urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
2.18.233.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Submission: On July 30 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 10 countries across 69 domains to perform 300 HTTP transactions. The main IP is 2.18.233.28, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2021. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 31 2.18.233.28 16625 (AKAMAI-AS)
1 8 2.18.233.169 16625 (AKAMAI-AS)
1 151.101.14.217 54113 (FASTLY)
1 18 151.101.13.44 54113 (FASTLY)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 2600:9000:20e... 16509 (AMAZON-02)
16 184.30.24.190 16625 (AKAMAI-AS)
3 52.95.128.74 16509 (AMAZON-02)
1 52.95.128.115 16509 (AMAZON-02)
2 151.101.13.181 54113 (FASTLY)
1 3 13.224.96.53 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 104.111.230.77 16625 (AKAMAI-AS)
4 104.109.77.38 16625 (AKAMAI-AS)
1 151.101.1.195 54113 (FASTLY)
2 10 141.226.228.48 200478 (TABOOLA-AS)
2 5 142.250.186.70 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
14 142.250.184.226 15169 (GOOGLE)
1 13.224.96.124 16509 (AMAZON-02)
1 2 2600:9000:219... 16509 (AMAZON-02)
6 2600:9000:21f... 16509 (AMAZON-02)
1 13.224.193.100 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.13.175 54113 (FASTLY)
2 23.55.161.4 20940 (AKAMAI-ASN1)
1 13.224.96.83 16509 (AMAZON-02)
2 54.208.44.81 14618 (AMAZON-AES)
1 16 52.212.101.97 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
11 34.250.155.46 16509 (AMAZON-02)
2 15.188.95.229 16509 (AMAZON-02)
1 1 34.248.191.66 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.57.82.36 16509 (AMAZON-02)
2 13.224.100.124 16509 (AMAZON-02)
1 151.101.12.157 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.130 16625 (AKAMAI-AS)
3 142.250.186.130 15169 (GOOGLE)
1 35.227.202.26 15169 (GOOGLE)
5 10 37.252.172.36 29990 (ASN-APPNEX)
17 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2 2620:119:50e4... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.5 13414 (TWITTER)
2 34.249.67.64 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
10 2600:9000:219... 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
19 34.233.44.251 14618 (AMAZON-AES)
3 69.173.144.138 26667 (RUBICONPR...)
3 5 142.250.185.130 15169 (GOOGLE)
3 3 13.248.242.197 16509 (AMAZON-02)
2 52.213.189.245 16509 (AMAZON-02)
1 104.244.42.195 13414 (TWITTER)
1 1 2.18.233.180 16625 (AKAMAI-AS)
1 2 198.148.27.140 19189 (PULSEPOINT)
2 185.64.190.80 62713 (AS-PUBMATIC)
1 2 216.52.2.39 29791 (VOXEL-DOT...)
1 185.86.139.115 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 1 139.162.78.222 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
3 3 54.93.69.146 16509 (AMAZON-02)
2 2 35.205.207.25 15169 (GOOGLE)
2 2 18.195.66.88 16509 (AMAZON-02)
1 2 35.244.159.8 15169 (GOOGLE)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 3.223.233.80 14618 (AMAZON-AES)
1 2 76.223.111.18 16509 (AMAZON-02)
2 3 2.18.234.21 16625 (AKAMAI-AS)
1 1 199.127.207.180 26120 (RHYTHMONE)
1 1 52.57.150.20 16509 (AMAZON-02)
1 1 52.206.55.189 14618 (AMAZON-AES)
1 52.31.20.108 16509 (AMAZON-02)
1 1 23.45.99.241 16625 (AKAMAI-AS)
8 8 151.101.14.49 54113 (FASTLY)
1 2 34.98.64.218 15169 (GOOGLE)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2a03:2880:f12... 32934 (FACEBOOK)
3 3 213.19.147.45 3356 (LEVEL3)
1 2a04:4e42:3::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
2 2600:9000:21f... 16509 (AMAZON-02)
300 80
31    2.18.233.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com
heraldsun.com.au
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
8    2.18.233.169 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-169.deploy.static.akamaitechnologies.com
tags.news.com.au
1    151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
18    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
match.taboola.com
1    2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)
origin.go.heraldsun.com.au
1    2600:9000:20eb:3000:1e:c291:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
s1.rui.au.reastatic.net
16    184.30.24.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-190.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
3    52.95.128.74 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
1    52.95.128.115 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
2    151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
3    13.224.96.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-53.zrh50.r.cloudfront.net
sb.scorecardresearch.com
1    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
4    104.111.230.77 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-77.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
4    104.109.77.38 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-77-38.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
10    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
5    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
8228261.fls.doubleclick.net
1    2600:9000:2190:6200:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
14    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.224.96.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-124.zrh50.r.cloudfront.net
ats.rlcdn.com
2    2600:9000:2190:8c00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
6    2600:9000:21f3:b600:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
seccdn-gl.imrworldwide.com
1    13.224.193.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-100.fra2.r.cloudfront.net
au.tags.newscgp.com
4    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    151.101.13.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    23.55.161.4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-161-4.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
1    13.224.96.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-83.zrh50.r.cloudfront.net
cdn.adsafeprotected.com
2    54.208.44.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-44-81.compute-1.amazonaws.com
ping.chartbeat.net
16    52.212.101.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
dpm.demdex.net
newscorpau.demdex.net
1    2600:9000:20eb:dc00:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.vidora.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
11    34.250.155.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
metrics.heraldsun.com.au
1    34.248.191.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
9    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
1    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
dc3d6e888577bf70cc6c7e8f1d267e6b.safeframe.googlesyndication.com
1    52.57.82.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-82-36.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
2    13.224.100.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-100-124.zrh50.r.cloudfront.net
js.adsrvr.org
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
1    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
au-gmtdmp.mookie1.com
10    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
ib.adnxs.com
17    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2620:119:50e4:101::6cae:b55 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
2    34.249.67.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
secure-dcr.imrworldwide.com
1    2600:9000:21f3:ec00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
o148c3nkqrfebosutzc2a4nhw6ncb1627677245.nuid.imrworldwide.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
10    2600:9000:2190:400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
19    34.233.44.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
5    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
3    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    52.213.189.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-189-245.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
image5.pubmatic.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
e1.emxdgt.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    139.162.78.222 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    54.93.69.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-69-146.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.205.207.25 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
ads.avads.net
2    18.195.66.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
u.openx.net
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    3.223.233.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
jadserve.postrelease.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
3    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
1    199.127.207.180 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
1    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
1    52.206.55.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
1    52.31.20.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
1    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
8    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
us-u.openx.net
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    2600:9000:21f3:ee00:1e:9240:9c0:21 (United States)

ASN16509 (AMAZON-02, US)
d2n6ofw4o746cn.cloudfront.net
Apex Domain
Subdomains		 Transfer
41 adsafeprotected.com
cdn.adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
478 KB
30 taboola.com
cdn.taboola.com
trc.taboola.com
images.taboola.com
am-trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
match.taboola.com
pips.taboola.com
cds.taboola.com
190 KB
28 doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
8228261.fls.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
168 KB
23 googlesyndication.com
pagead2.googlesyndication.com
dc3d6e888577bf70cc6c7e8f1d267e6b.safeframe.googlesyndication.com
tpc.googlesyndication.com
94 KB
18 heraldsun.com.au
heraldsun.com.au
www.heraldsun.com.au
origin.go.heraldsun.com.au
metrics.heraldsun.com.au
632 KB
16 demdex.net
dpm.demdex.net
newscorpau.demdex.net
20 KB
16 newscdn.com.au
resourcesssl.newscdn.com.au
76 KB
15 api.news
content.api.news
226 KB
11 adnxs.com
acdn.adnxs.com
secure.adnxs.com
ib.adnxs.com
12 KB
11 google.com
adservice.google.com
www.google.com
2 KB
11 imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
o148c3nkqrfebosutzc2a4nhw6ncb1627677245.nuid.imrworldwide.com
80 KB
9 everesttech.net
cm.everesttech.net
sync-tm.everesttech.net
2 KB
9 news.com.au
tags.news.com.au
mhr.talk.news.com.au
200 KB
7 adsrvr.org
js.adsrvr.org
match.adsrvr.org
insight.adsrvr.org
12 KB
6 googletagservices.com
www.googletagservices.com
214 KB
6 google.de
adservice.google.de
www.google.de
1 KB
4 openx.net
u.openx.net
us-u.openx.net
975 B
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
3 KB
4 crazyegg.com
script.crazyegg.com
27 KB
4 tiqcdn.com
tags.tiqcdn.com
22 KB
4 newscorpaustralia.com
login.newscorpaustralia.com
13 KB
4 amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
39 KB
3 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
3 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 pubmatic.com
image5.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
1 KB
3 rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
692 B
3 googleadservices.com
www.googleadservices.com
45 KB
3 serving-sys.com
secure-ds.serving-sys.com
bs.serving-sys.com
20 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
2 cloudfront.net
d2n6ofw4o746cn.cloudfront.net
4 KB
2 1rx.io
sync.1rx.io
900 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 krxd.net
usermatch.krxd.net
beacon.krxd.net
529 B
2 3lift.com
eb2.3lift.com
736 B
2 betweendigital.com
ads.betweendigital.com
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 avads.net
ads.avads.net
562 B
2 lijit.com
ce.lijit.com
1018 B
2 contextweb.com
bh.contextweb.com
828 B
2 googletagmanager.com
www.googletagmanager.com
76 KB
2 chartbeat.net
ping.chartbeat.net
401 B
2 kampyle.com
nebula-cdn.kampyle.com
83 KB
2 perfectmarket.com
widget.perfectmarket.com
32 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
475 B
1 facebook.com
www.facebook.com
517 B
1 bluekai.com
tags.bluekai.com
834 B
1 eyeota.net
ps.eyeota.net
418 B
1 scanscout.com
dt.scanscout.com
692 B
1 postrelease.com
jadserve.postrelease.com
427 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
361 B
1 criteo.com
dis.criteo.com
546 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 smartadserver.com
rtb-csync.smartadserver.com
697 B
1 twitter.com
analytics.twitter.com
658 B
1 turn.com
d.turn.com
402 B
1 t.co
t.co
455 B
1 mookie1.com
au-gmtdmp.mookie1.com
608 B
1 licdn.com
snap.licdn.com
2 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 vidora.com
assets.vidora.com
4 KB
1 newscgp.com
au.tags.newscgp.com
48 KB
1 rlcdn.com
ats.rlcdn.com
60 KB
1 chartbeat.com
static.chartbeat.com
23 KB
1 web.app
ts2020-indies-client.web.app
3 KB
1 fontawesome.com
use.fontawesome.com
12 KB
1 reastatic.net
s1.rui.au.reastatic.net
9 KB
1 speedcurve.com
cdn.speedcurve.com
6 KB
0 exelator.com Failed
loadus.exelator.com Failed
300 69
Domain Requested by
19 dt.adsafeprotected.com www.heraldsun.com.au
17 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
16 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
resourcesssl.newscdn.com.au
15 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
15 content.api.news www.heraldsun.com.au
14 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
www.googletagservices.com
14 www.heraldsun.com.au 3 redirects www.heraldsun.com.au
11 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
10 static.adsafeprotected.com pixel.adsafeprotected.com
www.heraldsun.com.au
10 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
8 sync-tm.everesttech.net 8 redirects
8 www.google.com securepubads.g.doubleclick.net
www.heraldsun.com.au
tpc.googlesyndication.com
8 tags.news.com.au 1 redirects tags.tiqcdn.com
au.tags.newscgp.com
7 sync.taboola.com 2 redirects www.heraldsun.com.au
6 www.googletagservices.com securepubads.g.doubleclick.net
6 secure.adnxs.com 3 redirects www.heraldsun.com.au
6 trc.taboola.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
5 cm.g.doubleclick.net 3 redirects www.heraldsun.com.au
5 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 cdn-gl.imrworldwide.com www.heraldsun.com.au
seccdn-gl.imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
4 ib.adnxs.com 2 redirects www.heraldsun.com.au
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
4 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
3 x.bidswitch.net 3 redirects
3 match.adsrvr.org 3 redirects
3 www.google.de www.heraldsun.com.au
3 googleads.g.doubleclick.net www.googleadservices.com
3 www.googleadservices.com secure-ds.serving-sys.com
www.googletagmanager.com
3 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
adservice.google.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
3 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
resourcesssl.newscdn.com.au
2 d2n6ofw4o746cn.cloudfront.net news-networkeditorial.s3-ap-southeast-2.amazonaws.com
2 sync.1rx.io 2 redirects
2 sync.search.spotxchange.com 1 redirects www.heraldsun.com.au
2 us-u.openx.net 1 redirects www.heraldsun.com.au
2 ssum.casalemedia.com 2 redirects
2 eb2.3lift.com 1 redirects www.heraldsun.com.au
2 ads.betweendigital.com 2 redirects
2 u.openx.net 1 redirects www.heraldsun.com.au
2 rtb.mfadsrvr.com 2 redirects
2 ads.avads.net 2 redirects
2 sync-t1.taboola.com
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 bh.contextweb.com 1 redirects www.heraldsun.com.au
2 pixel.rubiconproject.com www.heraldsun.com.au
2 insight.adsrvr.org js.adsrvr.org
2 secure-dcr.imrworldwide.com www.heraldsun.com.au
2 px.ads.linkedin.com 2 redirects
2 www.googletagmanager.com secure-ds.serving-sys.com
2 js.adsrvr.org secure-ds.serving-sys.com
2 metrics.heraldsun.com.au tags.news.com.au
www.heraldsun.com.au
2 ping.chartbeat.net www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 secure-gl.imrworldwide.com 1 redirects www.heraldsun.com.au
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 sync.targeting.unrulymedia.com 1 redirects
1 www.facebook.com www.heraldsun.com.au
1 image2.pubmatic.com www.heraldsun.com.au
1 dsum-sec.casalemedia.com www.heraldsun.com.au
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 ps.eyeota.net 1 redirects
1 dt.scanscout.com 1 redirects
1 jadserve.postrelease.com www.heraldsun.com.au
1 match.taboola.com www.heraldsun.com.au
1 bttrack.com www.heraldsun.com.au
1 s.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com www.heraldsun.com.au
1 rtb-csync.smartadserver.com www.heraldsun.com.au
1 simage2.pubmatic.com www.heraldsun.com.au
1 image5.pubmatic.com 1 redirects
1 analytics.twitter.com static.ads-twitter.com
1 token.rubiconproject.com www.heraldsun.com.au
1 d.turn.com 1 redirects
1 o148c3nkqrfebosutzc2a4nhw6ncb1627677245.nuid.imrworldwide.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 px4.ads.linkedin.com www.heraldsun.com.au
1 www.linkedin.com 1 redirects
1 au-gmtdmp.mookie1.com www.heraldsun.com.au
1 acdn.adnxs.com www.heraldsun.com.au
1 snap.licdn.com www.heraldsun.com.au
1 static.ads-twitter.com www.heraldsun.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 dc3d6e888577bf70cc6c7e8f1d267e6b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 assets.vidora.com www.heraldsun.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 seccdn-gl.imrworldwide.com tags.news.com.au
1 au.tags.newscgp.com tags.tiqcdn.com
1 ats.rlcdn.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 mhr.talk.news.com.au www.heraldsun.com.au
1 am-trc-events.taboola.com www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 images.taboola.com www.heraldsun.com.au
1 use.fontawesome.com cdn.taboola.com
1 s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 s1.rui.au.reastatic.net www.heraldsun.com.au
1 origin.go.heraldsun.com.au www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
1 heraldsun.com.au 1 redirects
0 loadus.exelator.com Failed
300 113
Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA		 2021-02-25 -
2022-02-28		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2020		 2020-12-09 -
2022-01-10		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
origin.go.heraldsun.com.au
R3		 2021-07-08 -
2021-10-06		 3 months crt.sh
s1.rui.au.reastatic.net
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2021-04-19 -
2022-04-27		 a year crt.sh
web.app
GTS CA 1D4		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-02-01		 a year crt.sh
au.tags.newscgp.com
Amazon		 2021-01-25 -
2022-02-22		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA		 2021-04-28 -
2022-05-03		 a year crt.sh
*.adsafeprotected.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.vidora.com
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2020-09-09 -
2021-10-09		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-15 -
2022-07-16		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
bs.serving-sys.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon		 2021-06-11 -
2022-07-10		 a year crt.sh
www.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2020-10-03 -
2021-11-03		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh

