3pe1h5YgDs1BDa1p00yh4PwEPpywRnNI8hMcOe+5XsfFE99HEp4kshAyUKf1lQqMxcE8CcRSOwV1zYJeDYWFwQx6sY+bHuSz+CJJna31VZWMWj1/4w9iyWL/qMll6+Vwqxz+/LnuT4aH9eD6JX1r3/n; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=71DF0BAA19D7844A4270D799AC7949D4~YAAQtXp7XDk7HnJ4AQAAG65ypwtVioXjbhqVJUjIqp7ph9FnKTOw6NmydD089SG0ml+W/DQFzjXfE7Kxn2ETYcdt6+16VCWBlELIRr9S3m7tTLonwnvjBAaitOdlWIUhQestcBW+7Uqh6JUB5kcvOdJWANrUaXBn3pdJogJnIezwc8Ea9IOm+VrkQ+KLAO08acVZimsDBS4YP6g=; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 06 Apr 2021 17:50:13 GMT; Max-Age=14399; HttpOnly _abck=599C86520670084FF2B51D469A64E375~-1~YAAQtXp7XDo7HnJ4AQAAG65ypwUT8EpQmGJE9xuYUoHnP/WIRYX4GsEzIGDZMiOJTTroBAEQ7Skb51o5DLo+q9DRrIUlkpvIby4ma9fpSqe08r/t86Atgt4DMsoU7wJlERZI1RoUFbB8/iqeTl1fUxzLGdYLvd4wzQU8uTGNZln9xKfjKIZijD0QfDlXiSSzdyoCooK4ZcH1mPjSYVKBWkARq4qjTcBO/f7iFCjFQLrIC8ci1tjrFhhM5+JjnNtloDnQGXp1SwK9iLHiPCKuE5zTEcWB2xsUNMZwoKqpRGCmGe0UruInLfAiZhp9G1nfkMuF8Ere3AgMCaCVeUEkXJzM7YdV2jIzG2s6Arm8G00KSo09bsBy3YaLFGOrmfkhppHkK2RLig==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 06 Apr 2022 13:50:14 GMT; Max-Age=31536000; Secure

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 51B3 2 KB
3 KB 471ms
471ms Document
text/html 104.117.204.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=dihrS~Mf4QuEZU2mNge9BeXwsQIB5Tvv&nonce=JvstREoMqXayZ7RnTuCmeuVxRaAHw~I-&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.117.204.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5c6239663347db94e0a0463b01a40b8512904b5e8c1f4b68c582c1ed28b7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=dihrS~Mf4QuEZU2mNge9BeXwsQIB5Tvv&nonce=JvstREoMqXayZ7RnTuCmeuVxRaAHw~I-&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 63bb7be78a8c0ebb-FRA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 09490bc4b200000ebb07220000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 63bb7be78a8c0ebb
ot-tracer-sampled: true
ot-tracer-spanid: 513745423086f5a4
ot-tracer-traceid: 42e354314c13ff7e
x-auth0-requestid: 251e803ba709e4a8b1f1
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1617717014
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 571 0 pmb=mTOE,3
expires: Tue, 06 Apr 2021 13:50:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-length: 845
vary: Accept-Encoding
set-cookie: __cfduid=debeffd8d52c5ef91998737c65a2d9d661617717013; expires=Thu, 06-May-21 13:50:13 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A031ce1f0-96df-11eb-8dc8-995082d2f049.klxceRp6YCuCEn2LsujqL1w0jlAqfJARxsG4smr21uU; Max-Age=31557600; Path=/; Expires=Wed, 06 Apr 2022 19:50:13 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A031ce1f0-96df-11eb-8dc8-995082d2f049.klxceRp6YCuCEn2LsujqL1w0jlAqfJARxsG4smr21uU; Max-Age=31557600; Path=/; Expires=Wed, 06 Apr 2022 19:50:13 GMT; HttpOnly; Secure ak_bmsc=992E4C60051EE84535FDA1FC4E78B1795C7B7AB5764E000016676C6038405038~plA9WP/Rsz5iCE0nwcmcq3Y8Ml4EsVQoAfn4CKyxSb0JKhLmUVbuxMetK1QBJSqiNZgSfjR7SnKBbH3xH4288XizGSkXDnBQnxRIyFxHy69/OTiPIJI7D8ItpzZAxmYGClvTEZ6LDcsleAzC+b0WbgSwZNGHVDrCLn+yPpX/Is78GfInH7wzoZBw9GfEgAFvchFIZ5WuwuHsnj+4+adGbx2miqRSCrev7UqbPiglMWxon2YNeHBT5vzw9UmLgXX2Xn; expires=Tue, 06 Apr 2021 15:50:14 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=D87C914C6DCAA27D5A2DF3F9CCF261A7~qnw66G6yUIctuVlPpz50xUf4r9N1SreXuZDSNXvLj5uQFmlGnpq+TZUv0kQiGBqRDelq5aSERen7MoMGwcMmlmokriOegxMrI5Z9+MPfdjW0P0kwl308GHOis0Y3Q5LBQK9FsaKDr0AM1SaadbSkWiJdur1nF4K5K8VRWva+TV4b6/A0AQpDU8OMiMoWHo8gDTqzJZ8P9ZXk5LznSz5Hu/GblIaZiXyZp2xY0oTeKfIQg+FF76EbPHwjEfzsYB0w; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=82766146C7AB4C41A68649C1283C1F87~YAAQtXp7XD47HnJ4AQAAXq5ypwuiNfWQCr5EUsjx5f7BCt8pMz32sQWFgsBnXPkrOWviEI5lwoInBYHUO9dkL3gIXdX/UL/YnI6h/Kj+wAZatpPF7iFECP5aI2wd4ozIH5bsgo1H9+ln7RhKfzDGVawa0091piDvPgpfEM1yy4Xd1890i93I91mdTkB8xHGi4dFNO54fgdlcqjQ=; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 06 Apr 2021 17:50:13 GMT; Max-Age=14399; HttpOnly _abck=93A1CDAD3ED03DAD368E3A32D58491A2~-1~YAAQtXp7XD87HnJ4AQAAXq5ypwWRryZ6A4h1ImpWWppK2TOxaWYzHFbRSfCUhUdHjuRADZcB3VE5pjrbWCsBH/Y8ncBEpaXwHdNLcEzsZyNebJz/YWE8vWrWdfDgnDeHTczgB/SgsrwJZHAXilaHLJ6pPBkvcGA8RLSgI14N+gzp2Bu9C7jtrOJ1w/YHDFi+oGrM2/1A2wKCxXPvy8SVDoS9i5H0hqqFaIVqTdNHe394TWn0htLsdRLR8Jklr1ggm5yHXBxw4FH/JiiwAGobvQllaGl+fOfmssuOYmMYjuVy2Eoflgv+UTtqC5+MMcXL+Tw8ZWjQKwoHHt8W5UlfoEpufJ/JsfdHhd+Vz7zCqwchmi+rUz6jrO72cXTEUc9ZNy+Q1MI1Tg==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 06 Apr 2022 13:50:14 GMT; Max-Age=31536000; Secure

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 15ms
15ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16177170136680.7232377341981031
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 831
expires: Tue, 06 Apr 2021 13:50:13 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 9ms
8ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
cache-control: max-age=35574
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 B7670439;dcadv=4149947;sz=1x2;ord=572891743412.5724 Show response
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 19 KB
7 KB 76ms
51ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=572891743412.5724?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

bd696767e2a3108b82b50a16f21c1f6c131ceb2dbaadb92c5bd4065296827487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7125
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
24 KB 36ms
9ms Script
application/x-javascript 2600:9000:2182:2000:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 12:40:04 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:06:15 GMT
server: nginx
age: 4208
etag: W/"60665ff7-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: uJP-Oocp4rff55UeQm5ptywrsnwv0JNbykRNBNXjDEWsEh7K-jscYw==
expires: Tue, 06 Apr 2021 14:40:04 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 177 KB
61 KB 77ms
75ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e53e984a14ce0011d32ab5a28e9bd9e83d2d16be2dd3467517439fbf815dbe69

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "8197ed73960eee8dec1cb075d6480256:1614658074.219103"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=60639
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 99 KB
29 KB 67ms
65ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7840fc963e2b28fb655f31b663bd66db26194eb1142edc6439a43118fdaba4ce

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "833c69d8010bd01a4ba7cfd0a6b2a357:1615853560.304725"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=66614
content-type: application/x-javascript
content-length: 29473

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 59 KB
20 KB 40ms
15ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

70a9aa1711bcd9a5617a792b616616255a2bf9fe1e55956f682a6f4024e28a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "834 / 788 of 1000 / last-modified: 1617707559"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20190
x-xss-protection: 0
expires: Tue, 06 Apr 2021 13:50:13 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 369 KB
110 KB 87ms
85ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 41268fc4402bc88b16329c06e5dd352b4f29f25041d397f9f4481d6d73ac52a0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "d967f928ea0c1649109e6681867d917d:1614652656.838437"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=56327
content-type: application/x-javascript

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 21 KB
9 KB 24ms
24ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9a32bed4e81651c9c81c8d7a215a2f5cfbdec52ea96a40e2866a6864842e6ee6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "13d6117aad2dff6ce86d3a0e528e266f:1617253408.513135"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=42925
content-type: application/x-javascript
content-length: 8802

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

12ms
9ms

Script
application/javascript

2600:9000:2182:f400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:f400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding: gzip
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 36838
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 06 Apr 2021 03:36:16 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: VwPrbI1detWJeWTBE43tqvE6G8-pspPx-MbWmx8HXP8NTiAHblIHlA==

Redirect headers

date: Tue, 06 Apr 2021 13:50:13 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: kd3QA3uSP_aDkJmj1d-yBtLqehbynMdzfYOLD-DY3WPgV4_92Ne4XQ==

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 82ms
16ms Script
text/javascript 13.226.159.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-76.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 12:51:47 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 16 Dec 2020 00:19:19 GMT
Server: AmazonS3
Age: 3507
ETag: W/"a0ed145148d17426a72696cecfa585ae"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: uQqZ1rEjy0onIVlK5cbuqr4wSFJTGSYjuoHEDVWmCpITm_XSBaqirQ==

GET
H2 200 2988.js Show response
script.crazyegg.com/pages/scripts/0018/ 4 KB
2 KB 128ms
91ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 69246
cf-polished: origSize=4157
ce-version: 11.1.266
cf-request-id: 09490bc50a00002b7da036a000000001
timing-allow-origin: *
last-modified: Mon, 05 Apr 2021 18:36:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 63bb7be80b7a2b7d-FRA
cf-bgj: minify

GET
H2 200 utag.985.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 2 KB
1 KB 22ms
20ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 04:49:47 GMT
server: AkamaiNetStorage
etag: "a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 900
expires: Wed, 21 Apr 2021 13:50:13 GMT

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 8 KB
4 KB 50ms
10ms Script
application/javascript 2600:9000:2127:8800:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8800:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 21:41:02 GMT
content-encoding: gzip
etag: W/"0d9785869d3d057828f29bcf6b0f8119"
last-modified: Mon, 15 Mar 2021 13:51:58 GMT
server: AmazonS3
age: 58152
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: VLhwtW7ieJn-jnZCfV5czMuwAr-iYS5s-cR8nQJfJmVddL3VsHq1-g==

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 62ms
18ms Script
application/javascript 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=493
accept-ranges: bytes
content-length: 15848

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 23ms
20ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202103300203&cb=1617717013754
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Tue, 06 Apr 2021 14:00:13 GMT

GET
H2 200 ggcmb510.js Show response
seccdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 47ms
9ms Script
application/javascript 2600:9000:2182:f400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:f400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: v8EFEAmgyOIEHPdRap_4kHFd7N20k7gR
content-encoding: gzip
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Mon, 15 Mar 2021 14:07:26 GMT
server: AmazonS3
age: 1192
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 06 Apr 2021 13:30:22 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 3SGs2IW4JGd9dN0Bug_wPhqmqurUOpjEWc2_sQJyF-HQ7mwt8ZD8bQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 296ms
98ms Image
image/gif 107.23.100.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=y0ePUZ_SJFCDjIML&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10480&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=5562&t=hmKwRDiXD2zT4Zg4DX-O24DEQefV&V=126&i=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-120&_acct=anon&sn=1&sv=s-YX1Db8vxRcahndHpQ5bZsPIx&sd=1&im=06030402&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.100.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame CF4F 2 KB
3 KB 555ms
554ms Document
text/html 104.117.204.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=KnsY46OhOSdwMdicapTBjT8M0VYr1KYt&nonce=cxSajYsSskYwkUgQdImkBZY09KfOXKXu&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.117.204.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d664d5c1787e3248da314d2dd2f78e97be4915e0583c3d40b5fb08a8120a7ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=KnsY46OhOSdwMdicapTBjT8M0VYr1KYt&nonce=cxSajYsSskYwkUgQdImkBZY09KfOXKXu&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 63bb7be86bd81f2d-FRA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 09490bc54300001f2dd129f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 63bb7be86bd81f2d
ot-tracer-sampled: true
ot-tracer-spanid: 153f0e8670bcf9c2
ot-tracer-traceid: 2cd99aa37aced678
x-auth0-requestid: 28f09a0dd6be881625d7
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1617717015
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 535 0 pmb=mTOE,3
expires: Tue, 06 Apr 2021 13:50:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-length: 841
vary: Accept-Encoding
set-cookie: __cfduid=db1637e0e88973f76f281883ec14bb3661617717013; expires=Thu, 06-May-21 13:50:13 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A03479b70-96df-11eb-a3fe-a5ed29f3adbc.3s2IWOgRVXnxVpkrF7Oc0IRR%2BedWSqSw9fwXzDSr%2FY0; Max-Age=31557600; Path=/; Expires=Wed, 06 Apr 2022 19:50:14 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A03479b70-96df-11eb-a3fe-a5ed29f3adbc.3s2IWOgRVXnxVpkrF7Oc0IRR%2BedWSqSw9fwXzDSr%2FY0; Max-Age=31557600; Path=/; Expires=Wed, 06 Apr 2022 19:50:14 GMT; HttpOnly; Secure ak_bmsc=6C2558CD5E976DA0C42574D97C5060905C7B7AB5764E000016676C60AB3EF858~plJ0H0mfb6OcTnifu/pmGGOB1XnDX5Zyk/tS7LrSdrKK8WPxsKR39HzRnafloRCTRr0rpa6xkCPaYzumv0P73f+RNJxlt+Jer6i7hvvJJVEOkvHkcyDGIilzJZRvhCa4nsuYP7TwnZvXE7g1A/Dp0tnGGNUc3qB68G484N5vkNwLNIumr00Y7N7CUD8HOTyI9UvloximupwocHXMCioSEULkbd8MSu+2tVx6p43HANPnI2TuDmRiT2E/B2QTpYe2+q; expires=Tue, 06 Apr 2021 15:50:14 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=D5792316096663B1C9B8E57DABD20008~qnw66G6yUIctuVlPpz50xVH7TeHY79JiG9JUIsbDyxiqYR2LXOEkPrLVQbWAk9lXw1ly4N/Vz9+Sj49wyBLtqR81PgpKsXnA9WkUxKk4ouroUcM8h9o8FN5XXVTctxoEzUvJEeLsfJnqttlV7Al+soVIDnrdJbMvw/bZuEIoRZKQ1OsSU3tb9zcr7/TMVYRhVDP1AqsfcsldvkfJN6Vwx+BXsqOpqnR29cGzbNWACai0EZ7QXWGjcXq+YMJQ8qo5; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=B60AD61B9647A9FF3489BED6408D561F~YAAQtXp7XEQ7HnJ4AQAAO69ypwuuRzLlXvreYsctnS1l+PNAEhcvGxdU00wIfHczh5U6jkEtGQ3Na4GnPmF0HtcIgYCgngJar6RkJFiPh1wNlBUKIeR7rSFrOrlRwLbyHdGjEDeZ3mmwOpsHYNHdlKwfkoIXlTd6j/aWeWOl+W2i8x9/5I2Hn6u4M/ssXtOObrH8Q3s9MsP6v/0=; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 06 Apr 2021 17:50:13 GMT; Max-Age=14399; HttpOnly _abck=553D55A449923F987CD6A3C9460BFDCB~-1~YAAQtXp7XEU7HnJ4AQAAO69ypwX3FBlDHKEQDjw37x9hta0La9S0rN6aU5gtPTVyCcWiuc2kPozqATcUGyrQgY0AymVMVrqgIKECdRS5sIUoqNHF+aPCjdxF71TMsB69s70eBLtq47OFcRc7LXcspWO+wVG1XFTBo48D8bxdaVktBHlMvxwoS9MirwDNvaskgTiXPptxecKMuBo3PBk7NjTKDs2XrXgQQ4NP7jyj0CmvNM6UQrjZuMS40ZrJP0FJleptuWTswoBIkt2euDe8bHGFR4y/spzWDlakWeZ4U5yWr6/a34adMiSG0cNzp8TFH/X6rpBqLR0Ba5Sv12CupOHmqkaIOPavmATxZJBsLNRFeo768eZn7+LhRzEy6utc3Uu3DimXWw==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 06 Apr 2022 13:50:14 GMT; Max-Age=31536000; Secure

GET
H2 200 mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 366 KB
367 KB 17ms
16ms Image
image/png 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-rq: ewr4 114 120 3158
last-modified: Tue, 09 Feb 2021 21:37:59 GMT
server: nginx
etag: "602300b7-5b713"
vary: User-Agent
content-type: image/png
expires: Sun, 11 Apr 2021 15:48:08 GMT
cache-control: max-age=439075
date: Tue, 06 Apr 2021 13:50:13 GMT
is-https: true
content-length: 374547
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H3-Q050 200 pubads_impl_2021040101.js Show response
securepubads.g.doubleclick.net/gpt/ 286 KB
101 KB 69ms
29ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103004
x-xss-protection: 0
expires: Tue, 06 Apr 2021 13:50:13 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 83ms
27ms Script
application/javascript 65.9.90.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 01:29:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 390064
ETag: W/"a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: qCGTyQvozhOiPGPhsq2e11uuM1eBx1FjlDVzHNvGu7OuizibL1tcVQ==

GET
H2

404

undefined
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/undefined
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fundefined
https://www.heraldsun.com.au/undefined
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fundefined&1617717014272875206
https://www.heraldsun.com.au/undefined?nk=38bb71113ec9746575ae32c31812de25-1617717014

0
0

1059ms
1058ms

Script
text/html

184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/undefined?nk=38bb71113ec9746575ae32c31812de25-1617717014

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-111.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
x-rq: ewr4 119 71 3093
server: nginx
date: Tue, 06 Apr 2021 13:50:15 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
cache-control: max-age=41
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fundefined%3fnk%3d38bb71113ec9746575ae32c31812de25-1617717014&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=undefined&session=38bb71113ec9746575ae32c31812de25
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 06 Apr 2021 13:50:56 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/undefined?nk=38bb71113ec9746575ae32c31812de25-1617717014
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1617717013902
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1617717013902

5 KB
2 KB

37ms
36ms

XHR
application/json

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1617717013902

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5bd5fc784e928168a977deffa61d9424ef3eea6ca9eceeec1995e3d780c769b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-04a4fe428.edge-irl1.demdex.com 5.80.7.20210304103356 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: T4a/N0OTTBk=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1537
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.heraldsun.com.au
X-TID: HOVfH4HuTls=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1617717013902
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 63 B
361 B 484ms
469ms XHR
text/plain 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 63
mime-version: 1.0
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210401/r20110914/elements/html/ 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210401/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=572891743412.5724?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:46:25 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
330 B 42ms
41ms Other
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2CWJkl_-X1rYGCKGvzoOlD8LDJmr7hp0gGiKYkLjIqoy3WF1LFCo8zbBVgq_gpm87EKz6q9BKyrAloVWtFAqY33Ya0xAGUPL6LtEik-9xlePQ0J2rQQH4cdnlDnAyyyjpYqarZxbpK4jwLWoLmQ&sig=Cg0ArKJSzMDm5H96IwSzEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20210401.35001&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=572891743412.5724?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 2988.json Show response
script.crazyegg.com/pages/data-scripts/0018/ 651 B
619 B 34ms
19ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0018/2988.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcdc7c99308f705720f75fd5554fe7450e971f257210484f85210299d1a89a3b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 69269
ce-version: 11.1.266
content-length: 240
cf-request-id: 09490bc61a00005363239bf000000001
timing-allow-origin: *
last-modified: Mon, 05 Apr 2021 18:35:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 63bb7be9cacd5363-FRA

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 16 KB
2 KB 54ms
18ms XHR
application/octet-stream 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 584ebca28b361c3381c686b75b71c2cb4cdc074bc0ba6e44980c9db33c5cdf1c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wNcZVqk5y.Y6LUl0L8PK4xYsYrqrcsAQ
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 03:28:57 GMT
server: ATS/7.1.0
x-amz-request-id: SMEYB0FFYPMDF5P9
etag: "14ead9bc02aa8f3cf645cfb425ed68e2"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=42
date: Tue, 06 Apr 2021 13:50:14 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1179
x-amz-id-2: 0/fHFPUZQ+PkzhV9o8CbePJPiAo/0RnPjt4xD+ZUf95uaFE1MpGhdI3WGdE6r6AdDfkRlPpvx4E=

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 44 B
493 B 109ms
109ms Image
image/gif 2600:9000:206f:9000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1617717014032&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&tz=2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: zZ7EcML2DgwWUPI50falWuJnlh9sRyQdwrFutrdS_NDOJK5VyXoRJw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-Q050 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b7a8710924ec2a6402c437f720b5e31dd3a5229a18db70badce74eaba80c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5864
x-xss-protection: 0
server: cafe
etag: 2731930202144549249
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 14:23:24 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 714 B
952 B 95ms
37ms XHR
application/json 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-3,ss:%5B728.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=541be949-f9c9-1728-57cd-ccfa67f8f7f8&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b7dbc6dbf10a3ec5cf3a063050a5d37e70e9c7a3b405aa26abd5ba3093aa742

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
x-server-name: app03.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET 18f312ed
login.newscorpaustralia.com/akam/11/ Frame A831 0
0

GET 2235f3c37a6ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame A831 0
0

GET
H/1.1 200
OK Cookie set dest5.html Show response
newscorpau.demdex.net/ Frame 10D3 7 KB
3 KB 129ms
32ms Document
text/html 52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=34988654886707717811519152965927344553
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 10 Mar 2021 16:01:35 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=34988654886707717811519152965927344553;Path=/;Domain=.demdex.net;Expires=Sun, 03-Oct-2021 13:50:14 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: CvjiOak8SPo=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
metrics.heraldsun.com.au/ 48 B
516 B 101ms
20ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=34967579819431104951521531501000771763&ts=1617717014079

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

058ea0936ba9f75902161e61fbdd55a93a6f1a8751354f9edd7e3ca87b6af7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-fd4497967-bznw5
vary: Origin
x-c: main-1451.Ibee288.M0-486
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YGxnFgAAADtN0xHl
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=34988654886707717811519152965927344553
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YGxnFgAAADtN0xHl

42 B
915 B

78ms
32ms

Image
image/gif

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YGxnFgAAADtN0xHl

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0c3aa1bf1.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: mC+RD1ttQr0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YGxnFgAAADtN0xHl
Date: Tue, 06 Apr 2021 13:50:14 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 10 KB
3 KB 68ms
22ms Script
text/html 80.252.91.52
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=5591412616218525279&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D4254105722955109596$$&ns=0&rnd=3042906652166235
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 80.252.91.52 Amsterdam, Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: c366c9a5f3473a23202eddf9ee11afb0bece150a5080c06e68fe90d654bf26b0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:13 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 2430
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET 18f312ed
login.newscorpaustralia.com/akam/11/ Frame 51B3 0
0

GET 2235f3c37a6ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 51B3 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 172 KB
19 KB 73ms
73ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3783255733633764&correlator=1866998406541468&output=ldjh&impl=fifs&hxva=1&scor=2359068940357764&eid=31060550%2C31060540%2C44739387&vrg=2021040101&ptt=17&co=1&npa=1&sc=1&sfv=1-0-38&ecs=20210406&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C728x90%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D033f85e0-96df-11eb-bfee-0a6fa201f3de%7Cpos%3D3%26id%3D033f85e1-96df-11eb-bfee-0a6fa201f3de%7Cpos%3D1%26id%3D033f85e2-96df-11eb-bfee-0a6fa201f3de%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7Cpos%3D2%26id%3D033f85e3-96df-11eb-bfee-0a6fa201f3de%7Cpos%3D1%26id%3D033f85e4-96df-11eb-bfee-0a6fa201f3de%7Cpos%3D2%26id%3D033f85e5-96df-11eb-bfee-0a6fa201f3de%7Cpos%3D1%26id%3D033f85e6-96df-11eb-bfee-0a6fa201f3de&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26pvid%3D00000000000000000000000000000000-00000000000000000000000000000000-1617717013690-729097%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1617717014&dt=1617717014159&dlt=1617717010644&idt=3394&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C176%2C1123%2C1124%2C176%2C176%2C0&adys=28%2C10073%2C462%2C9033%2C10073%2C2990%2C10723&adks=1616217045%2C818813054%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C1248x0%7C300x0%7C300x0%7C1248x0%7C1248x0%7C1600x10722&msz=728x133%7C728x90%7C300x276%7C1248x276%7C1000x50%7C728x90%7C1x1&ga_vid=87726324.1617717014&ga_sid=1617717014&ga_hid=1880155791&ga_fc=false&fws=640%2C128%2C640%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9e72dd6709237707a92a637090e3664e40b41881623f58376e4e86f2a50f1dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18887
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234025551,138234025461,138234025548,138234092042,138234082439,138234092474,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0d3e994a32f79f23ee2be6c7cf92181a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 89ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://0d3e994a32f79f23ee2be6c7cf92181a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 46ms
46ms XHR
application/json 54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=34967579819431104951521531501000771763&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1617717014187

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

dbdd998c776d637196a031bdc843712af6e4c2a4b29b9497a94157fb0cf4d42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v090-063448f1f.edge-irl1.demdex.com 5.80.7.20210304103356 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: BsQxDR5KSnc=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1537
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 2D2C 4 KB
2 KB 84ms
26ms Script
application/x-javascript 13.226.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-89-119.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 08:21:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 19752
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: qlIzlZn2Cu3TvBNKfaAClQzMpBMVzA0J9m4VxsnP3NL3tTjw6NkS0g==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 28E3 5 KB
2 KB 1301ms
9ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:15 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 46732
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1617717015.496197,VS0,VE0
x-served-by: cache-hhn11554-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 44BD 4 KB
2 KB 53ms
8ms Script
application/x-javascript 2a02:26f0:6c00:295::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 13:50:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
X-Check-Cacheable: YES
Cache-Control: max-age=68856
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame D097 88 KB
35 KB 76ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0df3c4bc790aa7cb9c3cca68562b44ded7f1435b4cbce67cc44baa9bb3cf01e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35785
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 2D68 4 KB
2 KB 73ms
26ms Script
application/x-javascript 13.226.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-89-119.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 08:21:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 19752
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: S6adeg7GIRutYe5cU_T_ssfGy_dVbM6E44fqPuWKBvvfq4VfoXPLaw==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 54D1 7 KB
3 KB 3087ms
18ms Script
application/javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 13:50:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
ETag: "5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 2601
Expires: Wed, 07 Apr 2021 13:50:19 GMT

GET
H3-Q050

200

activityi;dc_pre=CJiEp8Hh6e8CFQMLBgAdpX4AaQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1565510562737.4133 Show response
8228261.fls.doubleclick.net/ Frame 4E11
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1565510562737.4133?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJiEp8Hh6e8CFQMLBgAdpX4AaQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=156551056273...