This page contains 44 frames:

Primary Page: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Frame ID: 8DA4FF496A80C3B09AB3A6E569C5315F
Requests: 154 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=dlzjPylCunpn0cq9yZKOiS-pDY4MIybE&nonce=DjP6nHg6HuYrh-899lb6qshooExQUEvo&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: FBC5D4A7FA9B02B25702E060C881560A
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=gRVRjIPHhn34QMIhXKX~Hb6SdmLTdFFQ&nonce=N0zwKm09FTLlhTocKOFs636D8.MurJzt&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: 2C57FD8CD80E7B8E3C613C100D7E54B2
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=MZU2EexnOsstaHpDCYKtvvAeb8adIpbe&nonce=bgfm9iJfK.NiTlqkjJ9.TU0Sy23Rg1Jy&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: 55927B718516F336636D5EDBCFBBBD3B
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Vd7vONEPTSDd10~IlgBEpGn5eNk2kQ40&nonce=_6niw6LjCqDsTR3qRKolOeB1Qve_1aJN&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: BA2BD8244C3EDA3320D83B533A81F3B2
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 7573234A3188E7D7E53D25E2BB654AFA
Requests: 22 HTTP requests in this frame

Frame: https://dc3d6e888577bf70cc6c7e8f1d267e6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FF937FB06ADF01D607167B849CDA9E3D
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 8186E1C20827AC4D3143D1131BE0EA62
Requests: 3 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 757CC0AAF92BE04D33ED29A76C657869
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: CBBD1BD9BBB4D374A1D07D9F99406114
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: BCEF36EF55464A6491C896EA77DD6AF4
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: F08A001B6F281499057E039BB1D159CC
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 00090D2B23F37532994CE23B6F6C0D0C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 8F5058E985A01470A73512C9B58F0288
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741
Frame ID: 1AB8AD2D4BA5AD3592686216F0D0B321
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513
Frame ID: 6538353166C17357B80CDDBA2FE4E994
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 2688D564884345DB705EDA2077FB4176
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: B051A967A079468858FC0A1814648E08
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 9CFD71E07B112E154A72B19AA65B2E07
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: B337DBA29A4850FC63AB2AFD188A831E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstflR5t1PUaFqn1IYmAmVT5YevJA-xyAHt9J-541OVZkimu3XetSv_UXsjWSrgU6b4atvPL5Q2NaiUOexUNUSCEJcU8a6ew7FtyIENRRHKwx9dxCy50x27HdDl1sS-CXqTEvizgR90Y4TEsqI6Aa5RwcCZgFHlv4DfKM_XZXWrYvVx3ZCLHdrRsj_NV_Wiqly7qCFrwZdV0lXutaTrthTHmo9WXtryO7ZTS9eWr4hrQZpDzepKvMfevI7CNU62WaLnMs9CqAoxRVXRBV2fCe6Uavn-JjokQs39-uGHovG1ILFLeLmCx68SQdElS&sai=AMfl-YSLOBf25smAebbP_7m_4ihtuH-q90uIwi7MOszxDsi02SbX7mf9xNCrIHDvNmy5PBWbIv1vQvvBfygE&sig=Cg0ArKJSzBu5XMfHKhifEAE&adurl=
Frame ID: 0A66B2E1D2FA282FF01315662C909634
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF4nymjxQZEf-1_h60Ine-A5DoctNYP9vZj9Da2Ih1BsyrG4nRbLnx2JYp8xHaHATB3_iv_dW0tw3AheFHpyEXce8Ih4F2e92sdFcmP-ubA9XBH6o056rllLGi1Se9t_5vTiAzhiG68vgWXUyb6cFHb6cXUBAFBa5yo66BDiwuqIY1nS3fZzjVocMDiP73sduOm4b0WbWnmktEx6lEdVyJObCaDjGiaxCvqS2MMgnnlmLa43ODOurVTMAKI3zbpD21294Zb0Z2yBu5iyPCn2oU0rHpr4olWYyiw2ivEPYL7CsRVATnJZyNTNzO&sai=AMfl-YQe_N9fxMG3lybKxzoXWh4LA6NInNhbF6O-IIVc-TQD1Hw-K4iRCi6ROLb4G1dYaJ7mr4dG-CkLeVG3&sig=Cg0ArKJSzPGvnRo9lzFcEAE&adurl=
Frame ID: 5A0F465759D99205867208A3121C51D2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnQzcpWOohyaZXNVXqT2YBTvq5aTy6j55ENA9Q5vfoqzt9dGEkIVFu522mLguZrZGwptvDCtLGtK2jHAwYWlWlzlcQTxJRODbcGuNWCvn9WZwrP6wuigj3t8vwzbBgliqNKsufIrUgaEZu9uAWl0EDEAsIsYtWPiymTdXLoMa6joWuOasos31sm4-qr3Rf7plO95aMrUIrY10Npo2beOQqhmeBhU5W3-ASSebG5WmOJQ7S4I5VvcoyxGvk6Q1q0qT515I1vB15rlDMuM4u_Pnqxl4v69hkg78jGR9y8f1y32uw8ebCCIAphqXv&sai=AMfl-YQDYZkdM5NoWylgEI5yR3FgMHK2xJEvM1pSUxXMhe2Nh34ubgLnMcY9zRWRlAjw7IIu8BpeBfou0weS&sig=Cg0ArKJSzKA3ScHOf4weEAE&adurl=
Frame ID: 881CA303A2E672FC1D9361AACEDDD67C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0IHXKM3y2mrPzHT_jWY0Fru2qTM_NxuHccquXlBRIr5G7IZ8sm8HLCBUsPjy85d-hm1U4HhJv3c2AjOzEK14r-iuemgpmEZtZligMi1YoHikkAPX4ZH-0Dln152GSDgGpdEd2JUhRlzUjwELu1TJ5oxIgy1K51msp6fsEwXHWwXOEWezQ2kKIW7pbvaRVOf3vzg5DVXlCh2w276hrYPLNmum0ipI-PemNZzcdYiUiaDYsDcgD-F3nyX0byPPktpRoemVWS701cwtIJSEpTVP2carHdIiOPi3E9GshInAHNHmayEr-F6SMpGMG&sai=AMfl-YT_SuyWC5RUNbc_Kv_wHcvxDQZWBnp5RigdnJ4MPSk9W6g5Yq8tn8m1FQILKbyzOP-hZ8HTWYeryWba&sig=Cg0ArKJSzJNhs5tSyJ3zEAE&adurl=
Frame ID: F31B200DB5C8596EB4FEAF4883BB560E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqGNdx4JpCcssskjm2qI3IAMir72JmU6QRyf-IfwOLY4_gktxK52aVjXio0AQx5WRtYgE6PF-472Q8NcidOK1Ur_EkCO4hlH2-6OUCR_ibjsHxw-Dw6FAFuh5xBONZGP_8B9gqo4QQdWT9ZgZUTjGirCPhELldPShhaNoSGR4sMTLgoKkFSRdx1EofwajQMtu7xhH2nMkRVLhzVpJYihlZzM30FYJlrQ_o1YHq4FlSr47TGpbioxQV5JdY_RnHtm9MXDXO5LozoNpov-Jqahd3ROQ9CGn2TSIbo7Qo4nVUKT6KeY3FYZmtWwD6&sai=AMfl-YQ0MuZAaOAXJiFLsO4VQ8LhpyOUiqVf41VJjMW0WF_IHAAs5qesUkcMP0jE8nrVrhIeNK0ws7pOCNK9&sig=Cg0ArKJSzG2zA5sdrTu_EAE&adurl=
Frame ID: 8A10CEEBE1105E085D8547D421FB91B0
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=571695458&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b0-f175-11eb-812a-0ae761671616
Frame ID: FD1E3674E5BF73A0F38A0372D57274AF
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1063288749&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b1-f175-11eb-812a-0ae761671616
Frame ID: 94EEE84ADE39997CFAA194718CD0A0D2
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=714064199&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b3-f175-11eb-812a-0ae761671616
Frame ID: 580FEA045391808E96AAB9EF0B1E70BD
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1482594562&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b2-f175-11eb-812a-0ae761671616
Frame ID: F9D513EA337F5B6676B18AAB7345234E
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1138389963&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b4-f175-11eb-812a-0ae761671616
Frame ID: 4D26F29496625A653B220317EEE61CE6
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513;~oref=https://www.heraldsun.com.au/
Frame ID: 046D04E6E2896F88AC98A9DF8AF66861
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741;~oref=https://www.heraldsun.com.au/
Frame ID: 89AEC2D18589A5482FA778B25015901B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741;~oref=https://www.heraldsun.com.au/
Frame ID: AC18F4D475409144D0CB1A5D2251A3AA
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513;~oref=https://www.heraldsun.com.au/
Frame ID: 3C44CE447CEF7D12DEB8A9AD33013171
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.10.js
Frame ID: 7ABFE0126BB015FBED1C3B0A8FC998D2
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.10.js
Frame ID: B86AAD1FE919E92CD7AD6A99A03D73CD
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.10.js
Frame ID: CD18F73E2354D68A55E4BF1B7D6E667D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.10.js
Frame ID: BE6F24C631AA6F32D6259C98BED14F34
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.10.js
Frame ID: BD4DD614A8623A051E7C109F5B101FD2
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 965CBFC25E0F27FBAB36C672006BE89C
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 6DDCD2F7AEC4313E99A2ADA648E3CB12
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Frame ID: EFA40DD07FC79F4B4F7DA0B687FA6CB4
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E0C83B3857148B2FCDCB482DB50ADD0F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 696452992A612ECF443335995455C8B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&162... HTTP 302
    https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • script /serving-sys\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

300
Requests

97 %
HTTPS

29 %
IPv6

69
Domains

113
Subdomains

80
IPs

10
Countries

2937 kB
Transfer

8087 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16276772411396580198 HTTP 302
    https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1627677244201&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1627677244201&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=
Request Chain 68
  • https://secure-gl.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 80
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1627677244645 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1627677244645
Request Chain 96
  • https://cm.everesttech.net/cm/dd?d_uuid=36126207129743048330580553676847753842 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQRiPQAAAGwyyRHl
Request Chain 120
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741
Request Chain 121
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513
Request Chain 125
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Request Chain 126
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Request Chain 127
  • https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Request Chain 161
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1627677245320&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1627677245320%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1627677245320&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1627677245320&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQJmywFI1_SXNQAAAXr5H8HFBXZk_nDTMaBZKcd0zC-L5mw5RDD5aZFSh-wEZBkkfE4-_Yep
Request Chain 185
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3760687087462388286
Request Chain 202
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7802032901935382286
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzYxMjYyMDcxMjk3NDMwNDgzMzA1ODA1NTM2NzY4NDc3NTM4NDI= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBm4JHzU8GrsJIBVzqSjIaw&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 227
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=74e5f22a-e2e2-4538-822d-fb57c0276daf
Request Chain 231
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Request Chain 240
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=IKy3BL2q5KlW&ev=1&orig=trc&pid=562107
Request Chain 241
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3760687087462388286&orig=trc
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG1TxPwiW-jq1Wqpr0fJAkw&google_cver=1
Request Chain 244
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c27381e4-b9f1-4bc4-90f6-de3e047c6682-tuct7fde7be
Request Chain 245
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=74e5f22a-e2e2-4538-822d-fb57c0276daf
Request Chain 246
  • https://ce.lijit.com/merge?pid=42&3pid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 250
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9f682c78-3541-4a4f-83de-fdaea596e70f
Request Chain 251
  • https://id5-sync.com/s/464/9.gif?puid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOapMAe833g0V--KFP65kIwLUZirdxUR8L30ZibA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOapMAe833g0V--KFP65kIwLUZirdxUR8L30ZibA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=bf9367ae-3a93-4be1-a697-2bf88fc9f83d&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/5/3.gif?puid=e_2e4b6e7c-906d-4d62-9ec8-202dbc95fa04&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEOKiacHJppwG19yXAvKqkK8&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOKiacHJppwG19yXAvKqkK8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3760687087462388286&opid=apx&ops=&utidl=tech:goo:CAESEOKiacHJppwG19yXAvKqkK8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19466210288&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/3/5.gif?puid=c150ff316d838a67b8ba47facff2229d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/2/6.gif?puid=f59a50fd-8435-464f-94cc-6c6f5867de2c&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
Request Chain 252
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zHbafC7CCiyY9msHP2IEYQ
Request Chain 254
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=c6dbaca5-e5b5-4697-b10e-9672aa74b823&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=c6dbaca5-e5b5-4697-b10e-9672aa74b823&gdpr=0&av_tc=True HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=370fb0b3-2b7a-49a1-86ee-a5df11bbf205&expires=2&ssp=taboola&bsw_param=c6dbaca5-e5b5-4697-b10e-9672aa74b823 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c6dbaca5-e5b5-4697-b10e-9672aa74b823
Request Chain 255
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=73c34531-0adc-4f59-8428-b9f854a43afb HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=73c34531-0adc-4f59-8428-b9f854a43afb&tbid=9a2a1586-dab9-4889-a934-6bf3ed4d8122-tuct7fde7be&query=taboola_hm%3D73c34531-0adc-4f59-8428-b9f854a43afb&isDirect=0
Request Chain 256
  • https://u.openx.net/w/1.0/sd?id=543998486&val=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&gdpr=0&gdpr_consent=
Request Chain 257
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=05d7189c-1a4d-52d3-bb58-de94da5cbcd4
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=_l1Tw-zGRKeW_7q3Dbe9MQ&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3Dcc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc%26ui%3D_l1Tw-zGRKeW_7q3Dbe9MQ HTTP 302
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&ui=_l1Tw-zGRKeW_7q3Dbe9MQ
Request Chain 260
  • https://eb2.3lift.com/xuid?mid=7772&xuid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Request Chain 262
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YQRiPpcGh7UoHm61uzNYrQAA%261166
Request Chain 265
  • https://dt.scanscout.com/ssframework/uid?UIAA=36126207129743048330580553676847753842&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-fcec641626e67d4916828039307fb359
Request Chain 266
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=36126207129743048330580553676847753842&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 268
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=36126207129743048330580553676847753842 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=36126207129743048330580553676847753842
Request Chain 270
  • https://tags.bluekai.com/site/43981?id=36126207129743048330580553676847753842&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=GNh0wQ9999ep0xHC
Request Chain 271
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVFSaVBRQUFBR3d5eVJIbA==
Request Chain 272
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YQRiPQAAAGwyyRHl&expires=90
Request Chain 277
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQRiPQAAAGwyyRHl
Request Chain 278
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YQRiPQAAAGwyyRHl
Request Chain 279
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YQRiPQAAAGwyyRHl HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YQRiPQAAAGwyyRHl
Request Chain 280
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQRiPQAAAGwyyRHl
Request Chain 281
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YQRiPQAAAGwyyRHl&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YQRiPQAAAGwyyRHl&img=1&__user_check__=1&sync_id=7d897b24-f175-11eb-87d7-194044dd0406
Request Chain 282
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YQRiPQAAAGwyyRHl&t=2592000&o=0
Request Chain 283
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=9a2a1586-dab9-4889-a934-6bf3ed4d8122-tuct7fde7be
Request Chain 284
  • https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1627677247725 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6146a9d7-3f9f-417b-b7b5-06beeccb260d-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-6146a9d7-3f9f-417b-b7b5-06beeccb260d-003 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-6146a9d7-3f9f-417b-b7b5-06beeccb260d-003

300 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • https://heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16276772411396580198
  • https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
426 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
57ed96d31fc16f26bc5085a2f31d0e1cd44234fd3d7ac829a052caae81d9021f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.heraldsun.com.au
:scheme
https
:path
/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
n_regis=123456789
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
content-type
text/html; charset=UTF-8
set-cookie
nk=48e00d6035d4ef657ff8ba4adfcc0834; expires=Sat, 30-Jul-2022 20:34:03 GMT; domain=.heraldsun.com.au; secure; SameSite=None nk=48e00d6035d4ef657ff8ba4adfcc0834; expires=Mon, 29 Jul 2024 20:34:03 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure;
x-powered-by
WordPress VIP <https://wpvip.com>
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
vary
User-Agent Accept-Encoding
x-opw
4
x-bpath
OLD
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d48e00d6035d4ef657ff8ba4adfcc0834-1627677242&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=48e00d6035d4ef657ff8ba4adfcc0834
blaizehappened
true
x-rq
ewr4 0 2 9980
x-xss-protection
1
x-content-type-options
nosniff
host-header
a9130478a60e5f9135f765b23f26593b
content-encoding
gzip
cache-control
max-age=6
expires
Fri, 30 Jul 2021 20:34:09 GMT
date
Fri, 30 Jul 2021 20:34:03 GMT

Redirect headers

server
AkamaiGHost
content-length
154
content-type
text/html
location
https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
set-cookie
nk=48e00d6035d4ef657ff8ba4adfcc0834; expires=Mon, 29 Jul 2024 20:34:02 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary
Accept-Encoding
etag
"05563c72b22b39afb384f19701c03047:1600838589.100191"
expires
Fri, 30 Jul 2021 20:34:02 GMT
cache-control
max-age=0, no-cache
pragma
no-cache
date
Fri, 30 Jul 2021 20:34:02 GMT
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
680 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
pragma
no-cache
cookie
n_regis=123456789; nk=48e00d6035d4ef657ff8ba4adfcc0834
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
x-opw
4
content-length
74
x-rq
ewr4 0 2 9980
last-modified
Thu, 27 May 2021 01:26:43 GMT
server
nginx
etag
"60aef553-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 30 Jul 2021 20:34:04 GMT
lux.js
cdn.speedcurve.com/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
71a8fdaf97655c40070a0fd034eeff672a5526d7d768ccd314f46567a440f57d

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
via
1.1 vegur, 1.1 varnish
age
1937
x-cache
HIT
x-cache-hits
5
content-encoding
gzip
content-length
6233
x-served-by
cache-fra19136-FRA
last-modified
Fri, 30 Jul 2021 20:01:47 GMT
server
Apache
x-timer
S1627677244.828314,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Aug 2021 20:01:47 GMT
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		262 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab479a8f853819978096cf83b095708b263fb3fcc03964b39902abd9d2137341

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
WC4Iiwp.7Q9oWwl9ZcP4T0RYoXGZZrHp
content-encoding
gzip
etag
"787510d50c7ce37d1b064aa39aadb144"
age
26186
x-cache
HIT
content-length
36289
x-amz-id-2
JBJSDRlcEHDa/vg3AxJeRP2P2q5J58aANmnIP740/+0lkeZ6aWI19o/4Qb1OGhCjr2Z2RYeKOOw=
x-served-by
cache-fra19139-FRA
last-modified
Thu, 29 Jul 2021 08:47:18 GMT
server
AmazonS3
x-timer
S1627677244.846095,VS0,VE1
date
Fri, 30 Jul 2021 20:34:03 GMT
vary
Accept-Encoding
x-amz-request-id
TJ418JB1KBQBYWGP
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
26
x-cache-hits
1
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		37 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
pragma
no-cache
cookie
n_regis=123456789; nk=48e00d6035d4ef657ff8ba4adfcc0834
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
x-opw
4
content-length
14385
x-rq
ewr4 116 152 3181
last-modified
Mon, 17 May 2021 06:41:15 GMT
server
nginx
etag
W/"60a2100b-948d"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=886345
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Tue, 10 Aug 2021 02:46:28 GMT
6f63983aed3383d63b108417b85c3d14
content.api.news/v3/images/bin/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/6f63983aed3383d63b108417b85c3d14?width=1024
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a3cc81180383c279f79f23304043fc874a2853bb9c620119e0f64f1fb8b01068

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
6f63983aed3383d63b108417b85c3d14
date
Fri, 30 Jul 2021 20:34:03 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
e0a2c15e303bd27ff3c66de7f46e9d4d-6f63983aed3383d63b108417b85c3d14-1024
x-serial
1013
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5152443
last-modified
Fri, 30 Jul 2021 11:50:07 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
64762
expires
Tue, 28 Sep 2021 11:48:06 GMT
b726fe879c6fb5dd613a09adccd7608e
content.api.news/v3/images/bin/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b726fe879c6fb5dd613a09adccd7608e?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9acafa201452e79c6c7c99d36c32dd14427ae54a474d517a4763e141ed2c8b9a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
b726fe879c6fb5dd613a09adccd7608e
date
Fri, 30 Jul 2021 20:34:03 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
1dd68e21e37e9bb179d45db852b36144-b726fe879c6fb5dd613a09adccd7608e-650
x-serial
1572
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5139617
last-modified
Fri, 30 Jul 2021 08:15:25 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
32582
expires
Tue, 28 Sep 2021 08:14:20 GMT
1e687e2766e6eb66a1d2600c4aa96bb6
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1e687e2766e6eb66a1d2600c4aa96bb6?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c1c27bae168b290fcb2b2fd66a3416715f2c10ff1b6c2c5eb815c059fe15bc37

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
1e687e2766e6eb66a1d2600c4aa96bb6
date
Fri, 30 Jul 2021 20:34:03 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
6c805a253ac956954d103c0e2cca93ce-1e687e2766e6eb66a1d2600c4aa96bb6-150
x-serial
429
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5156538
last-modified
Fri, 30 Jul 2021 12:55:50 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
5959
expires
Tue, 28 Sep 2021 12:56:21 GMT
ab47a1967d3b37c2b5a90d49e2c1a8b3
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ab47a1967d3b37c2b5a90d49e2c1a8b3?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8bc3da8c3505b3d92ab4b5b3b972135290ad2552146eb61c79465caa262fb27f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
ab47a1967d3b37c2b5a90d49e2c1a8b3
date
Fri, 30 Jul 2021 20:34:03 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
16e587773c66afd06244ae04d6b8e9c6-ab47a1967d3b37c2b5a90d49e2c1a8b3-150
x-serial
820
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5156971
last-modified
Fri, 30 Jul 2021 13:05:32 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
4283
expires
Tue, 28 Sep 2021 13:03:34 GMT
d20e4a3eedfb664c431a72ca92e566f8
content.api.news/v3/images/bin/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d20e4a3eedfb664c431a72ca92e566f8?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c64a9311d22ab66c7dd274f8d1e557ad97460b86c83d62f83cf9ae963cd23cda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
d20e4a3eedfb664c431a72ca92e566f8
date
Fri, 30 Jul 2021 20:34:03 GMT
last-modified
Fri, 30 Jul 2021 11:45:21 GMT
server
Akamai Image Manager
etag
e2b6aff95f02909f5b363b169a496d6b-d20e4a3eedfb664c431a72ca92e566f8-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5152250
access-control-allow-headers
x-newsapi-api-key
content-length
3142
expires
Tue, 28 Sep 2021 11:44:53 GMT
8601ea6e96a82507eed0ce1998d64994
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8601ea6e96a82507eed0ce1998d64994?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
5692dfedf85b6847f85098a682a035e110c5d8ca0c8a48d789275e2d4841becc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
8601ea6e96a82507eed0ce1998d64994
date
Fri, 30 Jul 2021 20:34:03 GMT
last-modified
Fri, 30 Jul 2021 05:39:40 GMT
server
Akamai Image Server
etag
23002de823ac483bca854baf3d7d392e-8601ea6e96a82507eed0ce1998d64994-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, max-age=1788
x-akamai-note
original-image
access-control-allow-headers
x-newsapi-api-key
content-length
4492
expires
Fri, 30 Jul 2021 21:03:51 GMT
0f27a864897f84f295ff366e67117892
content.api.news/v3/images/bin/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0f27a864897f84f295ff366e67117892?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d37ecc4f7725c2e06a39e8d1fdd05e353cc98cde5e8c304d5c6e6dac9c1c9bba