403 B
813 B

45ms
30ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CJiEp8Hh6e8CFQMLBgAdpX4AaQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1565510562737.4133?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

6695208fd216fa2ad18e6e1025aeada023a0f672403e5de5e7aaca1e97275165

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJiEp8Hh6e8CFQMLBgAdpX4AaQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1565510562737.4133?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl_dPVKi68oRz2BDkHawSMCijnn1DZTDCZ1CV-uXeQh57hh_oRAU2U9MRsllww
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Apr 2021 13:50:17 GMT
expires: Tue, 06 Apr 2021 13:50:17 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 331
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Apr 2021 13:50:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJiEp8Hh6e8CFQMLBgAdpX4AaQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1565510562737.4133?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

activityi;dc_pre=CO-Fp8Hh6e8CFVQcBgAdn_8AkQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2840590316216.738 Show response
8228261.fls.doubleclick.net/ Frame 377E
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2840590316216.738?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CO-Fp8Hh6e8CFVQcBgAdn_8AkQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=284059031621...

402 B
358 B

47ms
33ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CO-Fp8Hh6e8CFVQcBgAdn_8AkQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2840590316216.738?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

c6d8b97c2d3acdfbad9bb29de9e79d5e6c9ede3a75e4c8682ad0e8205e09732e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CO-Fp8Hh6e8CFVQcBgAdn_8AkQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2840590316216.738?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl_dPVKi68oRz2BDkHawSMCijnn1DZTDCZ1CV-uXeQh57hh_oRAU2U9MRsllww
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Apr 2021 13:50:17 GMT
expires: Tue, 06 Apr 2021 13:50:17 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 330
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Apr 2021 13:50:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CO-Fp8Hh6e8CFVQcBgAdn_8AkQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2840590316216.738?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 84AE 88 KB
35 KB 40ms
29ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-820018408

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18f6bfe9501a0dd540527913018d8894b40c5bf16143bad7e2a9dd2bea89cf6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35787
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 83E1 43 KB
16 KB 291ms
24ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

7b836f980105af48cc460cba4d6beded383be23233b43010337cddf9642ae7d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16505
x-xss-protection: 0
server: cafe
etag: 16397456148590585425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame 0E49 43 B
608 B 3322ms
279ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:17 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 18BB
Redirect Chain

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

43 B
1 KB

246ms
246ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:17 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid: 0476ee0e-00bc-4bb9-b098-2823c3cbe24f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:17 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
AN-X-Request-Uuid: 680f76b7-e5a2-433e-b77e-c9b97b5fefbc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

0
1 KB

46ms
45ms

Image
application/javascript

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:17 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.146:80
AN-X-Request-Uuid: a86f2abb-ae5f-4bc0-93ef-ad1cbc3abdd5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:17 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.240:80
AN-X-Request-Uuid: 9cf26cf1-d144-412f-b4c7-e95a467d1509
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

0
1 KB

15ms
15ms

Image
application/javascript

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:17 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid: f6c9437d-38e9-4e96-81ea-8ae16365ead0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:17 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.37:80
AN-X-Request-Uuid: 26ffcf34-28e3-4589-99a7-b40ef8aebf57
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 s84536385047155
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
440 B 21ms
21ms Image
image/gif 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s84536385047155?AQB=1&ndh=1&pf=1&t=6%2F3%2F2021%2015%3A50%3A14%202%20-120&mid=34967579819431104951521531501000771763&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=11%3A50%20PM%7CTuesday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c60=TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null&v77=D%3Dmid&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
x-c: main-1451.Ibee288.M0-486
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 07 Apr 2021 13:50:14 GMT
server: jag
xserver: anedge-fd4497967-gwhqd
etag: 3474020834786934784-4622002950110965297
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 05 Apr 2021 13:50:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1104 0
0 45ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4JkK6AR9EqTuCWp5L_3vWpta0_r_DcWQ3vSdCGrAYCobEJsk6ovc8VFwV910e8D73vYX_h4e_IDcsB-W1HhD0iDFPgrYDqC7Fd-4DtEOgKmDQvgMtFpQnzPp3--2NbAl12uo6xxm6O2kRfYyx4EUcQKl0t-9O4mKFRflYowlPHX7TGYBSL2beVJi1Lk8zSkhrgk3StnJV9pMh13BCE5vyB25N0Xl9jfUNo9LYo25MzafwrlhNzhh2S9ozptUuIGCG2gX36sFnHp0EyOWuo-UmZJ1xjAZPLJwwqa1GhYESsGfjOA&sai=AMfl-YQcB7xkSDTkrehjFhXt0h5XyZQAK517EdnO3bRLuXddAAv7Qgk8_CEQrXSyo4mGVwT_LN0cdABfkyUK&sig=Cg0ArKJSzPlgwvwwiZp5EAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/ Frame 1104 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2a4352595bb834d956d7ae260ecf56b9f1b9785b46f3314ed7b82ef506b2f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 360627091892979634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:47:25 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame 1104 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:46:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1104 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1104 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvPVBuur3P_rxw0fe6WhCXlPbBooVTDDZgyUFLS55MokW9NYuL5DVKpnjy7in0s8-z0eoy
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 1104 68 B
204 B 8ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
age: 359196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 10:03:38 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B62 0
0 42ms
41ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0jyhcz1OaoJOf3qAwQLS3cIvVqhCZn_JjNLlQ08EQiCxHtSQtn_ucZXa8K2Q3QIRQVxZDEptn5g5uttQPCmm7nkFkA9hWVSXE9xO64MOhFYhHRkCPAE0l0Dh063xrKF-KV3ot8bGQKjRvZ7LS3T4LR-FSrORU_Z7ah5IQr7-KioUHbmGycdSApKsa5CIBz6JHqVNJx5RprvDpylSbJxcgtIr_whjVuEsAeoIfkizgGTlSUCMy-9E7N5gdxnorWZD4XidM7madYfJpcVhzCBjtPMLf47-28CpqGWJsCEVlpEK3Lg&sai=AMfl-YSjUZ6k_Ro5nvhSbrEMRvmR_jNN8zURzxnNNS-kHl8-aXAc3BJOcd0RgjBD0XRKIYypeF_TgtyeBUYT&sig=Cg0ArKJSzFp9qb32kF2uEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 5B62 68 B
94 B 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
age: 359196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 10:03:38 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/ Frame 5B62 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2a4352595bb834d956d7ae260ecf56b9f1b9785b46f3314ed7b82ef506b2f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 360627091892979634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:47:25 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame 5B62 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:46:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B62 118 KB
36 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5B62 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQj-2Mxl_Ei3onEJC1HRmev9nje0nAJNhkFAF_8cKCfmRgXIgs4mNXxOxV6BPIrQz96sxmQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218226621639"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B58 0
0 42ms
41ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmAJLddmzhhYP1ugN5fGs9OC4Ggm5Dra33MNk5-U2C_XBEEMVQfUUcTxBtRbUo4MIukYLq3ypg9c7DUk9-ChYovHir_lAirIWfHqKUeDcNGuHJu0P4pgb1krbjVIfrn2f1bdroTwwrC2_a20xe8_CRt1GH5NJKmyH2bB52nLsMy1EfMUZHp3jkO0ogTb1gws2wvSH2vyq7DgsYom8faWwufPq29GYZuce-AbdKmd9QFTzWnVzExvwJnricOj3Gpy1H0Dnfz2Z6ccpm8Nusi3YNRhRSOfI3V6rx-leKBHkmo2lFfw&sai=AMfl-YQoVQ2QKa8YzBd9Foqm8x9B8DhdvbupEvKJJFwHBIE7-JlQpa9fEDFgQl3O-I-HKVgWjiHMXDd_jFG2&sig=Cg0ArKJSzK3YwR4jhI66EAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/ Frame 5B58 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2a4352595bb834d956d7ae260ecf56b9f1b9785b46f3314ed7b82ef506b2f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 360627091892979634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:47:25 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame 5B58 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:46:31 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B58 118 KB
36 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 5B58 68 B
169 B 8ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 14:37:06 GMT
x-content-type-options: nosniff
age: 429188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 14:37:06 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 18BE 0
0 42ms
41ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXWrTUSb60RkH9hlTbd0bnAJBoKhIpE1fNyVDgNvVApjKO01aRBKoKzxKpie-aGuuBYxvVqnOFmGsf8-IUVHynPThUxdW5mehjf62cwuIDp2EZ8bPaN8B4yz2eWJ221hEGeb5Rd4phXNtFWVYukMZxNhGHwTdRRHp4XBLxD7XJbw9XdPln4hai4aO-vA4t7eFiz7DhKvFt9zsyrVxZuKvWbXzpnaviqQgxjGyyEBhhr6gfVjlsZuLjRNonn5gHJ_ASK-iubdOFp6obeIBKIGIiM1yaVy81lBHxMusr6JCLmRSmjA&sai=AMfl-YRfQ1ZTilewxAMUEkPhXkCs_RqDWpRbwMOY7U-kbbin-vOWx6gFSbx7tryGGVJQhTDpPPEJ1YsxWjVt&sig=Cg0ArKJSzKGoLz_RyysBEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 18BE 68 B
94 B 7ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 14:37:06 GMT
x-content-type-options: nosniff
age: 429188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 14:37:06 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/ Frame 18BE 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2a4352595bb834d956d7ae260ecf56b9f1b9785b46f3314ed7b82ef506b2f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 360627091892979634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:47:25 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame 18BE 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:46:31 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18BE 118 KB
36 KB 41ms
32ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 18BE 0
0 16ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRP4afeNz4T5OzjCZcfuzXizFntOxq8_hUJLHxIHmociFuH3DT6q1VkaKnkp-CpwfoksxTc
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 94A1 0
0 44ms
42ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-mvbxkF6Yx-JRnPWVWgHeh12wOdpQqaAjCFRcGEj7rFYFP-LRa20Jv0jsI7SXR5EBi2G5c8-wBoOmgI9txjUMSMv98qLM0idx93iHWE2H7J5_3SHVtWC4DYBpVc3-i5xPO6zLaquIi4Dg8QyhKbPEe9p2v-FfTSW5Mml6_5Z_lBWydtHga-c06twOZK36Dv8pN4tDlLElS97bzXNRQhB5TVEFIsAcB6MrsAzEDseZJICBVWre98_V8V0Xt7rWEgoFH5JgotB9fD1wN4_L_Edc2NmlGVkVhh4MSaCXYFTFJS-8Dw&sai=AMfl-YRv60-5s91wdBNVvs8pqhaWwojDpWl-UUrdSzZSL7ARWOqY-9KqMNeQF57gLVwT4_juSDCqNYXV_tak&sig=Cg0ArKJSzNRpPi33PvfXEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/ Frame 94A1 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2a4352595bb834d956d7ae260ecf56b9f1b9785b46f3314ed7b82ef506b2f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 360627091892979634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:47:25 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame 94A1 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:46:31 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94A1 118 KB
36 KB 34ms
29ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H3-Q050 200 13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 94A1 3 KB
3 KB 14ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13503232906761715217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 14:37:07 GMT
x-content-type-options: nosniff
age: 429187
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3270
x-xss-protection: 0
last-modified: Wed, 23 May 2018 04:43:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 14:37:07 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A7EF 0
0 44ms
41ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst71t63Bgk7FI9EW86F-7IORfZF_kxaCNMn0h2upUrNjFhcigbUSXgub_lss8AxS1hObjG74A2hlcybjeB08rntr7ppplbiteasb-c9yjDyMC5qiC49J5c_pJCUBejvSTwa8S2Kpx1eWlC5tzsstmrOjWkhE2WkSZ3ggTLo9aBaw9nrF0J-JoFtGfT2zYmnXfOoLw1xa1aW2Zj1mqnMrpRUoUZA5T-_I448nsE5AWLkZWgbYwjd1XpGbZzuePLLKZgJAmQh_DikcHm8SwzR0tpYjbRePLtdpLBOQkWFvrG5vxTQvA&sai=AMfl-YRNYhemyZs4atdQAf_XClcIWG8i7xw4s35SWoP1pwiHSZLvfWqpHONtnu3rgx6xgVUVC1ax2OKeyhSt&sig=Cg0ArKJSzOPdbLUeM0GeEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=310324cfa5bc6eeeeb75bd5cff4bff7c-1617717008

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame A7EF 68 B
94 B 9ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
age: 359196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 10:03:38 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/ Frame A7EF 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2a4352595bb834d956d7ae260ecf56b9f1b9785b46f3314ed7b82ef506b2f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 360627091892979634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:47:25 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/ Frame A7EF 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210401/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 13:46:31 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7EF 118 KB
36 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame A7EF 0
0 16ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTdY4n3sOWIB7Cc0m9UoEw5YGK7MwG73D_A5vCVl5zPEFo7TqNHLKdjJ0ZlgbYqGRTxIuSU
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 12ms
11ms Script
application/javascript 2600:9000:2182:f400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:f400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hQDJIZwJWrviezp1bF9091Jf9LSRyY9_
content-encoding: gzip
etag: W/"931051f801612c3a0e2782961ac3d56c"
last-modified: Mon, 15 Mar 2021 14:07:26 GMT
server: AmazonS3
age: 3330
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 06 Apr 2021 12:54:45 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: duTb-Sa2AnNsL_w3GyR_XvnJ2m1t_QrLqArfhX25K4GQJ2Iomc0h3Q==

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=7546337079938510754
dpm.demdex.net/ Frame 10D3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7546337079938510754

42 B
915 B

33ms
33ms

Image
image/gif

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=7546337079938510754

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0102ce00c.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 3S/LNyztT2g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:14 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.80:80
AN-X-Request-Uuid: ff503970-faa0-4668-afbf-79db55296d22
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=7546337079938510754
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/ Frame 44BD
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1617717014348&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1617717014348%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1617717014348&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true

0
80 B

198ms
197ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1617717014348&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:15 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: YoCw5g1JcxaA18x9mysAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: /Zy32w1Jcxagv2pIOSsAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 731CFB427F0649FAAC00C38CD07A73DF Ref B: FRAEDGE1107 Ref C: 2021-04-06T13:50:14Z
x-frame-options: sameorigin
date: Tue, 06 Apr 2021 13:50:15 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1617717014348&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1104 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72302ee94bcc0f9206b3c0cdf1f1720bf7bc037a638a44bace6e5295852b2ef2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 2313 46 KB
13 KB 104ms
47ms Script
application/javascript 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1664530819&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e0-96df-11eb-bfee-0a6fa201f3de
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ad3f8a061d16dfba7ca8b57bc3ad42f6d2380aec36fdf6592727dd499e6edf2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-server-name: app01.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 5B62 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf7672bb8b9dfd8d72a52a5533ae39dee113595f1bdc2a1b27bd437421e82653

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 5DF0 46 KB
13 KB 91ms
51ms Script
application/javascript 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|3&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=500022270&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e1-96df-11eb-bfee-0a6fa201f3de
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3672a5d778e5f041079dac076cb72d82760aa9ea821e3981198a8eccec399426

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-server-name: app11.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 84AE 35 KB
14 KB 104ms
26ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13758
x-xss-protection: 0
server: cafe
etag: 4262303240453495685
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1104 0
0 63ms
49ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst907knLIdRkSA8HUx9rgFa5rxxG6mvncSr8OfVdUCm2i_6iUlYc3-EpFULSW1vMNuF86YyRYvu5_OPS-UjHtf950Jk_8_CS2WcudhrGhfdR6xGRe4XxbEkYSUaeIUivhyvWCLy_0I9DOFJZpcc0OvTUl34rzJZ9b6BrxLdKNTX23NqiSydaznTjdm3PDg79AkRqeqNoZtA5Y8XddKX2xN8O2KAJ81enVi2oiVzpdcz6ooVD_yR5JHZcri8ICoZpFk3JrDO5UwYcHcG0Ngwezg5rApLic7iZ5YTwUTJxcfKGkvOrj1H&sai=AMfl-YRao0c8CbzPw36audN6Lpm_zK5kjqV2zoVsxbnXYPb3RC0uptUmajtojO-m0A1dWXKTTF5XXdwst7DO&sig=Cg0ArKJSzHoH5-w_PKpyEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B62 0
0 57ms
48ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6Agxl5UyRBY8Jn4lAHwNAeb3njLvtn0Y_Jm8JzT4wQfmYu-e2aPDEZHSCN45UoHp5UHw799TtUT4rKaAb8u_56AkIqSC-Xngp2KRf5PhBq90DMMYx2Vf-Nw_IUw57Xbv267U_Nu0aupQzVFfyLOARPrHa23t_WXub6mf_O8RHex3Nq4Z87hKa-awRc67Y9yZ_WqmKcEwIg5QXBMzArdZ9ySiXSN4-aCofucxpZ8Gmn8ZhLCGAWZS7wQsKKJYpuutEvQVVCe7YpNApffPbbE7QzYnTBDykb8CBUGHyu-FqTPLyihYc&sai=AMfl-YSvNUsr8Qxw1wgCBOHsEgpS1SdHqJzCmEn19764WnnXUocS09eOUnrd37pjAoUhIl-p8YFVLegPDgST&sig=Cg0ArKJSzJWL3xNyt5EuEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame A7EF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 387d7ea117e992462abbb51223c83d518c31ea550c2a5714aee2a79a85a30cf9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 64BE 46 KB
13 KB 43ms
43ms Script
application/javascript 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1200041157&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e5-96df-11eb-bfee-0a6fa201f3de
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 647dadf9fbf08e25f352a527e6030c468bc072046190698084bd98289bb4b206

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-server-name: app22.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame D097 35 KB
14 KB 39ms
18ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13758
x-xss-protection: 0
server: cafe
etag: 4262303240453495685
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 13:50:14 GMT

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 18ms
18ms Script
application/javascript 2600:9000:2182:f400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:f400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b689f9336eb88422c19d850a1d0be9f7de7d074d90bbdba3ff0d9e0c9d6cec8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3Qw6DQDVFUZCSDrDFmOeCKW8F44DRP_I
content-encoding: gzip
etag: W/"97b4809e7ffd68b074af09fcfedd5d63"
last-modified: Tue, 06 Apr 2021 11:18:04 GMT
server: AmazonS3
age: 399
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Tue, 06 Apr 2021 13:43:36 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: FXDIzJI7sN5y3pfRhCpGXFcIYQg_qsmMKpby8hxNn7mRTfzCAGuuBA==

GET
DATA 200
OK truncated
/ Frame 94A1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b9d65d4a052f122faad1f222f9c000d5deeb9f0736d48b9a0500a88d7c42806

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 6437 46 KB
13 KB 32ms
31ms Script
application/javascript 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=394379399&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e4-96df-11eb-bfee-0a6fa201f3de
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b6b669efac6bebcac342c55fc5ef9a85f81451defd72f2429ad57203a13f5a1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-server-name: app02.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 5B58 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30f2205699a31f58989bd57f1ddcd23ebdafe114698e10cbc5362169ba824318

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame D7D8 46 KB
13 KB 36ms
34ms Script
application/javascript 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=770797985&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e2-96df-11eb-bfee-0a6fa201f3de
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c7e2f31897fbfe5e4033f51250834a8b1b309ab47d19a441035efa74a3c8824d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-server-name: app20.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B58 0
0 42ms
41ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZwFSV1Nt1BAFUPv36wCQOvI3KP9XUEM-ritah6keRJpW2JkHG_536iLW2zwopcW5nVpDdwOsHgaHANTkuOeabT3z-6S1OKt1IyaxDZd9EuFQL6uFB5d9lxzSUBAW476RnNHX4v_b_aPKHuZwtHyPjx6wOpiUHQKP7s26qS9tvH1H7etbqMy459DIXBMe3mrCaym51eVPiUU-RfUYMkauQcN2nkioPjPov7sSK0IGNgbmmNqu-OgP9fzrZvQWNfgRzMFzJTx10XO14tDt0YKzXaqUbImiQAhqUP1dmWC8ansJTZkeV&sai=AMfl-YSLJwjj0kEBYzjVbUb4JRPo3a8_DwvVgWWNNV1zqUCHHDpgPGjA4P5xk_7KdCWtIoRwKkYgdU22OSkX&sig=Cg0ArKJSzALSxmOR__UGEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 18BE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cae36503bf24c56dcd1e6692a02de02c3b7fafbe4091ddab0117343bea16ddcf

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame F9C4 46 KB
13 KB 30ms
29ms Script
application/javascript 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1180391997&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e3-96df-11eb-bfee-0a6fa201f3de
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c7b7b46054f9b25db61862123c46fa13d3d36273f0d4d370ca98b7c652d4069

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-server-name: app23.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=4246001032646500585
dpm.demdex.net/ Frame 10D3
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4246001032646500585

42 B
915 B

34ms
34ms

Image
image/gif

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=4246001032646500585

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-01e477a11.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: OfwrkTuPTXY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=4246001032646500585
pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 94A1 0
0 41ms
41ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcv93m1IXapYCkgSeioH0NrdAOmLT9V7ZM4pTRuhPloQvZuncihKwYIBBheBriXqzR9Oku5OW0suG4NITWoOOMzcFFPWIHl9ps2U7U122ScDigkv1CJcGnMXFGd_IlhWJmVunQp-AR69bdOm615v79DpaKOtaKhUvN-RkadASDXfK-MjRGqsSHRNke5ksv0mawK7N1HAHv4lHy2VoVPJ6zEwJcEpFTwo43V_BL5XEpqQTOYKizLjc-l8_70RvxNGw6OQ4wLXyR4MQaqJIX829ydQLCyJ17mYKfoxkjkGEocSE5x96k&sai=AMfl-YRKRGX4r0v8QCakkDonsQXVA6IsV3XVRLsJRLGv_OR35q5zTdt-M4J-vZcJ3-Gud-amhwFlhvDUHlJz&sig=Cg0ArKJSzPkDxMFULbOSEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A7EF 0
0 43ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6waM-3g2wQt3n03QvsVPYoq_PPpmDW98Kj44e7cBRUhwqU_G0KJLuQEZGRMKHpjn6tUfhEW37XoL8mGggpHZlYAlgtVgRoAr5w5M63u_msnF0Tm52x4g724a1iFpqFtbkcz12vNR6TGE-zt9vX9QU6j6DG-XKzBCwRqxH-uCXTrlX3-SP-sx0HCz10eLOdFtd6iT2Srj2fwBzjkyC-nM6fOLkHpM17tzybc61kF0-WI8xDoDihltc0Lqh3Wwa4mmyLdnDW6DCrMXI2NTLANpHSoi6SpsjfOjyfg1ztqrHC9Cf1UYe&sai=AMfl-YTTxGAEG8RoMqmWZds8kyXxTRmaEjTp3fwLu1HSmvm9QvYmS32krkDi5OaIXGbSo88EivqwZ6I9K9wD&sig=Cg0ArKJSzDQLgxRipuNFEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 18BE 0
0 43ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOy_ofQgcI0LmrXxhSAzgC40fcqADA4avZDJmusDmleyY6rdO7o7SYDl9sra8Mdou9Y7dhmsmdSRqQP15F8Nz7bFBa6ifJv7rxoBa_D5souUXmXICHuAFFTL_8yDe6Dq6_SKrvxqS8yHoxUEx2F3wWxPWCRipSIq7FbVWSisIj3etvuvYnrFj7ZGju53kfqYxAqYfPoWgOMj9tb9k_Y0RMRB1z5zECaWGuRC_n1UisedA8kvEPdCoKr3qHSIt3zZUcguQL6NKI0reBqqucl6n7-xZT3nOmbTcrq9_v7PRrGwo6UBZ7&sai=AMfl-YQA3sr0NfTZzBAO1zTWXSjW09ieKGme4HlPvwXUNOuefd4ykONexi3iHfgOAiIBtuA4Owuf73B8Ryk8&sig=Cg0ArKJSzHtfQH7fFFvDEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET 18f312ed
login.newscorpaustralia.com/akam/11/ Frame CF4F 0
0

GET 2235f3c37a6ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame CF4F 0
0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 83E1 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1617717014582&cv=9&fst=1617717014582&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29cffe5e2f395642ab46e6da4f0ca731490bf7cbea49fc4be63f6ccaad8844de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 976
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.gr.19.8.188.js Show response
static.adsafeprotected.com/ Frame 2313 182 KB
58 KB 142ms
80ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1664530819&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e0-96df-11eb-bfee-0a6fa201f3de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:54 GMT
server: nginx/1.16.1
etag: W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.188.js Show response
static.adsafeprotected.com/ Frame 5DF0 182 KB
58 KB 104ms
53ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|3&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=500022270&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e1-96df-11eb-bfee-0a6fa201f3de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:54 GMT
server: nginx/1.16.1
etag: W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.188.js Show response
static.adsafeprotected.com/ Frame 64BE 182 KB
58 KB 31ms
30ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1200041157&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e5-96df-11eb-bfee-0a6fa201f3de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:54 GMT
server: nginx/1.16.1
etag: W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame D097 2 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1617717014596&cv=9&fst=1617717014596&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f0b5ef00f614eff2b95a282db04df3843d5b421ddbf5acfab68ebf6a0ec9f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1019
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 84AE 2 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1617717014600&cv=9&fst=1617717014600&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22957eb25ed393b0170229c1233dba07efa6e7c7fa3fcac7b12eb4b2272734b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1020
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.gr.19.8.188.js Show response
static.adsafeprotected.com/ Frame 6437 182 KB
58 KB 46ms
45ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=394379399&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e4-96df-11eb-bfee-0a6fa201f3de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:54 GMT
server: nginx/1.16.1
etag: W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 176 KB
51 KB 19ms
18ms Script
application/javascript 2600:9000:2182:f400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:f400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 984af48e7efc952d96c92943d3dc213bfc599182fac15dfb9409eaa655b38f34