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
0f27a864897f84f295ff366e67117892
date
Fri, 30 Jul 2021 20:34:03 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
8083e6942a08ed0277bc38a5fd2f3d3a-0f27a864897f84f295ff366e67117892-650
x-serial
1439
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5157344
last-modified
Fri, 30 Jul 2021 13:09:28 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
15830
expires
Tue, 28 Sep 2021 13:09:47 GMT
c981916dc25670840969242e332f4203
content.api.news/v3/images/bin/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c981916dc25670840969242e332f4203?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6005f2326a3bcec44dc13142f605220b3ebe3d465b3df216fd8d5795dca8b92f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
c981916dc25670840969242e332f4203
date
Fri, 30 Jul 2021 20:34:03 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
3fc56250b422b98713e59a557e111612-c981916dc25670840969242e332f4203-650
x-serial
141
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5135554
last-modified
Fri, 30 Jul 2021 07:06:47 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
47816
expires
Tue, 28 Sep 2021 07:06:37 GMT
FY21_Acq-Bob2-ROS-MASTER-MP-BOBImage-350x197-1.jpg
origin.go.heraldsun.com.au/wp-content/uploads/2021/04/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.go.heraldsun.com.au/wp-content/uploads/2021/04/FY21_Acq-Bob2-ROS-MASTER-MP-BOBImage-350x197-1.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
19353d2b4d79956569a1ac629398c8f6ec8275a06279d37b926738e500e39edb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
x-rq
hhn2 109 84 443
last-modified
Wed, 07 Apr 2021 05:30:28 GMT
server
nginx
etag
"653ba8a087c7e3f3"
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16040
expires
Thu, 07 Apr 2022 05:36:55 GMT
rea-logo-v4.png
s1.rui.au.reastatic.net/rui-static/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.rui.au.reastatic.net/rui-static/img/rea-logo-v4.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3000:1e:c291:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 17:05:13 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 11 Aug 2017 05:25:43 GMT
server
AmazonS3
age
7097331
etag
"7fb1763135890cdfa60dcb405cd51572"
x-cache
Hit from cloudfront
x-amz-version-id
itrxET0Vrz4We1UVf0nZMlYhOyBF2D8w
cache-control
max-age=20221025
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/png
content-length
8533
x-amz-cf-id
HSV8gIrdsMfVumb23cpfb-kMGrDcB-lFSgz6X2zvmlOZiqSzxhTqzQ==
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
E7FC71DCC76626B8
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=343978
accept-ranges
bytes
content-length
535
x-amz-id-2
cwPOFVoesdR8zziFLGKQvvlh/NrinqD0Royvn8X9ixprzFVnM6iJPyh3TlqFvT/UKPHaRfChR3Y=
expires
Tue, 03 Aug 2021 20:07:01 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
80805FC298EFFCF4
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=146686
accept-ranges
bytes
content-length
540
x-amz-id-2
A7Clz7HCePx1Ek5slYSVMJdtjiy61jm8cPQilsKeafI3hQRtTyE80fian+knWnPUDJ+OpyNGk5s=
expires
Sun, 01 Aug 2021 13:18:49 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
4T3M6X9Y0W9X0G6J
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=131214
accept-ranges
bytes
content-length
12440
x-amz-id-2
6kyVI5zeb4fwYg+7eiJtZMVUc6Kv6imrnOUOauvUkitAFhLfXC36AZFgt+vavdb+8HhXWcx7g18=
expires
Sun, 01 Aug 2021 09:00:57 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
EFC0AD8EBCCD7129
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=151525
accept-ranges
bytes
content-length
16112
x-amz-id-2
KUKW+av4QFyzO1K/NgsGJU+kIOu+X9RuH2COg0hb48VfE4XQSsj5P4nijBPJqVMpSpao69k4s9o=
expires
Sun, 01 Aug 2021 14:39:28 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
F71F13E443C6B2FE
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=336992
accept-ranges
bytes
content-length
15948
x-amz-id-2
Nlq1wgWYh3e+AC0TUoNBE9CTiNyyErOIlUApQuxB9Tpjk0xBPWMUGKncr3MAUeAFT97YCQMu7Vk=
expires
Tue, 03 Aug 2021 18:10:35 GMT
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
34037D7C97259F11
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=173987
accept-ranges
bytes
content-length
11472
x-amz-id-2
8hpECIsS0O7dE/rOrT22b+WguT2pGbsJRr3icYp9VHDHuJZLFxHG23j6pozDBbA9W1Eo5ca1pXY=
expires
Sun, 01 Aug 2021 20:53:50 GMT
games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.74 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 20:34:06 GMT
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
JT5YMGEFGNAKBVK9
ETag
"2fa79b1c302fa407df95b287a47e01bc"
Content-Type
image/svg+xml
x-amz-version-id
mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges
bytes
Content-Length
4533
x-amz-id-2
BknchgPoUUvHSuLkaOoQkRChjhX/okKVPd4E7lPnA4IMbE92rLIVLyIb7GXWpEAqLpeb4gATqsQ=
horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.74 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 20:34:06 GMT
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
JT5YESBC4N3MQ3ZQ
ETag
"e9dc4230a2305a0cb7743e2ade763349"
Content-Type
image/svg+xml
x-amz-version-id
NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Accept-Ranges
bytes
Content-Length
9223
x-amz-id-2
sNNXdTUcepwzbggFwXwnvtsu2Tx8VLvEe16Qdr+8PKu1jtsDguftVhK3lUiIbQ47IZ6EfXsKK5M=
NCHRS_thumb.jpg
s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/NCHRS_thumb.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.115 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6c74ac5b824536884634fd010c7d65a75c20bd27b0e32a0b2ea5ccbda2660dd4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 20:34:06 GMT
Last-Modified
Fri, 30 Jul 2021 16:39:20 GMT
Server
AmazonS3
x-amz-request-id
JT5YP5Y7YEMBJC4Z
ETag
"5960cbfd109548bd28cba0ec53f3f9da"
x-amz-meta-sha256
6c74ac5b824536884634fd010c7d65a75c20bd27b0e32a0b2ea5ccbda2660dd4
x-amz-version-id
YFStGXu5eAIv6xMBIaOlosPVAhUGZzur
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
22265
x-amz-id-2
eqqpm3qobYZodoL3gAcY1BuSbeEZCPk0GvYbI2gruAshWvW4OkNxyzmeWQ0NySb70FYCag+6ygw=
x-amz-meta-s3b-last-modified
20210730T163029Z
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
pragma
no-cache
cookie
n_regis=123456789; nk=48e00d6035d4ef657ff8ba4adfcc0834
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
x-opw
4
content-length
2891
x-rq
ewr4 0 2 9980
last-modified
Wed, 26 May 2021 23:35:08 GMT
server
nginx
etag
W/"60aedb2c-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1807528
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 20 Aug 2021 18:39:31 GMT
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2143df38d0790552d51c8e476c0617548ab569020395f881be4a38ce473d0e04
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
pragma
no-cache
cookie
n_regis=123456789; nk=48e00d6035d4ef657ff8ba4adfcc0834
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
x-opw
4
content-length
2595
x-rq
ewr4 0 2 9980
last-modified
Fri, 23 Jul 2021 03:16:11 GMT
server
nginx
etag
W/"60fa347b-18c0"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=22
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 30 Jul 2021 20:34:26 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:03 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
232BAC8F1E7A26D0
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=102538
accept-ranges
bytes
content-length
11372
x-amz-id-2
4ragS4nm2P2YO+wuj4WOaEwarsG8MPOvjg0Yww06PbhqcauOnbqvN1NBoN1h+SY8F0xcMAH9O4s=
expires
Sun, 01 Aug 2021 01:03:01 GMT
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
etag
"1a868d280f9424f5d82876d6cf0c46b9"
age
0
x-cache
HIT, HIT
content-length
1123
x-amz-id-2
4dTzYpSUo5nALl+KbSEeDJKV6gZ2ljwQis/U1wLTrA1mWPcKkqyZ0Nup/siayV+SL4ix5bw0avs=
x-served-by
cache-sna10739-LGB, cache-fra19176-FRA
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1627677244.072631,VS0,VE314
date
Fri, 30 Jul 2021 20:34:04 GMT
vary
Accept-Encoding,,
x-amz-request-id
M6W9R0WVS541F2GK
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
impl.20210729-2-RELEASE.js
cdn.taboola.com/libtrc/ 		530 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
59cb71b9e76b9047bb3d25ff19b6fd4edd00341332c326e9b3c464bc24c5369f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3ZZCVb_yWNxeLgC1c2_aII0RM8QQYvue
content-encoding
br
etag
"26b9456a5c2cd0e3722c76868e1953d8"
age
14022
x-cache
HIT
content-length
120503
x-amz-id-2
cvpXV+OYxr1qkvjVFHw6LP+2pTIRwV6RQeyy8LZciYb1V5BbzuJ1O4cUiI7iXa1NzlZNTpXCVCs=
x-served-by
cache-fra19139-FRA
last-modified
Thu, 29 Jul 2021 08:34:42 GMT
server
AmazonS3-br
x-timer
S1627677244.041560,VS0,VE0
date
Fri, 30 Jul 2021 20:34:04 GMT
vary
Accept-Encoding
x-amz-request-id
E30099QD49D0AXN6
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
52
x-cache-hits
45055
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-53.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:07:09 GMT
via
1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1616
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
1BJBYEx8eG6wIR_8HR6G20NLWYCpUOFEUQaapjBQtL22mCgabgmuTQ==
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2075173
access-control-allow-methods
GET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
ZKGBQCH9P0J7KW6N
x-amz-id-2
pikGRu8qjCsHWn8FljFuNVwuRgd1UoWmnlDbPS7ytXfyPncLZ9jkvND6dOeVjnqey4B98BRkujY=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lW1FXxVVYONujmxIZQoEnDW3Cbj3kwnALlR8TLHJjwJNBH3ZHEMPb1XPOwkiAMt%2BbU9fRPAzau%2BgrnXYCfQlRtN1CR0xQVL32bO3mHCwEO3Gn96h7mJkxhDf%2BSfoHfQgBahCLskbJ1AGxx5ItDPgA6j3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
67715d97c82f3140-FRA
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=22%3A34%3A04.143&lti=deflated&data=%7B%22id%22%3A37%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1627548434944%2C%22vi%22%3A1627677244112%2C%22cv%22%3A%2220210729-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A10717%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1416.109375%2C%22mw%22%3A194%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e96098bb2152ccf47f6d2314f50deb5313d5443b1a7a0a3f18e6b34c8455b8d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
51
date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
server
nginx
x-timer
S1627677244.149281,VS0,VE51
x-served-by
cache-fra19139-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1627677244201&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1627677244201&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%2...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1627677244201&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-53.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
via
1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
af2jI94kJhmn_3Xu9BrLQ4ccRtEYpeNqpV3IC_e0KdselPbuayDwfg==