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 06 Apr 2021 13:05:20 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 14:07:26 GMT
server: AmazonS3
age: 2695
etag: W/"5040f47ea411a7f5e3c03138f192bc36"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: doo8zakPyk_h6a65dWBtLeBk97YNaGf5
via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: 3FYBil7fAOdWkt5KYrHUtLFDJJydO2NQh7YJsfGv2uI0cs818v-_GA==

GET
H2 200 main.gr.19.8.188.js Show response
static.adsafeprotected.com/ Frame D7D8 182 KB
58 KB 55ms
54ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=770797985&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e2-96df-11eb-bfee-0a6fa201f3de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:54 GMT
server: nginx/1.16.1
etag: W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.188.js Show response
static.adsafeprotected.com/ Frame F9C4 182 KB
58 KB 36ms
34ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1180391997&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e3-96df-11eb-bfee-0a6fa201f3de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:54 GMT
server: nginx/1.16.1
etag: W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame 83E1 42 B
112 B 20ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1617717014582&cv=9&fst=1617714000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=2002293591&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859754747/ Frame 83E1 42 B
154 B 23ms
22ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859754747/?random=1617717014582&cv=9&fst=1617714000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=2002293591&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 10D3 0
214 B 335ms
22ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=34988654886707717811519152965927344553&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEPNYaTOvhmtY6fdUs0kUHjM&google_cver=1
dpm.demdex.net/ Frame 10D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzQ5ODg2NTQ4ODY3MDc3MTc4MTE1MTkxNTI5NjU5MjczNDQ1NTM=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNYaTOvhmtY6fdUs0kUHjM&google_cver=1?gdpr=0&gdpr_consent=

42 B
915 B

33ms
33ms

Image
image/gif

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNYaTOvhmtY6fdUs0kUHjM&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0cdd441e7.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 4/d+j5F4TUI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNYaTOvhmtY6fdUs0kUHjM&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 11AB 82 KB
22 KB 30ms
30ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 1650264
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 31ms
31ms Image
image/gif 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|3&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=500022270&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e1-96df-11eb-bfee-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:c8001bad-9943-ae3f-3b57-de9f5cd1453a,c:9163ng,sl:outOfView,em:true,fr:true,mn:app11ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.10108.1.1,am:i,cc:800.10108.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:stOfJmL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h*.10507%7C1h1%7C1i1%7C1j1%7C1k1%7C1l1%7C1m,idMap:1h*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:176,oid:0372f142-96df-11eb-af4a-024bf4a6d028,v:19.8.188,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/820018408/ Frame 84AE 42 B
66 B 21ms
21ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/820018408/?random=1617717014600&cv=9&fst=1617714000000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3552738562&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/820018408/ Frame 84AE 42 B
66 B 42ms
27ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/820018408/?random=1617717014600&cv=9&fst=1617714000000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3552738562&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame D097 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1617717014596&cv=9&fst=1617714000000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=390332303&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/707564276/ Frame D097 42 B
530 B 36ms
27ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707564276/?random=1617717014596&cv=9&fst=1617714000000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3o0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=390332303&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 0BAE 82 KB
22 KB 30ms
30ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 1652575
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 31ms
31ms Image
image/gif 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1664530819&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e0-96df-11eb-bfee-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:1cbfbff1-2a3e-95fe-e6ac-7e2d5b77d697,c:9163os,sl:outOfView,em:true,fr:true,mn:app01ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:stOfJmJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h1%7C1h2%7C1i1%7C1j1%7C1k1%7C1l1%7C1m,idMap:1g*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:251,oid:0372f1e8-96df-11eb-957d-06d8cca89c2a,v:19.8.188,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 0AA4 12 KB
4 KB 13ms
12ms Document
text/html 2600:9000:2182:f400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:f400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
last-modified: Mon, 15 Mar 2021 14:07:25 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: CQNsfisV0FRFvEwJtnSHt.sxZ.rmJ_Zz
server: AmazonS3
content-encoding: gzip
date: Tue, 06 Apr 2021 13:14:22 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ub5VA8gPFEJcG7ouyOTztIGYn9F2VW_TEu95PJVLQHGTigoE_DEdEg==
age: 2153

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 299ms
98ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=c8001bad-9943-ae3f-3b57-de9f5cd1453a&tv=%7Bc:9163oP,pingTime:-2,time:272,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:182,beZ:182,mfA:336,cmA:337,inA:337,inZ:341,prA:341,prZ:350,si:357,poA:358,poZ:401,cmZ:401,mfZ:401,loA:421,loZ:423,ltA:453,ltZ:453%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:175%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:272,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:175,wc:0.0.1600.1200,ac:800.10108.1.1,am:i,cc:800.10108.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B115~0%5D,as:%5B115~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g.10507%7C1g1%7C1h*.10507%7C1h1%7C1i1%7C1j1%7C1k1%7C1l1%7C1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-728x90-3%5D,sinceFw:96,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt48.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=fdf9d5b3-84d1-477f-971a-f682250cfdd8
dpm.demdex.net/ Frame 10D3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=fdf9d5b3-84d1-477f-971a-f682250cfdd8

42 B
915 B

33ms
33ms

Image
image/gif

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=fdf9d5b3-84d1-477f-971a-f682250cfdd8

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0f7d3543d.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: I0D4e/k8QgY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=fdf9d5b3-84d1-477f-971a-f682250cfdd8
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 2A56 82 KB
22 KB 30ms
30ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 1650264
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 31ms
31ms Image
image/gif 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1200041157&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e5-96df-11eb-bfee-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:da6a664e-c464-3fd5-67b2-23d19ec7b3c7,c:9163p7,sl:outOfView,em:true,fr:true,mn:app22ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.3007.1.1,am:i,cc:800.3007.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:stOfJmN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1j1%7C1k1%7C1l*.10507%7C1l1%7C1m%7C1n,idMap:1l*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:288,oid:0376e98a-96df-11eb-96a6-06da572054ee,v:19.8.188,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame CD1B 82 KB
22 KB 30ms
30ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 1651165
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 34ms
33ms Image
image/gif 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=394379399&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e4-96df-11eb-bfee-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:61133389-a5a3-e06f-5a65-d8535dafe8f1,c:9163pl,sl:outOfView,em:true,fr:true,mn:app02ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.10149.10.10,am:i,cc:795.10149.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:stOfJmV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1j1%7C1k*.10507%7C1k1%7C1l1%7C1l2%7C1m%7C1n,idMap:1k*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:294,oid:037b2f0b-96df-11eb-a3bd-02c790015d1e,v:19.8.188,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 149D 82 KB
22 KB 30ms
30ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 1652575
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 32ms
32ms Image
image/gif 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=770797985&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e2-96df-11eb-bfee-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:95dd70b1-32e7-a501-d5c3-9d5edd7ad41b,c:9163pv,sl:outOfView,em:true,fr:true,mn:app20ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:stOfJmY+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i*.10507%7C1i1%7C1j1%7C1k1%7C1k2%7C1l1%7C1l2%7C1m%7C1n,idMap:1i*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:302,oid:037e3c4c-96df-11eb-8fe8-02467abe7cd0,v:19.8.188,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-server-name: app28.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame D0A6 82 KB
22 KB 30ms
29ms Script
application/javascript 52.16.188.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.188.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:14 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 1650696
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 35ms
34ms Image
image/gif 52.211.22.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1180391997&custom=homepage&custom3=168400391&adsafe_par&impId=033f85e3-96df-11eb-bfee-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:170a7147-dfdf-fbe9-761d-ec1060d2db42,c:9163pG,sl:outOfView,em:true,fr:true,mn:app23ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.9068.1.1,am:i,cc:1274.9068.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:stOfJn2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k1%7C1k2%7C1l1%7C1l2%7C1m%7C1n,idMap:1j*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:309,oid:03801145-96df-11eb-b00d-0ad2739237b2,v:19.8.188,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:14 GMT
x-server-name: app34.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 242ms
99ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=1cbfbff1-2a3e-95fe-e6ac-7e2d5b77d697&tv=%7Bc:9163pM,pingTime:-2,time:333,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:196,beZ:197,mfA:440,cmA:440,inA:440,inZ:441,prA:441,prZ:444,si:447,poA:447,poZ:450,cmZ:450,mfZ:450,loA:472,loZ:473,ltA:528,ltZ:528%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:251%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:333,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:251,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B88~0%5D,as:%5B88~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h1%7C1h2%7C1i1%7C1j1%7C1k1%7C1l1%7C1m,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:81,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt49.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 100ms
98ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=da6a664e-c464-3fd5-67b2-23d19ec7b3c7&tv=%7Bc:9163ql,pingTime:-2,time:364,type:a,im:%7BpBlk:292,sf:0,pom:1,prf:%7BbeA:117,beZ:118,mfA:399,cmA:399,inA:399,inZ:400,prA:400,prZ:403,si:405,poA:405,bl:409,poZ:409,cmZ:409,mfZ:409,loA:453,loZ:454,ltA:481,ltZ:481%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:288%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:364,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:288,wc:0.0.1600.1200,ac:800.3007.1.1,am:i,cc:800.3007.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l*.10507%7C1l1%7C1m%7C1n,idMap:1l*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_5,google_ads_iframe_/5129/ndm.hwt/home_5__container__,ad-block-728x90-2,newscorpau_ads-168%5D,sinceFw:76,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 102ms
99ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=61133389-a5a3-e06f-5a65-d8535dafe8f1&tv=%7Bc:9163qn,pingTime:-2,time:358,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:100,beZ:101,mfA:388,cmA:389,inA:389,inZ:390,prA:390,prZ:392,si:394,poA:394,poZ:398,cmZ:398,mfZ:398,loA:438,loZ:439,ltA:458,ltZ:458%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:10,h:10,t:294%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:358,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:294,wc:0.0.1600.1200,ac:795.10149.10.10,am:i,cc:795.10149.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B69~0%5D,as:%5B69~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1l2%7C1m%7C1n,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-1000x50-1%5D,sinceFw:64,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt57.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 103ms
101ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=95dd70b1-32e7-a501-d5c3-9d5edd7ad41b&tv=%7Bc:9163qo,pingTime:-2,time:356,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:86,beZ:87,mfA:381,cmA:381,inA:381,inZ:382,prA:382,prZ:385,si:387,poA:387,poZ:390,cmZ:390,mfZ:390,loA:424,loZ:424,ltA:442,ltZ:442%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:301%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:356,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1l2%7C1m%7C1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:54,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt31.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 103ms
100ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=170a7147-dfdf-fbe9-761d-ec1060d2db42&tv=%7Bc:9163qq,pingTime:-2,time:354,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:72,beZ:72,mfA:373,cmA:374,inA:374,inZ:375,prA:375,prZ:378,si:380,poA:380,poZ:384,cmZ:384,mfZ:384,loA:411,loZ:411,ltA:426,ltZ:426%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:308%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:355,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:308,wc:0.0.1600.1200,ac:1274.9068.1.1,am:i,cc:1274.9068.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k.10507%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1l2%7C1m%7C1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22%5D,sinceFw:45,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt67.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 404
Not Found usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 10D3 0
0 72ms
26ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 0AA4 44 B
530 B 98ms
33ms Image
image/gif 54.246.217.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=vrqoifp0xs5ycwwpmoydlll67x8jt1617717014&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.587&retry=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.217.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
vrqoifp0xs5ycwwpmoydlll67x8jt1617717014.nuid.imrworldwide.com/ Frame 0AA4 35 B
349 B 33ms
6ms Image
image/gif 2600:9000:211e:de00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrqoifp0xs5ycwwpmoydlll67x8jt1617717014.nuid.imrworldwide.com/
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:de00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 06:35:28 GMT
via: 1.1 8e83c42d247a31c5b365c08a0352d8f9.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 32522
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 35
x-amz-cf-id: avV49MaVokZuR8BGVdSZ_ofxWCs3EkD85a4t9Tv4uuzirapr1osDNg==

GET 18f312ed
login.newscorpaustralia.com/akam/11/ Frame 0EB5 0
0

GET 2235f3c37a6ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 0EB5 0
0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 102ms
100ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=c8001bad-9943-ae3f-3b57-de9f5cd1453a&tv=%7Bc:9163rw,time:439,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:439,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:175,wc:0.0.1600.1200,ac:800.10108.1.1,am:i,cc:800.10108.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B282~0%5D,as:%5B282~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g.10507%7C1g1%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l.10507%7C1l1%7C1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt66.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 101ms
99ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=1cbfbff1-2a3e-95fe-e6ac-7e2d5b77d697&tv=%7Bc:9163ry,time:443,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:443,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:251,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B198~0%5D,as:%5B198~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l.10507%7C1l1%7C1m,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt65.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 192ms
190ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=da6a664e-c464-3fd5-67b2-23d19ec7b3c7&tv=%7Bc:9163rB,time:442,type:e,im:%7BpWait:13%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:442,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:288,wc:0.0.1600.1200,ac:800.3007.1.1,am:i,cc:800.3007.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B159~0%5D,as:%5B159~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l*.10507%7C1l1%7C1m%7C1n,idMap:1l*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt64.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 193ms
190ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=61133389-a5a3-e06f-5a65-d8535dafe8f1&tv=%7Bc:9163rC,time:435,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:435,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:294,wc:0.0.1600.1200,ac:795.10149.10.10,am:i,cc:795.10149.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B146~0%5D,as:%5B146~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1l2%7C1m%7C1n,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt59.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 193ms
191ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=95dd70b1-32e7-a501-d5c3-9d5edd7ad41b&tv=%7Bc:9163rE,time:434,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:434,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B138~0%5D,as:%5B138~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1l2%7C1m%7C1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt58.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 192ms
191ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=170a7147-dfdf-fbe9-761d-ec1060d2db42&tv=%7Bc:9163rF,time:431,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:431,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:308,wc:0.0.1600.1200,ac:1274.9068.1.1,am:i,cc:1274.9068.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B128~0%5D,as:%5B128~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:stOfJmN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k.10507%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1l2%7C1m%7C1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt60.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 campaigns Show response
resourcesssl.newscdn.com.au/indies/ 6 KB
2 KB 30ms
29ms XHR
application/json 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by: Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash: 6d81f2cbf98a99bf968f4a56d7764f0b75051d1cf9aabb4515481ef2fbebf6d6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Apr 2021 13:50:15 GMT
content-encoding: gzip
etag: W/"1856-Jl0zJpoiMoclazUXDZR7IKybNE4"
x-powered-by: Express
x-cache-hits: 0
content-length: 1819
x-served-by: cache-cdg20766-CDG
server: Google Frontend
x-timer: S1617591767.313410,VS0,VE254
x-i: true
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 7af1278e1e55f78fd20493e486613de2
cache-control: private, max-age=479496
function-execution-id: m8uh5h3qyk7b
accept-ranges: bytes
x-orig-accept-language: en-US,en;q=0.9
x-country-code: DE
expires: Mon, 12 Apr 2021 03:01:51 GMT

OPTIONS
H2 204 campaigns
resourcesssl.newscdn.com.au/indies/ Frame 0
0 516ms
516ms Preflight
text/html 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol: H2
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-type: text/html
function-execution-id: x6hylr6gret7
server: Google Frontend
x-cloud-trace-context: 02c191216563db88ea35c8af2db02774
x-country-code: DE
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
x-served-by: cache-cdg20776-CDG
x-cache-hits: 0
x-timer: S1617717015.085827,VS0,VE476
cache-control: private, max-age=604746
expires: Tue, 13 Apr 2021 13:49:21 GMT
date: Tue, 06 Apr 2021 13:50:15 GMT
x-i: true

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=YGxnF8qyHcELqIFYOQOIZwAA%261122
dpm.demdex.net/ Frame 10D3
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YGxnF8qyHcELqIFYOQOIZwAA%261122

42 B
915 B

32ms
32ms

Image
image/gif

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YGxnF8qyHcELqIFYOQOIZwAA%261122

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-09c796a99.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: GCCPW1xCRL8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YGxnF8qyHcELqIFYOQOIZwAA%261122
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 264
Expires: Tue, 06 Apr 2021 13:50:15 GMT

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-232ad95515dca6284384e12bf41c0692
dpm.demdex.net/ Frame 10D3
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=34988654886707717811519152965927344553&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-232ad95515dca6284384e12bf41c0692

42 B
915 B

32ms
32ms

Image
image/gif

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-232ad95515dca6284384e12bf41c0692

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0cee1bea5.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: wWdqCjbvSf8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-232ad95515dca6284384e12bf41c0692
Date: Tue, 06 Apr 2021 13:50:15 GMT
useSecure: true
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 4D03 0
182 B 96ms
37ms Document
text/html 54.72.253.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.253.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-253-164.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=fdf9d5b3-84d1-477f-971a-f682250cfdd8; TDCPM=CAESEgoDYWFtEgsI1urZg57DvDkQBRgFIAEoAjILCMjDgrC0w7w5EAU4AQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Tue, 06 Apr 2021 13:50:15 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 104ms
98ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=c8001bad-9943-ae3f-3b57-de9f5cd1453a&tv=%7Bc:9163v7,pingTime:-10,time:662,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1617717015252%7C%7C696b395cb6d78add88027692fae2a65d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C87975c578b881f9c10269305519fe555%7C%7Cbe32cf35c37bdfd1052bf054f7e13d76%7C%7C32b459ecb44ff66a48829fa115e68623%7C%7Cacd6ed3fa978c802e06b77405a2c58e6%7C%7C159278d843a37a8bb5829cdc1fa710b8%7C%7C1614879537,ch:n%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 0666 0
181 B 29ms
29ms Document
text/html 54.72.253.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.253.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-253-164.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=fdf9d5b3-84d1-477f-971a-f682250cfdd8; TDCPM=CAESEgoDYWFtEgsI1urZg57DvDkQBRgFIAEoAjILCMjDgrC0w7w5EAU4AQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Tue, 06 Apr 2021 13:50:15 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 10D3
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=34988654886707717811519152965927344553&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
933 B

32ms
32ms

Image
image/gif

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0703020c7.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: q5sw8wYUQ2g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Tue, 06 Apr 2021 13:50:15 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 100ms
99ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=da6a664e-c464-3fd5-67b2-23d19ec7b3c7&tv=%7Bc:9163wB,pingTime:-10,time:752,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1617717015252%7C%7C696b395cb6d78add88027692fae2a65d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C87975c578b881f9c10269305519fe555%7C%7Cbe32cf35c37bdfd1052bf054f7e13d76%7C%7C32b459ecb44ff66a48829fa115e68623%7C%7Cacd6ed3fa978c802e06b77405a2c58e6%7C%7C159278d843a37a8bb5829cdc1fa710b8%7C%7C1614879537,ch:n,sca:%7Bspg:c8001bad-9943-ae3f-3b57-de9f5cd1453a%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt30.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 100ms
99ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=95dd70b1-32e7-a501-d5c3-9d5edd7ad41b&tv=%7Bc:9163x1,pingTime:-10,time:767,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1617717015252%7C%7C696b395cb6d78add88027692fae2a65d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C87975c578b881f9c10269305519fe555%7C%7Cbe32cf35c37bdfd1052bf054f7e13d76%7C%7C32b459ecb44ff66a48829fa115e68623%7C%7Cacd6ed3fa978c802e06b77405a2c58e6%7C%7C159278d843a37a8bb5829cdc1fa710b8%7C%7C1614879537,ch:n,sca:%7Bspg:c8001bad-9943-ae3f-3b57-de9f5cd1453a%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt43.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 10D3
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=34988654886707717811519152965927344553
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=34988654886707717811519152965927344553

0
337 B

341ms
28ms

Image
text/plain

52.51.159.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=34988654886707717811519152965927344553
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.159.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1617717016
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=34988654886707717811519152965927344553
date: Tue, 06 Apr 2021 13:50:15 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a007-ash-prod.krxd.net

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 100ms
100ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=1cbfbff1-2a3e-95fe-e6ac-7e2d5b77d697&tv=%7Bc:9163y1,pingTime:-10,time:844,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1617717015252%7C%7C696b395cb6d78add88027692fae2a65d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C87975c578b881f9c10269305519fe555%7C%7Cbe32cf35c37bdfd1052bf054f7e13d76%7C%7C32b459ecb44ff66a48829fa115e68623%7C%7Cacd6ed3fa978c802e06b77405a2c58e6%7C%7C159278d843a37a8bb5829cdc1fa710b8%7C%7C1614879537,ch:n,sca:%7Bspg:c8001bad-9943-ae3f-3b57-de9f5cd1453a%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt49.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=gKn%2F%2Fx9999eSpshQ
dpm.demdex.net/ Frame 10D3
Redirect Chain

https://tags.bluekai.com/site/43981?id=34988654886707717811519152965927344553&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=gKn%2F%2Fx9999eSpshQ

42 B
915 B

33ms
33ms

Image
image/gif

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=gKn%2F%2Fx9999eSpshQ

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-00d61124b.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 8+GOAdHJQCo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=gKn%2F%2Fx9999eSpshQ
Date: Tue, 06 Apr 2021 13:50:15 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 5352
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 28E3 31 B
652 B 1230ms
175ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 161
pragma: no-cache
last-modified: Tue, 06 Apr 2021 13:50:16 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 87a22725c0957e97abe182b3731dc84a
x-transaction: 00b6a27a00d7820a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 28E3 43 B
449 B 1233ms
178ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 164
pragma: no-cache
last-modified: Tue, 06 Apr 2021 13:50:16 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5359c8648ebee2e9844a90378deb7069
x-transaction: 0071c22d0095be26
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 10D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUd4bkZnQUFBRHROMHhIbA==

170 B
213 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUd4bkZnQUFBRHROMHhIbA==

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1617717016.630874,VS0,VE0
x-served-by: cache-fra19174-FRA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUd4bkZnQUFBRHROMHhIbA==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 969 B
737 B 27ms
26ms Stylesheet
text/css 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/style.css

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "617866c501ae2baecee3c33975ca8125d4935302e86a88dedf91278f1aec543e"
last-modified: Wed, 31 Mar 2021 03:16:05 GMT
x-timer: S1617160699.958975,VS0,VE1
x-i: true
x-served-by: cache-dca17771-DCA
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=1352
date: Tue, 06 Apr 2021 13:50:15 GMT
x-cache-hits: 1
accept-ranges: bytes
content-length: 406
expires: Tue, 06 Apr 2021 14:12:47 GMT

GET
H2 200 main.js Show response
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 3 KB
2 KB 30ms
30ms Script
text/javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/main.js

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "799b8c406ecbbc260dc9ac71c011202326bd9a557b155ba1707af12579eded3c"
last-modified: Wed, 31 Mar 2021 03:16:05 GMT
x-timer: S1617160699.960250,VS0,VE0
x-i: true
x-served-by: cache-dca17764-DCA
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1629
date: Tue, 06 Apr 2021 13:50:15 GMT
x-cache-hits: 2
accept-ranges: bytes
content-length: 1276
expires: Tue, 06 Apr 2021 14:17:24 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 99ms
99ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=170a7147-dfdf-fbe9-761d-ec1060d2db42&tv=%7Bc:9163Bq,pingTime:-10,time:1036,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1617717015252%7C%7C696b395cb6d78add88027692fae2a65d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C87975c578b881f9c10269305519fe555%7C%7Cbe32cf35c37bdfd1052bf054f7e13d76%7C%7C32b459ecb44ff66a48829fa115e68623%7C%7Cacd6ed3fa978c802e06b77405a2c58e6%7C%7C159278d843a37a8bb5829cdc1fa710b8%7C%7C1614879537,ch:n,sca:%7Bspg:c8001bad-9943-ae3f-3b57-de9f5cd1453a%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 10D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YGxnFgAAADtN0xHl&expires=90

0
239 B

21ms
20ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YGxnFgAAADtN0xHl&expires=90
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1617717016.696086,VS0,VE0
x-served-by: cache-fra19174-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YGxnFgAAADtN0xHl&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 10D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YGxnFgAAADtN0xHl

43 B
883 B

65ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YGxnFgAAADtN0xHl
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 06 Apr 2021 13:50:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1617717016.799586,VS0,VE0
x-served-by: cache-fra19174-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YGxnFgAAADtN0xHl
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 99ms
99ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=61133389-a5a3-e06f-5a65-d8535dafe8f1&tv=%7Bc:9163F6,pingTime:-10,time:1271,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1617717015252%7C%7C696b395cb6d78add88027692fae2a65d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C87975c578b881f9c10269305519fe555%7C%7Cbe32cf35c37bdfd1052bf054f7e13d76%7C%7C32b459ecb44ff66a48829fa115e68623%7C%7Cacd6ed3fa978c802e06b77405a2c58e6%7C%7C159278d843a37a8bb5829cdc1fa710b8%7C%7C1614879537,ch:n,sca:%7Bspg:c8001bad-9943-ae3f-3b57-de9f5cd1453a%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
x-server-name: dt33.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 10D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YGxnFgAAADtN0xHl

43 B
1 KB

14ms
13ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YGxnFgAAADtN0xHl

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Apr 2021 13:50:15 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.42:80
AN-X-Request-Uuid: c76c568a-71e0-4687-abb5-68cc20e04fa6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1617717016.897708,VS0,VE0
x-served-by: cache-fra19174-FRA
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YGxnFgAAADtN0xHl
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 10D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YGxnFgAAADtN0xHl
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YGxnFgAAADtN0xHl

43 B
180 B

16ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YGxnFgAAADtN0xHl
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.50 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:16 GMT
via: 1.1 google
server: OXGW/16.205.50
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YGxnFgAAADtN0xHl
date: Tue, 06 Apr 2021 13:50:16 GMT
via: 1.1 google
server: OXGW/16.205.50
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 99ms
99ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=1cbfbff1-2a3e-95fe-e6ac-7e2d5b77d697&tv=%7Bc:9163Hq,time:1427,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1427,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:251,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1182~0%5D,as:%5B1182~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:102,fm:stOfJmJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l.10507%7C1l1%7C1m,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:16 GMT
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 99ms
99ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=95dd70b1-32e7-a501-d5c3-9d5edd7ad41b&tv=%7Bc:9163Iu,time:1478,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1478,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1183~0%5D,as:%5B1183~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:101,fm:stOfJmN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1l2%7C1m%7C1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:16 GMT
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 10D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YGxnFgAAADtN0xHl

1 B
809 B

83ms
20ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YGxnFgAAADtN0xHl
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 13:50:16 GMT
X-lat: lhrpug014:0:331
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1617717016.104177,VS0,VE0
x-served-by: cache-fra19174-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YGxnFgAAADtN0xHl
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 10D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YGxnFgAAADtN0xHl&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YGxnFgAAADtN0xHl&img=1&__user_check__=1&sync_id=048a0b7b-96df-11eb-95a1-1a7ccaea4906