Redirect headers

date
Fri, 30 Jul 2021 20:34:04 GMT
via
1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1627677244201&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=
content-length
277
x-amz-cf-id
H1gA8Rcc94sbaTY8gksp_x_DWkKuKC4-YAv1PTbnpldONQd8rhMTtg==
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding
gzip
etag
"7a6ef5412d45e94af6813e18c060355d"
age
23467
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5990
x-amz-id-2
5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by
cache-fra19139-FRA
last-modified
Tue, 06 Jul 2021 14:02:32 GMT
server
AmazonS3
x-timer
S1627677244.212123,VS0,VE0
date
Fri, 30 Jul 2021 20:34:04 GMT
vary
Accept-Encoding
x-amz-request-id
KQE2YD0951MP799B
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
52
x-cache-hits
174670
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
1000 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
15528
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by
cache-fra19139-FRA
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1627677244.212109,VS0,VE0
date
Fri, 30 Jul 2021 20:34:04 GMT
vary
Accept-Encoding
x-amz-request-id
H26RXF80K5Y33KYT
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
52
x-cache-hits
82474
tfa-eid.20210729-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210729-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f7871d93d5c3d1704ff63df786e947d15254a0dc27af5b429b03a7090d07ff0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KIt47jUShIAEejR4_9LKbcUQxM1qfkyU
content-encoding
gzip
etag
"1420293eab19df25c2ca25d9d3552a23"
age
98
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5062
x-amz-id-2
Eb9VYvSNNZp/7tpiIvYlcUWCA159EDpemM7AJBFR6yae+ggwAy9epCPh8sYLIzu13Qj0nUmguQk=
x-served-by
cache-fra19139-FRA
last-modified
Thu, 29 Jul 2021 12:45:46 GMT
server
AmazonS3
x-timer
S1627677244.212094,VS0,VE0
date
Fri, 30 Jul 2021 20:34:04 GMT
vary
Accept-Encoding
x-amz-request-id
4ABCGB3XPJ7A1XKH
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
52
x-cache-hits
422
sha256.20210729-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210729-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8fbfb42bb82ce3052352ce7cf22ae4e2b0dbeed1c324f2c490e8e0405d09b3d7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zxaJkOHJyCvsP09HGr0yxlkmlSldsQYt
content-encoding
gzip
etag
"d2490b745585466574523b6bd4db0629"
age
41
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
zHb1egd2VQ09BdWYbJVnhPMEjJAgxL22Irs43pJ431Lp3CtqFn5X7tYyWoqZtQzccsq0orwX2Fc=
x-served-by
cache-fra19139-FRA
last-modified
Thu, 29 Jul 2021 12:45:33 GMT
server
AmazonS3
x-timer
S1627677244.212074,VS0,VE0
date
Fri, 30 Jul 2021 20:34:04 GMT
vary
Accept-Encoding
x-amz-request-id
10DGCRSMYJWXAD6Z
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
52
x-cache-hits
153
distance-from-article.20210729-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20210729-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be4e3fdf225cbce1694c7ba81350069e05f1f03fb941e4340b35de933845ddf5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
T.oKIoHwFnUUtJwn3NiUfgDhzoC5qOlF
content-encoding
gzip
etag
"de93614fc6114ed15f815ff9c981233d"
age
15
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1006
x-amz-id-2
LAr8ull597LfqTWidQDKGy142NRJZNoNzsZKOa75CebU4oIayXKTySOal8G9vauVKDrCWJRF8L4=
x-served-by
cache-fra19139-FRA
last-modified
Thu, 29 Jul 2021 12:45:43 GMT
server
AmazonS3
x-timer
S1627677244.222483,VS0,VE0
date
Fri, 30 Jul 2021 20:34:04 GMT
vary
Accept-Encoding
x-amz-request-id
Z8XQ6AZ2S3VVKENR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
52
x-cache-hits
20
article-detection.20210729-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20210729-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6525ef13f3eecef0a305084624e34852311af3e807f850bbced086d563d34dda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IDp6v67rH4dL1ftoyImh5EnlBbxhO1Q8
content-encoding
gzip
etag
"576f29f78e3dbeaa0ac26e70f0db67bf"
age
118
x-cache
HIT
x-amz-replication-status
PENDING
content-length
857
x-amz-id-2
9BtId9hzo/eVkTZg0TjG61SkTm2G+iDH0fXaurpIY6E7NO8lw1jhQ6mklhw8Xwyz++jTf1/Q84M=
x-served-by
cache-fra19139-FRA
last-modified
Thu, 29 Jul 2021 12:45:53 GMT
server
AmazonS3
x-timer
S1627677244.223148,VS0,VE0
date
Fri, 30 Jul 2021 20:34:04 GMT
vary
Accept-Encoding
x-amz-request-id
ZH8TE2WN73V6DDX8
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
52
x-cache-hits
185
output-onlinepngtools.png
cdn.taboola.com/static/impl/png/ 		433 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/impl/png/output-onlinepngtools.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AAyhRafOuktzn.f74Q8OqW.nPL5_HaO.
via
1.1 varnish
etag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
age
6280
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
433
x-amz-id-2
YWTorbw+2TkTJavBXr4v2SPSZG5lPuK2RXegHHlL6Dhd73v1/wHLpbnAv3X0th0bavktQItDOcQ=
x-served-by
cache-fra19139-FRA
last-modified
Mon, 15 Feb 2021 03:14:25 GMT
server
AmazonS3
x-timer
S1627677244.223848,VS0,VE1
date
Fri, 30 Jul 2021 20:34:04 GMT
x-amz-request-id
AQT1GCDT2P7VJ23K
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
52
x-cache-hits
1
Snapchat-A1-3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.theaustralian.com.au/wp-content/uploads/2021/06/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.theaustralian.com.au/wp-content/uploads/2021/06/Snapchat-A1-3.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fa5d800c79f373f6b5cc7730b262585832761ca3024892d08d95ea92c0138fa8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 30 Jul 2021 20:34:04 GMT
via
1.1 varnish, 1.1 varnish
age
2226433
edge-cache-tag
603419846956987089020225542096956775361,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
28
expiration
expiry-date="Fri, 16 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.theaustralian.com.au/wp-content/uploads/2021/06/Snapchat-A1-3.jpg
content-length
9146
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Tue, 15 Jun 2021 04:50:37 GMT
server
nginx
x-timer
S1627677244.236198,VS0,VE1
etag
"a75f6bf736b8701eef0532be1834ce86"
x-served-by
cache-wdc5521-WDC, cache-dca17761-DCA, cache-fra19139-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
supply-feature
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=58961a3a2f3e1348a6ffa5149edca664&sd=v2_340afb30028d70eef414858b0d4950f8_cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc_1627677244_1627677244_CIi3jgYQgPNHGND1_sivLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0BcAA&ui=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&pi=/&wi=873729681997272865&pt=home&vi=1627677244112&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A996.109375%2C%5C%22articleClasses%5C%22%3A%5C%22site-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22SECTION%5C%22%2C%5C%22threshold%5C%22%3A%5C%22246%5C%22%7D%22%7D&tim=22%3A34%3A04.244&id=6434&llvl=1&cv=20210729-2-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Fri, 30 Jul 2021 20:34:04 GMT
via
1.1 varnish
server
nginx
x-timer
S1627677244.247447,VS0,VE8
x-served-by
cache-fra19139-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		270 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
10fb2e7bc0fb49a10347df3928829396f921e38ab2c1985f9834d9567fde2bf1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/remote/identity/rampart/latest/rampart.js
pragma
no-cache
cookie
n_regis=123456789; nk=48e00d6035d4ef657ff8ba4adfcc0834; lux_uid=162767724402058191; trc_cookie_storage=newscorpau-aud-heraldsun%253Asession-data%3Dv2_340afb30028d70eef414858b0d4950f8_cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc_1627677244_1627677244_CIi3jgYQgPNHGND1_sivLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0BcAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Dcc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
AkamaiNetStorage
etag
"b16413408307345433239aa4c556a56a:1622434515.042104"
vary
User-Agent Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=417
date
Fri, 30 Jul 2021 20:34:04 GMT
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 30 Jul 2021 20:41:01 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7ac3316bff6fdb179ab98a319773d5c3beaa035a1f8c03f162a6100f8c49a899
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
pragma
no-cache
cookie
n_regis=123456789; nk=48e00d6035d4ef657ff8ba4adfcc0834; lux_uid=162767724402058191; trc_cookie_storage=newscorpau-aud-heraldsun%253Asession-data%3Dv2_340afb30028d70eef414858b0d4950f8_cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc_1627677244_1627677244_CIi3jgYQgPNHGND1_sivLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0BcAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Dcc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
x-opw
4
content-length
20585
x-rq
ewr4 0 2 9980
last-modified
Thu, 29 Jul 2021 00:44:42 GMT
server
nginx
etag
W/"6101f9fa-10ee2"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=18
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 30 Jul 2021 20:34:22 GMT
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4d85ebc2c64fe3288b92d262ae4c567084a214a194cf6306c9b65ac2318ef671
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js
pragma
no-cache
cookie
n_regis=123456789; nk=48e00d6035d4ef657ff8ba4adfcc0834; lux_uid=162767724402058191; trc_cookie_storage=newscorpau-aud-heraldsun%253Asession-data%3Dv2_340afb30028d70eef414858b0d4950f8_cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc_1627677244_1627677244_CIi3jgYQgPNHGND1_sivLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0BcAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Dcc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
x-opw
4
content-length
2101
x-rq
dca8 0 2 9980
last-modified
Thu, 01 Jul 2021 00:06:11 GMT
server
nginx
etag
W/"60dd06f3-18f3"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=52
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 30 Jul 2021 20:34:56 GMT
authorize
login.newscorpaustralia.com/ Frame FBC5 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=dlzjPylCunpn0cq9yZKOiS-pDY4MIybE&nonce=DjP6nHg6HuYrh-899lb6qshooExQUEvo&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
7cecae3130085b75e1a5eef842b60677bdcec0ed4a6c59757c7a9f6f86a1283c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=dlzjPylCunpn0cq9yZKOiS-pDY4MIybE&nonce=DjP6nHg6HuYrh-899lb6qshooExQUEvo&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
67715d9a0fb1d6b9-FRA
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
67715d9a0fb1d6b9
ot-tracer-sampled
true
ot-tracer-spanid
1518fd832734770d
ot-tracer-traceid
632939ca480bb2fb
x-auth0-requestid
730e9fdaa3c92a03e571
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1627677245
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 536 0 pmb=mTOE,3
expires
Fri, 30 Jul 2021 20:34:04 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 30 Jul 2021 20:34:04 GMT
content-length
809
vary
Accept-Encoding
set-cookie
did=s%3Av0%3A7b4a32e0-f175-11eb-be20-f77560315651.IuR10mrhFDO58ws6B33dF4JvL%2BnmNS00LwudLK%2BUKm0; Max-Age=31557600; Path=/; Expires=Sun, 31 Jul 2022 02:34:04 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A7b4a32e0-f175-11eb-be20-f77560315651.IuR10mrhFDO58ws6B33dF4JvL%2BnmNS00LwudLK%2BUKm0; Max-Age=31557600; Path=/; Expires=Sun, 31 Jul 2022 02:34:04 GMT; HttpOnly; Secure bm_mi=8508C7C78D41929E3DE3436E340A16B9~3KhZs7WDCmVKhoz0+zLmd/GZfPipAVqT8yonj6ZRFuQ6rPF6rIvml9FJ5kIYrXe3wFeAU3MlK4CoPwg074MSPZKOq+iR1aYWuGI/Zh61cdeLY+JxV2sQcKba+Ct83ThdyY/HHLbFraBvKGA+aCpAwOuejQa62OBWb/a7kYERPruDocCOq5QUUNqwMQI5euw6TCSI3jiXPcxb5kqP5KT9rg1wJ9HUqX9fqyYi6JolQ6WCI9VuC7nY0mzxopPCQa/Y; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly _abck=A4CC6AE1EEF284336CF1F9F9C767B200~-1~YAAQjLsQApxhzLB6AQAAn70f+QbE8UEnByMduuC9oJSKvIK10lt631q4fvDwPToLoS9dzvPkDePhR++NDUMVL91WQ8mreWbjTwdff5xamcZjX3kHswhSXUskwL/6tTQ7TscM/a+TXJo6mM23h5Y2fM5OkS9km+vD94FrDuS3gjaeufdELWymO3G5D/7128juVDL7yr5sMJ2KYvTesrtLY0UTspmwMcxJOiKhYOYTJ5OnvR0e34haBz40Ej6FsAPoGQmiWC9Gc6PP4QkJvE9Fm3slci0BcSAx2OFHhNlQhr4jWmxq5FEc6eObLuly6QOqFxh61difa1Si6D1lu4P+rvrHyIVjm/LQOkG2j7DI7Q08d1u5EVq/W843QeKRhzQgYQ7VEu4/Gw==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Sat, 30 Jul 2022 20:34:04 GMT; Max-Age=31536000; Secure ak_bmsc=99724400B677C082E2C4BFD5E05A0811~000000000000000000000000000000~YAAQjLsQAp1hzLB6AQAAn70f+Qzy7hlChMdWd5HSDvJbsXM6tnC43aV1htTFE2kTbMgj/vXsShUkRYkbSAtYsTKJjLfYu1hywynIIAhbfiqE2Sj9fY/izNw8eHXHfuYbJ8R1h4DjacnpUWVF3iESlhtAHcwUH/W2YHF75EDCmtUiM24CNZjqmb4fhSWrVci9IX+uoTxVS/3FiLE6GuBhy/0+CabDhMjpy3qsHJk+de24FgPKrJ/1BbmM/1ZDsYOB3ag0mqpwDsKHm1uRs+Mofkt0iZ2W/qVNCTV1lC8Xc19dtJBRPBaVpEHZh1pm6HFSsu8568t9wt3hr3LG4jAcruSYkkIAyJQJCnIn04dIQDBA29XbmGBui2aGLa36T69F3ZS4tHIKJkYIQXFXK893STk1KpNa; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 30 Jul 2021 22:34:04 GMT; Max-Age=7200; HttpOnly bm_sz=317D63BDA1997E5AB66D010AA522E213~YAAQjLsQAp5hzLB6AQAAn70f+Qxp+75FHQYfq/tD653W1Ktl7ko0mVb3EMzO4F0tcTDDyMmpPAUWvx4nqAZX1RqknDcjMhQOx5nfUgxs8aR1K6/HLxFUzaYNZB7DMNrDS4b0TONzPoG1RSk3BQAESIe8IdRhaS/onFAkCZT0JGdQBrBMJ2oPVxfwv2Ch+MmUzzcGDU0pv93N62uRsjhEsBy/LIn3sxUbM2NWZD1geJrOKfFd63LP3CJ5VkAv9IrxESQ860QjXqs2b1hLaL76vdQIp/uOEU/OfMIQcjAiwGY9lGfx7RGAb1YZ5a/pjQ==~3553073~3556665; Domain=.newscorpaustralia.com; Path=/; Expires=Sat, 31 Jul 2021 00:34:04 GMT; Max-Age=14400
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5d8d9a25d740d84796f550995000f5cb09444587a73d0bb8f3c3ec0255f766e5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 04:37:17 GMT
server
AkamaiNetStorage
etag
"176b35245b78b589e43e23f48eb5b1b5:1627533437.743456"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1236
expires
Fri, 30 Jul 2021 20:39:04 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c664dda5c6b8228087e2463f60c0364dec9e7bba804ec004c13ccb530710257f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 04:37:18 GMT
server
AkamaiNetStorage
etag
"ce75e946fee214b457bc41cf8555c269:1627533438.644942"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
19286
expires
Fri, 30 Jul 2021 20:39:04 GMT
indies-loader.js
ts2020-indies-client.web.app/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Mon, 19 Jul 2021 06:51:34 GMT
x-timer
S1627677244.421676,VS0,VE0
etag
"5c2c9c77edcfefaf1619408144b41c5b44f64c00ae68f3981ff348f0dc03807f-br"
x-served-by
cache-hhn4082-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Fri, 30 Jul 2021 20:34:04 GMT
accept-ranges
bytes
content-length
2347
x-cache-hits
15
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		175 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8f9e1fbd7f5751a862c874885290583d162f7e874c8bea31aa4bc034bfc73249
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js
pragma
no-cache
cookie
n_regis=123456789; nk=48e00d6035d4ef657ff8ba4adfcc0834; lux_uid=162767724402058191; trc_cookie_storage=newscorpau-aud-heraldsun%253Asession-data%3Dv2_340afb30028d70eef414858b0d4950f8_cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc_1627677244_1627677244_CIi3jgYQgPNHGND1_sivLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0BcAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Dcc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc; com.auth0.auth.dlzjPylCunpn0cq9yZKOiS-pDY4MIybE={%22nonce%22:%22DjP6nHg6HuYrh-899lb6qshooExQUEvo%22%2C%22state%22:%22dlzjPylCunpn0cq9yZKOiS-pDY4MIybE%22}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
x-opw
4
content-length
41276
x-rq
ewr4 0 2 9980
last-modified
Thu, 29 Jul 2021 00:44:35 GMT
server
nginx
etag
W/"6101f9f3-2ba53"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=57
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 30 Jul 2021 20:35:01 GMT
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
49951ea080af236b8cf5fb0293a5981592f8f89f62d4f0ba4c84f8d46bd8ee71
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
pragma
no-cache
cookie
n_regis=123456789; nk=48e00d6035d4ef657ff8ba4adfcc0834; lux_uid=162767724402058191; trc_cookie_storage=newscorpau-aud-heraldsun%253Asession-data%3Dv2_340afb30028d70eef414858b0d4950f8_cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc_1627677244_1627677244_CIi3jgYQgPNHGND1_sivLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0BcAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Dcc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc; com.auth0.auth.dlzjPylCunpn0cq9yZKOiS-pDY4MIybE={%22nonce%22:%22DjP6nHg6HuYrh-899lb6qshooExQUEvo%22%2C%22state%22:%22dlzjPylCunpn0cq9yZKOiS-pDY4MIybE%22}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
x-opw
4
content-length
2988
x-rq
ewr4 0 2 9980
last-modified
Fri, 23 Jul 2021 03:16:10 GMT
server
nginx
etag
W/"60fa347a-1b27"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=41
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 30 Jul 2021 20:34:45 GMT
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
etag
"b7fcedf037c57085d364b689ca46f32e"
age
4361807
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
FZkbu2ca66LKwrfnYTtLlIVUznipS3Mfi0aCiGuAn4O8ePKk3d6sCRgT1FzfA4EIYLQpQyJIpNQ=
x-served-by
cache-sna10729-LGB, cache-fra19176-FRA
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1627677244.397876,VS0,VE1
date
Fri, 30 Jul 2021 20:34:04 GMT
vary
Accept-Encoding,,
x-amz-request-id
MXDAP9EY86EB7MZP
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
social
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=58961a3a2f3e1348a6ffa5149edca664&sd=v2_340afb30028d70eef414858b0d4950f8_cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc_1627677244_1627677244_CIi3jgYQgPNHGND1_sivLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0BcAA&ui=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&pi=/&wi=873729681997272865&pt=home&vi=1627677244112&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=22%3A34%3A04.439&id=2688&llvl=1&cv=20210729-2-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 30 Jul 2021 20:34:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
authorize
login.newscorpaustralia.com/ Frame 2C57 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=gRVRjIPHhn34QMIhXKX~Hb6SdmLTdFFQ&nonce=N0zwKm09FTLlhTocKOFs636D8.MurJzt&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
09bab387cf0f1f209c38108070710c0910067f1c3a4331abcd9c4af037e0e23b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=gRVRjIPHhn34QMIhXKX~Hb6SdmLTdFFQ&nonce=N0zwKm09FTLlhTocKOFs636D8.MurJzt&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
67715d99f934beb5-FRA
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
67715d99f934beb5
ot-tracer-sampled
true
ot-tracer-spanid
2ac373eb39962eea
ot-tracer-traceid
47f968ef667f7949
x-auth0-requestid
e442a95a88e754c83fc1
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1627677245
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 582 0 pmb=mTOE,3
expires
Fri, 30 Jul 2021 20:34:04 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 30 Jul 2021 20:34:04 GMT
content-length
812
vary
Accept-Encoding
set-cookie
did=s%3Av0%3A7b4773c0-f175-11eb-a2df-fb51833f41e6.AMcMMDE%2Bto8AwFdXIddaWBWicbW1KtOc%2B8cu2%2BpivDE; Max-Age=31557600; Path=/; Expires=Sun, 31 Jul 2022 02:34:04 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A7b4773c0-f175-11eb-a2df-fb51833f41e6.AMcMMDE%2Bto8AwFdXIddaWBWicbW1KtOc%2B8cu2%2BpivDE; Max-Age=31557600; Path=/; Expires=Sun, 31 Jul 2022 02:34:04 GMT; HttpOnly; Secure bm_mi=44B5A8027A6F0B0F1AF4310A31302409~3KhZs7WDCmVKhoz0+zLmd3lpqEgxQQfdeKrNVtlE/HCwKLTPCXp2fRKa8AlIZ91k+hmxnsglIZKPhW/3KAy833BtkvonV2o0mY5f/NMhKJRIwqB3oj3ymaTmZ06TZV2arxxP12MW3CAvL28Ni8PjYJyla6u7HOxKsk8yiVnGe7M1PhKIVIdIygwe9f+8p8S0viWquzMMh5BCEPreSSFsnptEA21fya0ih243ZUmomRCTsauU2lXWx9BorGE9LsMa; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly _abck=608749DD3E2B7F1AA04DFB215D492A00~-1~YAAQjLsQAplhzLB6AQAAkb0f+QZO/ofaO/Agq3oz1kh3s+03oA0+mgWEb9yE0sbE69A7U6X00iPU3lzGxCYojyLB1j6J6A6pJlUu5XqDEKkE4ogBFkqEKYYteIYdSCtbolnWIAhESfAxh57Roo7qlXm3Ttq6P89iihoUyHP5aliLR/fichfn6SfxG90GB6I3DrTNJLMp/WY5f/qedt5NBv27sgA86CyPgU0weHea5+5Ra7HSEQN7zHSoNQVWbfRc34Aq95SaZrxlrUg5sLp5B0W3uQK9DGmwBgI9QIT2QmaK+fdShHXvJK32KWEcIIrS55wTFrmG/1WTP5mCZfrslimKLy+jXXfHBCCLOvGS5cIILG/vg0PcoMKa8TljmHQp+upyI7swVA==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Sat, 30 Jul 2022 20:34:04 GMT; Max-Age=31536000; Secure ak_bmsc=69B5D22638131966978AFCCC86C60427~000000000000000000000000000000~YAAQjLsQApphzLB6AQAAkb0f+QwmG1LMQBVxVsk2jyTPfMGN+ZZtc5HE3OXJEucTXgUGo5l2hW7hLSTS3ctXtvGXzd7jdLTagW93vROixe4VxqIuPlkwx/YJwvgd77VKP94hdRHqlN9rsYC0/7zC67wXp273Z3StdDzpCh/HaH9yF1WO9iueN0HmZ8lJRKmwOJ+I8Pf85E5mrTQBz1duYRxSmkMm0choDBYj43xqYJn8dyltHBLjvFDoqH+fM+6aGyqoaJjf99mr9/oo+lmeVjI9FtqxIPPXkT62x64R3SlaLniuTNZDwsxpazaxjGreg+exg0Hxa3zMRTh40ZNDhUCX9jQNSeXaYla3hVAr2BTV/A2buoN+3caiedBcxQXP2TD9GcVG8/MMyxguZZjooib1qPSx; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 30 Jul 2021 22:34:04 GMT; Max-Age=7200; HttpOnly bm_sz=5890F6B9355A5344EA2C0DE875CEDCB7~YAAQjLsQApthzLB6AQAAkb0f+Qyxs+YqZxQoMnz7Hshk4IBvuh8we32VYFDkYsI7kUx+pyKtvQoD6Kuft8TanFiTxyrXPoEvoYVLxKZIPKqnpS4a9/71aR/n2PPbGfgAWJ56Xx4aIoN6ezQt5oTszsghc3SYCLt0gNSrwA4KXwD8zlUhAzZoZwXGJK5TMCNOFGVukJUws+j5RBsfkF0vwOLkcJLbgHlw0op5HT85pOep4g9uea6IyRfv5fdaFcJbIBQ+6oLYKEojQl1C7L8PUICzNWhtZYMCRyi5uZc5iYxdnys0mmtFdrLegqVptQ==~3553073~3556665; Domain=.newscorpaustralia.com; Path=/; Expires=Sat, 31 Jul 2021 00:34:04 GMT; Max-Age=14400
comments-count
mhr.talk.news.com.au/api/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=63807b78c5ec42f8879caf2d418c23ba,121fd3c3d0f9e14e4e080532268b4b11,80395702251d52a1ac9c4f71346b1938,943bd095366e5bf2a134d6acdb5e852e,2f4bd2226dc8636c5e6dc81da217fc67,34634de73d1125d77c83069f85fa213f,e29bfd9c79a79490afdacb739847e6de,4fbb1ef0513855de89720c51ce98af8b,c6addb1e940a2be6aef88fbc16dea805,6a10855cf05d3dadc9c9c7627d94d72d,03fb6e34b3dcc7e24d00766018ab11fe,9d27f759c592cf143795687c9b3ccd0d,be009a2d1df1f836f6d12bb7ef00f1ef,dbf510f12f668601d2d0f23c59a872bb,e9db5550c3c0b4cc91f0dfd8cb9820b5,9ef5b7b8b5582c746683c59626bb7eb7,13f07bed24dabcdd257f32359a41103b,7dca4550ef27781cd869df099d0cc14d,5ae0c1bb31754bdcb1307d7cdde10262,81e7e6e0ea9b161a5c841ce542c58d4f,cda06f198c3fa726293ff28057f1ae6d,ee137c6054118e4bb2f8137cd05ad1d0,15d8fc300ee0abd48c47da92aa280f03,73ded6d8f0ceb35d7724028c7a15f3b4,e13fa19503d207fe4563985d285b80d3,235dee6d102ce989bc68b7361404de3d,c8e5a563734956d27c2091572c339021,7a2ae37347cdba6ea44913b54ad3fc14,3d757abffb69140081794593287dfeef,f83b4223544b3f451c35b0fd2d338452,24cdcf3936813625a6d191fc23ea069f,3b97e488ebb1b84d55ac267aea8931df,57377798899f1d0858ef67b33a22908e,12ff4a88725494e392ae17c5cba02a93,24e4f12c6c69865b3a97192d6fde754e,075ffbba2be148517ded53fe5f28bb7f,d9073c9d3c961eb5175b35ed9779d199,6b547ca7bf3e037ba2e7715cc7f5b932,3041cbc4b8caada4f6a4aefe8ff41c62
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
2b9c4754dbddaa739fa993ad9e9d7747025b75d34cb2af3fa22ee983cb1734ef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.16.1
etag
W/"5b8-d36K7O0mRYMV2XaAF3C5Jq3t7HI"
x-download-options
noopen
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
access-control-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
x-talk-trace-id
7be27b40-f175-11eb-9cda-d7507f8cfe75
vary
Accept-Encoding
content-length
829
x-xss-protection
1; mode=block
a59d947d3dbbb315655fbc6e08ca868e
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a59d947d3dbbb315655fbc6e08ca868e?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d6b9d70d57ae22041f49187f590e9bba1aeda7212173a3fbb6e86a3d8a75f905

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
a59d947d3dbbb315655fbc6e08ca868e
date
Fri, 30 Jul 2021 20:34:04 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
420241884d2a8b16c17ef3b14c24b9b7-a59d947d3dbbb315655fbc6e08ca868e-150
x-serial
1267
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4874155
last-modified
Tue, 27 Jul 2021 06:31:18 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
5280
expires
Sat, 25 Sep 2021 06:29:59 GMT
4e67c4edda08023bb6a5d3938bd89780
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/4e67c4edda08023bb6a5d3938bd89780?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d8963edab44a83d4b2f2a5b85d04a650c57ea5cb2b0ca7d022b8534fe4e3ff4c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
4e67c4edda08023bb6a5d3938bd89780
date
Fri, 30 Jul 2021 20:34:04 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
ffa2dd8f07bbe487c68d00e32133df74-4e67c4edda08023bb6a5d3938bd89780-150
x-serial
136
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5115117
last-modified
Fri, 30 Jul 2021 01:25:35 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
5990
expires
Tue, 28 Sep 2021 01:26:01 GMT
38db1bd277b525c97437c8dd7591169c
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/38db1bd277b525c97437c8dd7591169c?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e0c9d8c4902557d8bcefcbf5610193a06e02fe8e104e8010f195dbeb75fa5890