43 B
547 B

23ms
23ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YGxnFgAAADtN0xHl&img=1&__user_check__=1&sync_id=048a0b7b-96df-11eb-95a1-1a7ccaea4906
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 13:50:16 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 5
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 06 Apr 2021 13:50:16 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YGxnFgAAADtN0xHl&img=1&__user_check__=1&sync_id=048a0b7b-96df-11eb-95a1-1a7ccaea4906
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 94
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 10D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YGxnFgAAADtN0xHl&t=2592000&o=0

43 B
240 B

28ms
27ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YGxnFgAAADtN0xHl&t=2592000&o=0

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
x-fb-debug: olP8VjDcSmLtm96Y+u/txklgKe9aOeKOFEU1NsGbXCvdi92VxdxceYg8bGwaT49pAY+e21EChU3UTiE87V4y0w==
content-encoding: br
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 06 Apr 2021 06:50:16 PDT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
expires: Tue, 06 Apr 2021 06:50:16 PDT

Redirect headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1617717016.307811,VS0,VE0
x-served-by: cache-fra19174-FRA
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YGxnFgAAADtN0xHl&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=147592
dpm.demdex.net/ Frame 10D3
Redirect Chain

https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=ec446ca7-0c31-4714-9f9a-ad732a51c38f-tuct765ec96

42 B
915 B

33ms
33ms

Image
image/gif

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=147592?dpuuid=ec446ca7-0c31-4714-9f9a-ad732a51c38f-tuct765ec96

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0d27b2f4b.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: +zvSWAinSxs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

x-vcl-time-ms: 9
date: Tue, 06 Apr 2021 13:50:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1617717016.411237,VS0,VE9
x-cache: MISS
location: https://dpm.demdex.net/ibs:dpid=147592?dpuuid=ec446ca7-0c31-4714-9f9a-ad732a51c38f-tuct765ec96
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11546-HHN

GET
H/1.1

200
OK

ibs:dpid=461447&dpuuid=RX-85c2d461-e54b-40fe-b9fb-6985c2881f33-003
dpm.demdex.net/ Frame 10D3
Redirect Chain

https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1617717016568
https://sync.targeting.unrulymedia.com/csync/RX-85c2d461-e54b-40fe-b9fb-6985c2881f33-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-85c2d461-e54b-40fe-b9fb-6985c2881f33-003
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-85c2d461-e54b-40fe-b9fb-6985c2881f33-003

42 B
915 B

33ms
32ms

Image
image/gif

54.154.123.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-85c2d461-e54b-40fe-b9fb-6985c2881f33-003

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-123-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-03c9bda76.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Le5ePf5NTU8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 06 Apr 2021 13:50:16 GMT
Server: Tengine
ETag: RX85c2d461e54b40feb9fb6985c2881f33003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-85c2d461-e54b-40fe-b9fb-6985c2881f33-003
Connection: keep-alive
Content-Type: text/html

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 54D1 42 B
353 B 13ms
13ms Image
image/gif 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1617717017326&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1617717017325&et=1617717017326&if=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 13:50:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 10.2.80.148:80
Content-Length: 42
Content-Type: image/gif

GET
H3-Q050 200 dc_pre=CJiEp8Hh6e8CFQMLBgAdpX4AaQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1565510562737.4133
adservice.google.com/ddm/fls/z/ Frame 4E11 42 B
476 B 64ms
50ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJiEp8Hh6e8CFQMLBgAdpX4AaQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1565510562737.4133

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJiEp8Hh6e8CFQMLBgAdpX4AaQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1565510562737.4133?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 dc_pre=CO-Fp8Hh6e8CFVQcBgAdn_8AkQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2840590316216.738
adservice.google.com/ddm/fls/z/ Frame 377E 42 B
65 B 64ms
51ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO-Fp8Hh6e8CFVQcBgAdn_8AkQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2840590316216.738

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CO-Fp8Hh6e8CFVQcBgAdn_8AkQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2840590316216.738?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
336 B 34ms
33ms Image
image/gif 54.246.217.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=vrqoifp0xs5ycwwpmoydlll67x8jt1617717014&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16177170148517490&c30=bldv,6.0.0.587&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1617717014319&c3=st,c&c64=starttm,1617717016&adid=1617717014319&c58=isLive,false&c59=sesid,&c61=createtm,1617717016&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&c62=sendTime,1617717016&rnd=89852
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.217.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:17 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 49ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61b588f8b718b6c57142bf36a821a0c2e372e4634b8f4ae672e57b28408470dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Apr 2021 13:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6579
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 13:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 06 Apr 2021 13:50:17 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 068C 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 06 Apr 2021 13:49:54 GMT
expires: Wed, 06 Apr 2022 13:49:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 UnhshoEcEp7BUdiAp0L0lVvGOuovhfpkH6FMm_tLZKs.js Show response
pagead2.googlesyndication.com/bg/ Frame 068C 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UnhshoEcEp7BUdiAp0L0lVvGOuovhfpkH6FMm_tLZKs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52786c86811c129ec151d880a742f4955bc63aea2f85fa641fa14c9bfb4b64ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 01:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 44173
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5661
x-xss-protection: 0
expires: Wed, 06 Apr 2022 01:34:04 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 40ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=3783255733633764&bg=!2tml2Z3NAAY56aLOOek7ACkAdvg8Wrel-wNjZqbdR33EIw63kO69g3AFEMvp5riqGi_PIsOHXei6JwIAAABOUgAAAAxoAQcKAK57yqplYTJvLJS67xkyl9Dqvy7B-cxkxga2s7gdY-JXygO0VlZEA2BLsimKZv0471XkCIpsQkblyRWzD5Y67NbTLaYV0sXHriCRWpgxcSTKd7tgaCJyoEbqjKtItei285FJ3uTKw-s0zTxOpjMqRvy75oS4GjvJmFXdy4C8oHdI3tgKqLxUQ3bqMiT5nS7K24NOcEYsTXBH575aZaVmWYS6XK-GMxmngpoo9UzuAKqZAd1T0bRJO8V-fO19r-DXg9fQEKl5IsJPfvIcUJZ6j3QkAQhZMFxA5oeysymOxtj6EZp6bG7juLPmTgfb3pPjxQjkuvnEOUShU-gXmwtvL49IWrAYI6c7zFvCbadhfbS0qzJPpWtXOXgBR-V4oH6C9_RS3Pf-QaYUH75joxo5oeEGHVK-0L5eqIUkckWqHxOtPxi2stIWFatDd9q-8uqqS7RHJURsPTXjJiR0JofnRwFo03Lor2PQ-PSZyFmfN2WodIYntSjmOaHqhjUZyI9KsyDinv7Veh68Fp6Y4_s4W9IKVQxlgV2gBT9r5osLO0--W3BmDnkCAHopM5Rf368J2WGh1B4jzmmUVI1PmM0jKQqJBAOBCFnihUsSYIZH_VCLQHvSKeJ97zU6VJBQ90zQ1VtM5NID1aCCrtv-bUwOMp7qi9qMeQOe8BTaF1LUJ8yD1x5bE1QVliDhlxC4fqPrDIwzUb_pNsUCbUn9cM4nySKCgMYTiJN1F94zq1nR0Wuqc-G48FIA_omH8uVhyBHxkQLv9D30XLVPZYAswl_lNkbhQx_OFd_vOcbVqT8qjnuzT8Q9MVCh2W10EpR-DzSq993_JrzKycZzhnAPe5weU1K0nkYRpWQtHqcD3EnqIVM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 99ms
99ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=1cbfbff1-2a3e-95fe-e6ac-7e2d5b77d697&tv=%7Bc:9164K0,time:5431,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5431,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:251,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5186~0%5D,as:%5B5186~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:102,fm:stOfJmJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l.10507%7C1l1%7C1m,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:20 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 100ms
99ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=95dd70b1-32e7-a501-d5c3-9d5edd7ad41b&tv=%7Bc:9164L3,time:5481,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5481,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5185~0%5D,as:%5B5185~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:102,fm:stOfJmN+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b1%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1l2%7C1m%7C1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:20 GMT
x-server-name: dt51.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 204 perf Show response
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
296 B 22ms
21ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/perf?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:20 GMT
server: nginx
x-fastly-to-nlb-rtt: 16442
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.195:10213

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 98ms
98ms Image
image/gif 107.23.100.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=y0ePUZ_SJFCDjIML&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=10841&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=5562&t=hmKwRDiXD2zT4Zg4DX-O24DEQefV&V=126&tz=-120&_acct=anon&sn=2&sv=s-YX1Db8vxRcahndHpQ5bZsPIx&sd=1&im=06030402&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.100.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Apr 2021 13:50:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/11/18f312ed

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/2235f3c37a6ti17991ecfa342459f501b

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/11/18f312ed

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/2235f3c37a6ti17991ecfa342459f501b

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/11/18f312ed

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/2235f3c37a6ti17991ecfa342459f501b

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/11/18f312ed

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/2235f3c37a6ti17991ecfa342459f501b