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
38db1bd277b525c97437c8dd7591169c
date
Fri, 30 Jul 2021 20:34:04 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
b97142b5d47aa03210b3a33961921476-38db1bd277b525c97437c8dd7591169c-150
x-serial
1473
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4930283
last-modified
Tue, 27 Jul 2021 22:06:09 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
5939
expires
Sat, 25 Sep 2021 22:05:27 GMT
authorize
login.newscorpaustralia.com/ Frame 5592 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=MZU2EexnOsstaHpDCYKtvvAeb8adIpbe&nonce=bgfm9iJfK.NiTlqkjJ9.TU0Sy23Rg1Jy&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
d2a6caf762ce2532ec1519ccb8f0e025956dcef0b0b93b746baaf330d263c3ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=MZU2EexnOsstaHpDCYKtvvAeb8adIpbe&nonce=bgfm9iJfK.NiTlqkjJ9.TU0Sy23Rg1Jy&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
67715d9a1fe52c2a-FRA
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
67715d9a1fe52c2a
ot-tracer-sampled
true
ot-tracer-spanid
4065c8517f1c827d
ot-tracer-traceid
69cd414201adfde4
x-auth0-requestid
c62d7b07226d717860a1
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1627677245
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 532 0 pmb=mTOE,3
expires
Fri, 30 Jul 2021 20:34:04 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 30 Jul 2021 20:34:04 GMT
content-length
806
vary
Accept-Encoding
set-cookie
did=s%3Av0%3A7b496f90-f175-11eb-b071-87f0066f7b0f.7m5wARQ3KY7Llnmwilro84RambKpUTygYVlPyLxQ2S8; Max-Age=31557600; Path=/; Expires=Sun, 31 Jul 2022 02:34:04 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A7b496f90-f175-11eb-b071-87f0066f7b0f.7m5wARQ3KY7Llnmwilro84RambKpUTygYVlPyLxQ2S8; Max-Age=31557600; Path=/; Expires=Sun, 31 Jul 2022 02:34:04 GMT; HttpOnly; Secure bm_mi=999AF6284A30FCA600185E3AD07E7C8C~3KhZs7WDCmVKhoz0+zLmd2e6oy2Esr+uqjHLtz+lWNcecj12fIwH6532X1ESQhCUhLN3G12gpdlv55NbmtlBkO3bPjT9QsHFdkEJ0Sy5RlBbjcqS0mH1As7seRa33BDd4qiFD1fZuRf5m0fVFlNkuoLuMiv5X64mpbkw1F76FDuUl5AumjSBEUC8GJDZa6WmsyQjBZvtS0pa6wfOL+hPodIVCII+ovwEzVgBr5FjO0UZ6vbLODmFJimVL4kzmiE+; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly _abck=28E30036770A449AED95DED826700925~-1~YAAQjLsQAp9hzLB6AQAAtr0f+Qa62OeizIUSckyzZFy9iRQBNTWqv7B7JK9GcwjHTvZg6Pr7ggryq4xvGxd6z5dn83+4CmLZQrz+QLrld/JK5j7/v/fKo5aJbVulc/ugdgdLOYQwnN4Ab8DOtgaO+NAQ7Xs3wSfvHuG2ubEL2RhOUymTRDpcelMPFFFuXlPJNiEgGasgfQJh/8thlPv4FTxXbZuzycODVaaHPKigpTIeYwr1DEXXWorZ1EZk3QKDW6Ve8RIl0aTYzAaez3Xzw7ZeJmy34lkjC2/7LkjSdj73uj/F9meZ/xtsUkUmU5lQe2iH5wEKCDBkbpQRalpyZf9g8BliCM5W7UN0wsgFiexBwFcGvZWsNHKUn4G/oXk+CXL7AuxpzQ==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Sat, 30 Jul 2022 20:34:04 GMT; Max-Age=31536000; Secure ak_bmsc=30CBE9F9727D8C826B987125E6E76D0C~000000000000000000000000000000~YAAQjLsQAqBhzLB6AQAAtr0f+Qwx+dFuW6kDDZxsvebKnd7DKF72vBtkovvB2ZKwjONqAZHsp3xTpEMvZDUOcg010KExBIeBsspT5fWkCKT9jtxPR0LGt5X6Qi/nQrSNjOTDfMBx99lV1Ed2Sl62IEoB/y9TPf9pfHOy/gaqpgHwgEQFvn3PIKn6DOG2TJPWepXhF6UNISaF9gPvT6Kwn2jTe3Ef3xC2GZ1EPKw3K2uZzbCKCHmq7F6KVlU8LNCUFbf5fQvCpV+T/bVG7DyWSp7mrQMCbf95Q5C4uArtL3NHm37+WxW2q3BSRbPHw6O98hEBIvXH2SJ4jbNs1BIZiJqohPgNwqkAmiEO9aEemmkl3iaH7GG7gJio8ZJB0wkBDbaW/D4DrQvNSAxHY7r6l2zXlI+d; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 30 Jul 2021 22:34:04 GMT; Max-Age=7200; HttpOnly bm_sz=0864AC44FF3B64D0E06045B2CB4A5DF2~YAAQjLsQAqFhzLB6AQAAtr0f+Qwzhu/fDzt0letfLqPsDaLDQbCtiFIar67m22bx1qGnev8ORzLO9G7VlSgccr46p8lsRqohudU6Eht9MxiUDXHLLjKb7Q4wnAGM9GPpa+7OUAQ17v1A1P+P84NFmm7Zdh3KI04JZl78Kvrvb3G0tR2kca4ZfP5hK0vfMhxDMAtbEeTUfsOaid1UwgUO03QaBoqTveW/4nLpuEsM/E8RPonoxBEHkcsjm8LmRUQ2lRP9jaxGS8GYScAkVnb+x6a1knRgcC9jtVdnYXEGEpsCBtllTGBNTfluwjZZWw==~3553073~3556665; Domain=.newscorpaustralia.com; Path=/; Expires=Sat, 31 Jul 2021 00:34:04 GMT; Max-Age=14400
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16276772444670.2933234203280273
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=0, no-cache, no-store
content-type
application/x-javascript
content-length
831
expires
Fri, 30 Jul 2021 20:34:04 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
cache-control
max-age=77010
server
AkamaiNetStorage
content-type
application/x-javascript
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=343735031672.5274
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=343735031672.5274?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
a220475224ac5b3ec1b7413e467254923fa989bba6ccef3efe0ab25e4a8795b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7471
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:6200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 16:29:00 GMT
content-encoding
gzip
last-modified
Fri, 09 Jul 2021 00:14:48 GMT
server
nginx
age
14704
etag
W/"60e794f8-11377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
IJUc7FFpB6E8FM5iLv_tY_E25XTUE0k0nB4dXZoAp7uR2Jz4yW8GtQ==
expires
Sat, 31 Jul 2021 16:29:00 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		178 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f84964feb8603e67eeb83847bc5991febd87aa9cb36254488cf5eac28a9849ef

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"abea497e63806bda6df665b781837d64:1627450089.085109"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=14860
content-type
application/x-javascript
tad.js
tags.news.com.au/prod/tad/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
13c9350034038d5486373f354f8c9f9e36d290c79e93878194ee1c6e804534c3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"0933b5747ae1b7359690e49cfe561fa8:1627276339.610411"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=74530
content-type
application/x-javascript
content-length
27406
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
0cd062d458c82221b76575b73fb1f93ab4cddb79cee797d36c7731e9a4bee0e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"944 / 975 of 1000 / last-modified: 1627643395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24689
x-xss-protection
0
expires
Fri, 30 Jul 2021 20:34:04 GMT
prebid.js
tags.news.com.au/prod/prebid/ 		307 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
84b2051c012ad6cb45b30bee85f013ee273962cf42ceba1a4406947bf61655e5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"2f0745bb3db408d1809040478c7a3e21:1626140457.016476"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=35816
content-type
application/x-javascript
ats.js
ats.rlcdn.com/ 		184 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-124.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KFvtQEF49ZQSVuqNgx9QL0DaILhmyKFe
content-encoding
gzip
etag
W/"535a44cb49d4769cf9ec82fbcba860c8"
last-modified
Fri, 11 Jun 2021 10:13:39 GMT
server
AmazonS3
age
63034
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
date
Fri, 30 Jul 2021 03:04:08 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Gt0zNErHzXh4czaAdk5RsCbptpswJIJJJSuZceHaaepq5XprVLrweg==
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6e6ea4df4b442b78dfefa35bc834347ffa7f09394b6eb491f2f13c6e6125bf46

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"57ae10fa88efb18e940cc9b6b6695046:1626242959.698537"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=24817
content-type
application/x-javascript
content-length
10121
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-gl.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding
gzip
etag
W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified
Mon, 12 Oct 2020 13:35:53 GMT
server
AmazonS3
age
58783
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 30 Jul 2021 04:14:22 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ZADrDr5sdEJQWcPBeNAWiL83yLOEjGGrrVCpuv4ZcQ77P0_-Mytt6A==

Redirect headers

date
Fri, 30 Jul 2021 20:34:04 GMT
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
content-type
text/html
location
https://cdn-gl.imrworldwide.com:443/v60.js
content-length
134
x-amz-cf-id
fNOjTnsBy819gT9ruM_agX_ZpI40CZHlwwZV52MJf0yrE2s8NrngBQ==
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-100.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8f7cfeaeceac7a3987e0bb743deb5698f4c3f8ca7d3f9694765d12748d616be

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 19:50:45 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 15 Jul 2021 04:26:19 GMT
Server
AmazonS3
Age
2600
ETag
W/"fbf90326cc306ad31726483a025fc411"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
gknFHSkpuRuNZz4gn9W3cfpqoPMXb-2ffvXCflvvaZEYylO0e6uTVA==
2988.js
script.crazyegg.com/pages/scripts/0018/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d91e1f1004c910402c81c62dc28a79609f7381f6f8e5fd5118c0a08ff40a96a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
279112
cf-polished
origSize=4899
cf-ray
67715d9a7cd32bd6-FRA
ce-version
11.1.323
last-modified
Tue, 27 Jul 2021 15:02:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-bgj
minify
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e288a5a83728610b9a2b07a6d38440716c19d0e6847fac0e079bf23deb6dec9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
WNR_57RK8rG1r_AH0L53qLlcxe8uLOrw
content-encoding
gzip
etag
"c665367c027775461c4c4dc6039e73c0"
age
67658
via
1.1 varnish
x-cache
HIT
content-length
665
x-amz-id-2
2aq4QS5a6mmOCpLako+RyAoFyVOyVmd6tK5i6165hRtvhNCohei1cp0ZNn07ZtowTRa5CDHuY/M=
x-served-by
cache-fra19121-FRA
last-modified
Fri, 30 Jul 2021 01:44:21 GMT
server
AmazonS3
x-timer
S1627677245.630449,VS0,VE0
date
Fri, 30 Jul 2021 20:34:04 GMT
vary
Accept-Encoding
x-amz-request-id
XAC4EMDY0B786J1S
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
11
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
last-modified
Wed, 20 Nov 2019 04:49:47 GMT
server
AkamaiNetStorage
etag
"a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
900
expires
Sat, 14 Aug 2021 20:34:04 GMT
ggcmb510.js
seccdn-gl.imrworldwide.com/novms/js/2/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CCMI3VWmKWubVxFEKMv9LWwmbbOYiB9F
content-encoding
gzip
etag
W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified
Tue, 06 Jul 2021 14:06:24 GMT
server
AmazonS3
age
1044
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 30 Jul 2021 20:16:41 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
C7ISwCqPjyjLXNIZd8V2neNIwUZ53s_GY2nvzcjwk-0TAFF9kFhrGg==
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-161-4.deploy.static.akamaitechnologies.com
Software
/ ARR/2.5
Resource Hash
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by
ARR/2.5
etag
"84a7fce7aaabd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=765
accept-ranges
bytes
content-length
15848
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202107290437&cb=1627677244572
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 30 Jul 2021 20:44:04 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-83.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 20:24:24 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
259781
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
38LXTXW0EFGXbzqvPDVpT2clJ2i5KM10FLfd8WBLpXDw5A_14310Ug==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=C5EC9qDKgS5WBhra6A&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10717&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3299&t=B3a0DojGNuayAVbgDIPkaSB4BqJr&V=128&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-120&_acct=anon&sn=1&sv=BXB6IgD4hcdMBUOnP0EcM4oR6uoQ&sd=1&im=06030402&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.44.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-44-81.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
authorize
login.newscorpaustralia.com/ Frame BA2B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Vd7vONEPTSDd10~IlgBEpGn5eNk2kQ40&nonce=_6niw6LjCqDsTR3qRKolOeB1Qve_1aJN&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
e426571309a827787f8a614c5000ce80fc14246c3db32656d1863ab98257140c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Vd7vONEPTSDd10~IlgBEpGn5eNk2kQ40&nonce=_6niw6LjCqDsTR3qRKolOeB1Qve_1aJN&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
67715d9b195edfdb-FRA
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
67715d9b195edfdb
ot-tracer-sampled
true
ot-tracer-spanid
331b77fb073e61e0
ot-tracer-traceid
14bf7d7924af07b9
x-auth0-requestid
a21aac8bf7e59dfe7460
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
998
x-ratelimit-reset
1627677245
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 539 0 pmb=mTOE,3
expires
Fri, 30 Jul 2021 20:34:05 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
content-length
811
vary
Accept-Encoding
set-cookie
did=s%3Av0%3A7b6a16f0-f175-11eb-924a-eb322e807b70.Tk7CTB0SGRwB2lR3URYyMYm0356XlFIAWcG76NN1%2FU8; Max-Age=31557600; Path=/; Expires=Sun, 31 Jul 2022 02:34:04 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A7b6a16f0-f175-11eb-924a-eb322e807b70.Tk7CTB0SGRwB2lR3URYyMYm0356XlFIAWcG76NN1%2FU8; Max-Age=31557600; Path=/; Expires=Sun, 31 Jul 2022 02:34:04 GMT; HttpOnly; Secure bm_mi=19FC846152E7FB54485BB5F387474D16~3KhZs7WDCmVKhoz0+zLmd4HzcB7145DyDhDMS3mALlrJq16n3f29Rj9wXaI8ZiXDFtQ7bDHZteT3zoiI/iJernZlw7DpCWyDONGwmekq41FMphNPbgXox5KFw2l9sCTo2gntLozrXsw2j9KKgu/VnBnWP58kCx2O9nmjf5q5NXPw9Qtc3u04X1fbRMroNE0czbV5PtOgOa56/yZGpKbpPf0QDgBn27/BBS5wqLJSokZZxgVWhPcazP1cBhqU0iJ9; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly _abck=F8BFC63423E3B8EED2C248499B30E333~-1~YAAQjLsQAq1hzLB6AQAAcr4f+QZtIk+AWMGkcvu/SDyWjfq6sJsO7h2J2Jmv3DifKTIZoJFNc+9eeZKARAx/F4gum2uTquJZ6LdImqvBCh+m6hWEdkeLfi4DGA5MRir1EVv9IzLawPYX2sCe2Fgb0S8bJ8crJLH2mVRnhgbGMMRnrU0xvbBmFUa5o/xdTRWISXMFRWt6tG4UoQTFRp3Bz6LmvSwGjy5s2KPlK3TLIUl2IvlXQQ+0iGksNYclS7PWVAyK4Jba+SozpmmBh/IgjMFLEO8nmoxN1Z9cUwxV9HmLDkKpzVvUH63p/IUQPgOcI2wsxz8wn2NfBHRkT+VGEDeMpYkuKMy6ErAxRwkqYQwYep96dOKhWz07DpuqgVonSzv4eikmAQ==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Sat, 30 Jul 2022 20:34:05 GMT; Max-Age=31536000; Secure ak_bmsc=A910FB461ADB75320946B2BC35BC6EFC~000000000000000000000000000000~YAAQjLsQAq5hzLB6AQAAcr4f+Qx3S6OTZCyyu+x47RjvSfTmRAzubKMPYwBUxhCTo3gIAEEfbaNLC0gkjQgIl1e2f4TD60Tg39MS9muYr0EmOJZNLRfvjXdp+J5kpkRT6ZlQ15cM4WYM/Jm4yfWQG+RppQ0/BVbq+ESIdSl22iaZgajga+VBXLlfAWueKiym+8oiL8FeH20uOUre34ZU8aO/G6upBKpcbCrMOEj9I9MSJS5zwc1TK9uyacd5Ueivsn6QYcHkwJGdMjAckRhWOMkHmzbpL0cBUKBbUvUxAzQfDNJXeEu+YtlDkqhDFK+e+lcGP0T+rmdPaez4igz7D7yZTAGb/Fm/73+OC+7QShQvR5r4MbsHHSji6KExltPlkDF1ZbuJJZCRdLYdYHtjeT/SKjHg; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 30 Jul 2021 22:34:04 GMT; Max-Age=7199; HttpOnly bm_sz=CEB94FB9526EBD3CD86CDA4C8B7BED8D~YAAQjLsQAq9hzLB6AQAAcr4f+QykQcZt6ixAAVYMehBPK1BGxldaH2ow26Rr35kXG4DFGcZw21NrwGrOmopYdxGKrnOZ/0Xm6hOMX/2hvOcltUE5E0eJogyeFtbSDTHhD0gYZmUi3rkPBLUKbglXYvrw6YhfYdLGwX3N9xaWXfE2BsgNmZwYOsuAywysPPZV/ICD1HbQsoLm6BKfLS/lU2QaihKYqZ5OXiTZ43/HRIHugLpNHmuNrytZO0N3bAawlx5Ug3tnmetaq4aW87+yKRlOYJC+RHzwOmMaUx0jUIy1BEMh/8RXbjTjYW4epw==~3553073~3556665; Domain=.newscorpaustralia.com; Path=/; Expires=Sat, 31 Jul 2021 00:34:04 GMT; Max-Age=14399
mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 		366 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
pragma
no-cache
cookie
_cb_svref=null; _cb_ls=1; com.auth0.auth.Vd7vONEPTSDd10~IlgBEpGn5eNk2kQ40={%22nonce%22:%22_6niw6LjCqDsTR3qRKolOeB1Qve_1aJN%22%2C%22state%22:%22Vd7vONEPTSDd10~IlgBEpGn5eNk2kQ40%22}; nc_eu=y; AMCV_5FE61C8B533204850A490D4D%40AdobeOrg=-637568504%7CMCIDTS%7C18839%7CvVersion%7C5.1.1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
x-opw
4
content-length
373561
x-rq
ewr4 0 2 9980
last-modified
Mon, 19 Jul 2021 02:07:32 GMT
server
nginx
etag
W/"60f4de64-5b713"
vary
User-Agent
content-type
image/png
cache-control
max-age=333724
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Tue, 03 Aug 2021 17:16:08 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1627677244645
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1627677244645
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1627677244645
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0b006d3b878851bd808dacd48c9b0c92b23644b4024528d34d76aff8bda68fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-075923402.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
11c1G0KnStI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1541
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v012-037df3aea.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.heraldsun.com.au
X-TID
Hfdf26DeRY8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1627677244645
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
pubads_impl_2021072701.js
securepubads.g.doubleclick.net/gpt/ 		318 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Jul 2021 08:37:43 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113834
x-xss-protection
0
expires
Fri, 30 Jul 2021 20:34:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		118 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
92dc040e3cfb48df68b8fe3d9705a33f1eebb016b13d47b4c25eaf7ee76ba975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
expires
Fri, 30 Jul 2021 20:34:04 GMT
2988.json
script.crazyegg.com/pages/data-scripts/0018/ 		32 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/2988.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9dac894c5e8033a3e2345e44e325f1ce74278da4a3ea49564948a7e7a8097f5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
279119
ce-version
11.1.323
content-length
2489
timing-allow-origin
*
last-modified
Tue, 27 Jul 2021 15:02:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
67715d9b59193250-FRA
m
secure-gl.imrworldwide.com/cgi-bin/ 		44 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1627677244735&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&tz=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:04 GMT
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZRH50-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
content-type
image/gif
content-length
44
x-amz-cf-id
ohf6ReYY61yCDtv81Zh59fjtHGTC0clvhsAbpPNdHfRpVp1H5zmF0A==
expires
Thu, 01 Dec 1994 16:00:00 GMT
11.1.323.js
script.crazyegg.com/pages/versioned/common-scripts/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.323.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714cafff07c401d54cda0b09af30d81dd5e3e2bc5891556168366fcc771a5bc4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 15 Jul 2021 13:13:31 GMT
server
cloudflare
age
279138
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
67715d9b9f122bd6-FRA
content-length
21471
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		63 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
server
AkamaiGHost
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag
"f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=0, no-cache
content-length
63
mime-version
1.0
expires
Fri, 30 Jul 2021 20:34:05 GMT
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 22:28:58 GMT
content-encoding
gzip
etag
W/"0d9785869d3d057828f29bcf6b0f8119"
last-modified
Mon, 15 Mar 2021 13:51:58 GMT
server
AmazonS3
age
79507
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ABZgxlj2Zjtpd7twRKfEF6BsRMMTOfXinDaQhRda5C5qsuzAS2TPjg==
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		16 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-161-4.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
68846b71d18b8e4470d493c486f401b96759df9bc446a288f651ef1ab4970ce6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
utYlbJk3QUf3ci7FttIesfLkSgIZgx5J
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 23:13:37 GMT
server
ATS/7.1.0
x-amz-request-id
8374QR4G4Y0YJJ9F
etag
"f77e1abd22edba51f83f5f42b727679b"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=491
date
Fri, 30 Jul 2021 20:34:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1179
x-amz-id-2
T1pbt7HUTLLzdqJRFPMxKYJvQWVYU/hVwPntHcXFmP16bBqmGfa+cEOH+VeuUYRgCTQMM7iFvb4=
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=343735031672.5274?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:24:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 20:24:59 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstXoH0XPH-rmr0Wg0E_QPCIN2O3OGeoeM5W8ei81rnTmApSNq3E7-m6f6RgLjcU0NYgnpszS-X6reuwIozg4V_wk_Hn-prmC5F-1bTO3pHL-xj9dWH0jgrFmQ82VPfA2hez3lodL4Hqgw7UQw&sig=Cg0ArKJSzJFyPosT-oEQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20210728.30081&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=343735031672.5274?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7313b1057f6543d7eb7acaa080be92b436473884cc71a5b0bdf5ece0d5e0aa4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:03:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1810
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5950
x-xss-protection
0
server
cafe
etag
3337145904970783249
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Jul 2021 21:03:54 GMT
pub
pixel.adsafeprotected.com/services/ 		642 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=7e48253b-96f6-d089-8de0-0b9ed4fc160d&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7d46570f9245cc2bf9eecf25b2db05ace9f862ec128f9be95cef2bad0bd42cd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
x-server-name
app09.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
2988.json
script.crazyegg.com/pages/sampling-data-scripts/0018/ 		2 KB
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0018/2988.json?t=452132
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.323.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2de5db4bad6476a0de247839770accbfd0399b8c92e296fbaf3e274a6ef35f56