Verdicts & Comments Add Verdict or Comment

280 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 21:41:09	Name: dextp Value: 358-1-1617717014322\|470-1-1617717014539\|481-1-1617717014640\|771-1-1617717014741\|903-1-1617717014868\|19566-1-1617717014979\|23728-1-1617717015080\|30432-1-1617717015180\|30064-1-1617717015288\|66757-1-1617717015389\|134096-1-1617717015490\|144230-1-1617717015590\|144231-1-1617717015691\|144232-1-1617717015792\|144233-1-1617717015893\|144234-1-1617717015995\|144235-1-1617717016098\|144236-1-1617717016201\|144237-1-1617717016302\|147592-1-1617717016406\|461447-1-1617717016508
.demdex.net/	1970-01-19 21:41:09	Name: demdex Value: 34988654886707717811519152965927344553
.adsrvr.org/	1970-01-20 02:07:33	Name: TDCPM Value: CAESEgoDYWFtEgsI1urZg57DvDkQBRgFIAEoAjILCMjDgrC0w7w5EAU4AQ..
.heraldsun.com.au/	1969-12-31 23:59:59	Name: tp Value: 10841
.heraldsun.com.au/	1969-12-31 23:59:59	Name: n_regis Value: 123456789
.heraldsun.com.au/	1970-01-20 19:38:45	Name: nk Value: 38bb71113ec9746575ae32c31812de25
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%2F%2Fwww.heraldsun.com.au%2F%2C11%2C11%2C1200
www.heraldsun.com.au/	1970-01-19 18:49:33	Name: vidoraUserId Value: 3ajek5jbc46f9cv0vteb6h34aao4b3
www.heraldsun.com.au/	1970-01-19 17:32:01	Name: AWSALB Value: LSqRxSyriN20eLxALe2ni/CDVIl4S8sOaJUcjapLJCaYOj7D+N58kzDG7NPu1PYstDfjqXk6XSG0pYHnmdeegdBwgL86pvF66fbdWMQjDbmLwn2TeNCxkEbbMGH7
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.heraldsun.com.au/	1970-01-19 17:21:58	Name: s_ppn Value: no%20value
.heraldsun.com.au/	1970-01-19 17:21:58	Name: _ncg_sp_ses.ff50 Value: *
.heraldsun.com.au/	1970-01-19 17:21:58	Name: s_gdslv_s Value: First%20Visit
.heraldsun.com.au/	1970-01-20 19:38:45	Name: s_gdslv Value: 1617717014240
.heraldsun.com.au/	1970-01-19 18:05:09	Name: s_nr Value: 1617717014240-New
.heraldsun.com.au/	1970-01-20 10:53:09	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: -637568504%7CMCIDTS%7C18724%7CMCMID%7C34967579819431104951521531501000771763%7CMCAAMLH-1618321814%7C6%7CMCAAMB-1618321814%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1617724214s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18731%7CvVersion%7C5.1.1
.adsrvr.org/	1970-01-20 02:07:33	Name: TDID Value: fdf9d5b3-84d1-477f-971a-f682250cfdd8
www.heraldsun.com.au/	1970-01-19 18:06:35	Name: ad_site_view Value: 1
www.heraldsun.com.au/	1970-01-23 08:57:57	Name: _ncg_marketingCloudVisitorId Value: 34967579819431104951521531501000771763
.imrworldwide.com/	1970-01-20 02:43:33	Name: SSCVER Value: v1
.heraldsun.com.au/	1970-01-20 10:53:09	Name: _ncg_sp_id.ff50 Value: 35fa6c7a-4349-4f67-8b28-c44f39bce81b.1617717014.1.1617717014.1617717014.04178ca5-aea3-4a68-9191-9fcd079dbcb0
www.heraldsun.com.au/	1970-01-20 02:50:45	Name: _chartbeat2 Value: .1617717013766.1617717013766.1.s-YX1Db8vxRcahndHpQ5bZsPIx.1
.doubleclick.net/	1970-01-20 02:43:33	Name: IDE Value: AHWqTUl_dPVKi68oRz2BDkHawSMCijnn1DZTDCZ1CV-uXeQh57hh_oRAU2U9MRsllww
.imrworldwide.com/	1970-01-20 02:43:33	Name: IMRID Value: 03d13dd1-96df-11eb-bed9-a1df1a19c164
.heraldsun.com.au/	1970-01-20 10:53:09	Name: s_ecid Value: MCMID%7C34967579819431104951521531501000771763
www.heraldsun.com.au/	1970-01-19 17:21:58	Name: _cb_svref Value: null
.heraldsun.com.au/	1970-01-20 02:07:33	Name: nc_eu Value: y
www.heraldsun.com.au/	1970-01-19 17:32:01	Name: AWSALBCORS Value: LSqRxSyriN20eLxALe2ni/CDVIl4S8sOaJUcjapLJCaYOj7D+N58kzDG7NPu1PYstDfjqXk6XSG0pYHnmdeegdBwgL86pvF66fbdWMQjDbmLwn2TeNCxkEbbMGH7
www.heraldsun.com.au/	1970-01-20 02:50:45	Name: _cb Value: y0ePUZ_SJFCDjIML
www.heraldsun.com.au/	1970-01-19 18:06:35	Name: ad_site_view_t Value: 2021-4-6
.heraldsun.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
www.heraldsun.com.au/	1970-01-20 02:50:45	Name: _cb_ls Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210406-4-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbnails-midrail-native
console-api	log	URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18) Message: UTRACK loaded (from tealium)
console-api	log	URL: https://tags.news.com.au/prod/tad/tad.js(Line 6) Message: AD CORE ERROR: TypeError: Cannot read property 'disc.segments' of null
console-api	log	URL: https://tags.news.com.au/prod/tad/tad.js(Line 6) Message: AD CORE ERROR: 18 function(e,a){var d=e.localStorage;d["disc.segments"]&&(a.ad_audi_segs=d["disc.segments"].split(",")\|\|[])}
console-api	log	URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3) Message: vidora-client 1.3.4 4a354580d3cf929b5a8a7d86ed03be7f4218d021
console-api	log	URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1) Message: %c Vidora API finished initializing! background: #222; color: #b9da52
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js(Line 6) Message: [GPT] Invalid arguments: PubAdsService.setTargeting('adl', false).
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js(Line 6) Message: [GPT] Invalid arguments: PubAdsService.setLocation(50.12).
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.001953125 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0d3e994a32f79f23ee2be6c7cf92181a.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
beacon.krxd.net
bh.contextweb.com
bs.serving-sys.com
bttrack.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
cookie-matching.mediarithmics.com
d.turn.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heraldsun.com.au
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image5.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.c.appier.net
s1.rui.au.reastatic.net
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
script.crazyegg.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.co
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
vrqoifp0xs5ycwwpmoydlll67x8jt1617717014.nuid.imrworldwide.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
login.newscorpaustralia.com
104.111.247.190
104.117.204.209
104.244.42.195
104.244.42.197
104.75.88.206
104.79.88.36
107.21.231.45
107.23.100.244
13.226.159.76
13.226.89.119
141.226.224.32
141.226.228.48
142.250.185.194
142.250.185.98
142.250.186.134
142.250.186.166
142.250.186.66
15.237.76.117
151.101.1.195
151.101.114.217
151.101.13.181
151.101.14.49
172.104.121.22
178.250.2.151
18.158.93.70
18.195.155.181
184.24.9.204
184.30.20.111
184.30.20.190
185.33.221.90
185.64.190.80
185.86.137.110
185.94.180.126
192.132.33.46
193.0.160.128
198.148.27.140
199.127.207.180
199.232.136.157
199.232.137.44
2.18.232.130
2.18.233.180
2.18.234.21
213.19.147.150
213.19.147.151
216.52.2.19
23.111.9.35
23.37.53.17
23.45.110.176
2600:9000:206f:9000:1e:a43d:b640:93a1
2600:9000:211e:de00:1d:667e:2a40:93a1
2600:9000:2127:8400:1e:c291:240:93a1
2600:9000:2127:8800:4:77d:a0c0:93a1
2600:9000:2182:2000:18:1fcd:34e:d2a1
2600:9000:2182:f400:2:42d9:3100:93a1
2606:4700::6813:9308
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:810::2001
2a00:1450:4001:811::2008
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a02:26f0:6c00:295::25ea
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:fa87:fffd::c000:42d0
3.121.27.153
35.227.202.26
35.244.159.8
46.228.164.13
51.83.111.34
52.16.188.154
52.21.116.104
52.211.22.238
52.30.135.179
52.51.159.158
52.57.251.82
52.58.55.232
52.95.132.167
52.95.134.242
54.154.123.210
54.171.42.33
54.246.18.165
54.246.217.185
54.36.109.166
54.72.253.164
65.9.90.27
69.173.144.165
80.252.91.52
99.81.198.244
02a35fa71a9b6cc03cf88738c0e80a5817666dbe0454ec74989b3bfb65650d8a
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
058ea0936ba9f75902161e61fbdd55a93a6f1a8751354f9edd7e3ca87b6af7b2
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1a3c54c054a009aae3234768136c7eade13470e35960191f533fd775bdce00
0df3c4bc790aa7cb9c3cca68562b44ded7f1435b4cbce67cc44baa9bb3cf01e4
10864dee76224887c8561485c8e2df963076c1f3c21fe7cf01c9a25fd94ac6f5
1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
154fc5459c6bf0a19b3aed1d761e69a837a6a0391a31c32d8eba2cb89ac2981e
1619a1cea844a91e714edc0e21d3530cee6813ddbaf9a4d39f1ae5626f3305e7
18f6bfe9501a0dd540527913018d8894b40c5bf16143bad7e2a9dd2bea89cf6d
1b9d65d4a052f122faad1f222f9c000d5deeb9f0736d48b9a0500a88d7c42806
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1dc8fc20df07f904a8fb522851580fa578aeeb0b575a0d602c4bb0eed4edb96b
22957eb25ed393b0170229c1233dba07efa6e7c7fa3fcac7b12eb4b2272734b8
234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6
26d7181620be300c6568ac9d72aac042d93498380bc83d5545db0d22073e21ea
29cffe5e2f395642ab46e6da4f0ca731490bf7cbea49fc4be63f6ccaad8844de
2a2faf3cda959657a8da8280aa148ade2cff908e398ecf290cf0e45800e5b6aa
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2ad3f8a061d16dfba7ca8b57bc3ad42f6d2380aec36fdf6592727dd499e6edf2
2c7b7b46054f9b25db61862123c46fa13d3d36273f0d4d370ca98b7c652d4069
30f2205699a31f58989bd57f1ddcd23ebdafe114698e10cbc5362169ba824318
34da3d30b3d87e34399a07435659176b310fcdce3111ddeae1b4dab1976ecf50
3672a5d778e5f041079dac076cb72d82760aa9ea821e3981198a8eccec399426
375a340d4f7ef918da866a93a72fca1a4c97f2df3ae5846952bda81fd4583ea4
376ae326aff23eac896646ae914b68623e275b4c86541623aa91cd8ea8e2e5e4
386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb
387d7ea117e992462abbb51223c83d518c31ea550c2a5714aee2a79a85a30cf9
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
39329adf9781c76871395285f61b410dacef156ac5bd7d8a52e49743ed986269
3b7a4d21db7aa4f3a436d1810359a145761bdba6d2841e32ea4746ac828e7d93
41268fc4402bc88b16329c06e5dd352b4f29f25041d397f9f4481d6d73ac52a0
4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025
47b7a8710924ec2a6402c437f720b5e31dd3a5229a18db70badce74eaba80c4f
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b689f9336eb88422c19d850a1d0be9f7de7d074d90bbdba3ff0d9e0c9d6cec8
4c5c6239663347db94e0a0463b01a40b8512904b5e8c1f4b68c582c1ed28b7e1
4c7108c3e044640422f7b3315ab438261953270b64e941b82a38f1d474e01ded
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d79d566257d4a072e7e70b71124179fee43502b10152b0aab33c4318193552e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffb9b8d2e1b755955b85e80bf72933d73ce975fe6985fe5c3ebc86c36c3bc63
52786c86811c129ec151d880a742f4955bc63aea2f85fa641fa14c9bfb4b64ab
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
584ebca28b361c3381c686b75b71c2cb4cdc074bc0ba6e44980c9db33c5cdf1c
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe
5b9aab3bb16d6352c51e70d63eb499b693ee9653fbb0ffe096089c27b7347ba0
5bd5fc784e928168a977deffa61d9424ef3eea6ca9eceeec1995e3d780c769b7
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
61b588f8b718b6c57142bf36a821a0c2e372e4634b8f4ae672e57b28408470dc
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
647dadf9fbf08e25f352a527e6030c468bc072046190698084bd98289bb4b206
6695208fd216fa2ad18e6e1025aeada023a0f672403e5de5e7aaca1e97275165
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6870f50dcf87161a935af2414f8b29b5397459e0e49fc510c70fc9eb69d51f05
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d81f2cbf98a99bf968f4a56d7764f0b75051d1cf9aabb4515481ef2fbebf6d6
70a9aa1711bcd9a5617a792b616616255a2bf9fe1e55956f682a6f4024e28a39
72302ee94bcc0f9206b3c0cdf1f1720bf7bc037a638a44bace6e5295852b2ef2
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
76ac1493aecf8ca2ed7e0661545482b57d72faaf8c6a3d1726c34eb717e8f15e
7840fc963e2b28fb655f31b663bd66db26194eb1142edc6439a43118fdaba4ce
7b6b669efac6bebcac342c55fc5ef9a85f81451defd72f2429ad57203a13f5a1
7b836f980105af48cc460cba4d6beded383be23233b43010337cddf9642ae7d2
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c
82514e1e462f6457909cf3b5dff7604e9bbc3041896b6fdf55760e15a485f0e3
83d8954d30034cc91b28572289b43478e10982fa4149cc358456a2493c2b1d66
8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f
89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c540ef7c6126c4804e6a5bd4af25a78b0a124493221a25a9e3ae1109b685b61
8c54d59b7fe2d9ab259d3dfc093728caf146b5841056fb0f39aaf9a8eb48d1eb
8e0cf75c2cfcb35edbce8e01875f1690dc3ffbfbb3eff4f3e02f69da5a5d6846
8f0b5ef00f614eff2b95a282db04df3843d5b421ddbf5acfab68ebf6a0ec9f1b
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
984715c39dc0245d7df016d5a165dea655750acd9af57fc3297a8f4c74d8163d
984af48e7efc952d96c92943d3dc213bfc599182fac15dfb9409eaa655b38f34
99da5c0f78a0aa5fde3c413e67522c36d2d97af7a2823e892afd082e38d052b1
9a32bed4e81651c9c81c8d7a215a2f5cfbdec52ea96a40e2866a6864842e6ee6
9b7dbc6dbf10a3ec5cf3a063050a5d37e70e9c7a3b405aa26abd5ba3093aa742
9da3abe7a4fb8b77d01d9c94cac4667a8be62737b1f50004cd3806533fcb5546
9e72dd6709237707a92a637090e3664e40b41881623f58376e4e86f2a50f1dc3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13530920002b36c6554067b4e9adbef0dceb3d14928f775743bbf539f7a8d9f
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ae487ffa26b6cf003611ae59150d9f11d30398cba701bed2b616e77ff55178c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29ac2e462642e7f4a27a1bd40f3550658fe841227996f523cf86066e04fb2d7
b2a4352595bb834d956d7ae260ecf56b9f1b9785b46f3314ed7b82ef506b2f00
bd696767e2a3108b82b50a16f21c1f6c131ceb2dbaadb92c5bd4065296827487
bf7672bb8b9dfd8d72a52a5533ae39dee113595f1bdc2a1b27bd437421e82653
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c
c2b270cc83dab8052ff0d72ba98dacdef370d7fb2d32dd2ec0fe8c1250f69a91
c366c9a5f3473a23202eddf9ee11afb0bece150a5080c06e68fe90d654bf26b0
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c6d8b97c2d3acdfbad9bb29de9e79d5e6c9ede3a75e4c8682ad0e8205e09732e
c7e2f31897fbfe5e4033f51250834a8b1b309ab47d19a441035efa74a3c8824d
cae36503bf24c56dcd1e6692a02de02c3b7fafbe4091ddab0117343bea16ddcf
cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df
ce0858f83676ad66028a164ec2f9f09419b4eb7189de81011e83e3b62e9aa80c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda
d2f590122902bfd8ad07c47e79ae0f0808bd7fca0d65a1051b7e69f10747eae7
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
d664d5c1787e3248da314d2dd2f78e97be4915e0583c3d40b5fb08a8120a7ba1
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dbdd998c776d637196a031bdc843712af6e4c2a4b29b9497a94157fb0cf4d42a
dcdc7c99308f705720f75fd5554fe7450e971f257210484f85210299d1a89a3b
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53e984a14ce0011d32ab5a28e9bd9e83d2d16be2dd3467517439fbf815dbe69
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e8fac3132dbd328ef02a496f32da02013056cbdf074dcb9ee4a46bd6c90bfbdb
e98317784e1c99bcfb801ef6bdc02ba6ac9244d29d2277f244931a967ca59081
e9dea41b08c540db79054b5440e3312cc8cb429c40b9f78dd2abbffd277a05f4
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f3ee7f733586379df35b59416987e636427861079c0780e08be2feff3c2af0a1
f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f0a9781ac75d4593a6d0d9bda1ad451ed838f4f31584364cf6d459cc9c62b9
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

www.heraldsun.com.au Open in urlscan Pro 184.30.20.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

296 Requests

95 %HTTPS

23 %IPv6

66 Domains

106 Subdomains

74 IPs

8 Countries

2777 kBTransfer

7631 kBSize

32 Cookies

54 Outgoing links

Page URL History

Redirected requests

296 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldsun.com.au Open in urlscan Pro
184.30.20.111 Public Scan

Screenshot
Live screenshot

Full Image

296
Requests

95 %
HTTPS

23 %
IPv6

66
Domains

106
Subdomains

74
IPs

8
Countries

2777 kB
Transfer

7631 kB
Size

32
Cookies

296 HTTP transactions
0 data transactions