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
82427
ce-version
11.1.323
content-length
550
timing-allow-origin
*
last-modified
Thu, 29 Jul 2021 21:40:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
67715d9c6b063250-FRA
dest5.html
newscorpau.demdex.net/ Frame 7573 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
newscorpau.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.heraldsun.com.au/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=36126207129743048330580553676847753842
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Fri, 30 Jul 2021 20:34:05 GMT
DCS
dcs-prod-irl1-1-v012-012f73cb5.edge-irl1.demdex.com 6.3.1.20210623115127
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 2 Jul 2021 08:33:32 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
WROQn13/Qxs=
Content-Length
2791
Connection
keep-alive
id
metrics.heraldsun.com.au/ 		48 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=36147259842430298510578157548586007400&ts=1627677244934
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
330da112ebc410437373800cbd2e3b2f957f29dee19297e2c947d37ecd3a1834
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-58944c9887-npp5n
vary
Origin
x-c
main-1489.I96e1bb.M0-504
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YQRiPQAAAGwyyRHl
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=36126207129743048330580553676847753842
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQRiPQAAAGwyyRHl
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQRiPQAAAGwyyRHl
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-0fbda37af.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gd0q474jQBY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQRiPQAAAGwyyRHl
Date
Fri, 30 Jul 2021 20:34:05 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
18f3127f
login.newscorpaustralia.com/akam/11/ Frame 2C57 		0
0
YQmEhS3g
login.newscorpaustralia.com/WPFfxFvyIRS5/WuOzuR/rfd3UA/X7u1zNkt/XgdUa3RMAg/WVt/ Frame 2C57 		0
0
18f3127f
login.newscorpaustralia.com/akam/11/ Frame FBC5 		0
0
YQmEhS3g
login.newscorpaustralia.com/WPFfxFvyIRS5/WuOzuR/rfd3UA/X7u1zNkt/XgdUa3RMAg/WVt/ Frame FBC5 		0
0
18f3127f
login.newscorpaustralia.com/akam/11/ Frame 5592 		0
0
YQmEhS3g
login.newscorpaustralia.com/WPFfxFvyIRS5/WuOzuR/rfd3UA/X7u1zNkt/XgdUa3RMAg/WVt/ Frame 5592 		0
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		143 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4336215579218088&correlator=1182843578230252&output=ldjh&impl=fifs&hxva=1&scor=3566693755364294&eid=31061161%2C31061200%2C20211866&vrg=2021072701&ptt=17&co=1&npa=1&sc=1&sfv=1-0-38&ecs=20210730&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D7b72c9b0-f175-11eb-812a-0ae761671616%7Cpos%3D1%26id%3D7b72c9b1-f175-11eb-812a-0ae761671616%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%2C60%26pub%3D40%7Cpos%3D2%26id%3D7b72c9b2-f175-11eb-812a-0ae761671616%7Cpos%3D1%26id%3D7b72c9b3-f175-11eb-812a-0ae761671616%7Cpos%3D2%26id%3D7b72c9b4-f175-11eb-812a-0ae761671616%7Cpos%3D1%26id%3D7b72c9b5-f175-11eb-812a-0ae761671616&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3D48e00d6035d4ef657ff8ba4adfcc0834%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26snol%3Dd%252Ce%252Cf%252Cg%252Ca%252Cb%252Cc%26pvid%3D48e00d6035d4ef657ff8ba4adfcc0834-00000000000000000000000000000000-1627677244496-328762%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1627677245&dt=1627677245013&dlt=1627677243804&idt=1028&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=48%2C462%2C9537%2C10332%2C3966%2C10982&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C300x0%7C300x0%7C1600x650%7C1248x0%7C1600x10982&msz=728x93%7C300x276%7C1248x250%7C1000x0%7C728x0%7C0x0&ga_vid=1135480671.1627677245&ga_sid=1627677245&ga_hid=633230467&ga_fc=false&fws=640%2C640%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
27fff26f8ff688b2661d461f084ef0eaeefe1d2140515b6404862f5a18fd28ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17650
x-xss-protection
0
google-lineitem-id
4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234025560,138234092471,138234092456,138234082178,138234025461,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dc3d6e888577bf70cc6c7e8f1d267e6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FF93 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dc3d6e888577bf70cc6c7e8f1d267e6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
dc3d6e888577bf70cc6c7e8f1d267e6b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 30 Jul 2021 20:34:05 GMT
expires
Sat, 30 Jul 2022 20:34:05 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Serving
bs.serving-sys.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=2545254715059204807&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D5671101412974279537$$&ns=0&rnd=5792118341754329
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.82.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-82-36.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c7d85da7c52ee0490f67a70f3926a2688d4649606a593439f3e7d367ecddabe

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
2429
expires
Sun, 05-Jun-2005 22:00:00 GMT
glcfg510.js
cdn-gl.imrworldwide.com/novms/js/2/configs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by
Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7Bg1vCvO.N3GxKIEApZNxn2cOcUPTkyb
content-encoding
gzip
etag
W/"931051f801612c3a0e2782961ac3d56c"
last-modified
Tue, 06 Jul 2021 14:06:24 GMT
server
AmazonS3
age
1537
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 30 Jul 2021 20:08:29 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
N2ZdQPv-hAM8MaPmdmAnXFAI9n9CZ9l4x8NwFYr5sblTfQRmyE3Vkg==
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
560ae750fe8ce4608f8f06472aafc192ae2cfaa1f14038ab8c8f92e97c34baf5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FU9zzQhSJGEyeUWJYjtBUGmVYuM6PCCN
content-encoding
gzip
etag
W/"7715ed29ea2e607bd8b569b36c0e5200"
last-modified
Fri, 30 Jul 2021 05:18:12 GMT
server
AmazonS3
age
3307
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Fri, 30 Jul 2021 19:38:59 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
82VtRpAy1n-01bcGnjXgiSDm0ZjEkmCyU7aoxAMaK7hZDCNrONwHDg==
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		192 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.6i.Bs5E9x1m.2d09i7OXpREHjKip94r
content-encoding
gzip
etag
W/"bd1ffd9a8dc416cfddcde665f3111e22"
last-modified
Tue, 06 Jul 2021 14:06:25 GMT
server
AmazonS3
age
3480
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 30 Jul 2021 19:36:06 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
FzgRkAjIkekQciIGxAyD504Sqqcbh4Wd3rpOQfFAEuSCBjps5-9W6w==
18f3127f
login.newscorpaustralia.com/akam/11/ Frame BA2B 		0
0
YQmEhS3g
login.newscorpaustralia.com/WPFfxFvyIRS5/WuOzuR/rfd3UA/X7u1zNkt/XgdUa3RMAg/WVt/ Frame BA2B 		0
0
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 8186 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method
GET
:authority
cdn-gl.imrworldwide.com
:scheme
https
:path
/novms/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html
last-modified
Tue, 06 Jul 2021 14:06:24 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
TxpWXQUHATxp36qO.r6EdzVZ2u47hdPM
server
AmazonS3
content-encoding
gzip
date
Fri, 30 Jul 2021 20:18:28 GMT
cache-control
max-age=86400
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
hSwrMwZuLy0dWnoigGaO7aIlJEv58SIPsiv6vmiAkPPqSRXYrKbLXQ==
age
937
up_loader.1.1.0.js
js.adsrvr.org/ Frame 757C 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.100.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-100-124.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 18:56:13 GMT
Via
1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
5873
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
f125ocRcCytPxnVlBeyckdARc9nl6DYDnmUvnJCls2dHEZN6HS2wGw==
uwt.js
static.ads-twitter.com/ Frame CBBD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
via
1.1 varnish
last-modified
Mon, 12 Jul 2021 21:25:31 GMT
age
73615
etag
"65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1958
x-timer
S1627677245.132403,VS0,VE0
x-served-by
cache-fra19142-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame BCEF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 20:34:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 01:25:13 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=21236
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2079
js
www.googletagmanager.com/gtag/ Frame F08A 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e86e18664688b599cc9c128156abffa50b76b1d0c470e7bc23ee32ab13c02b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38760
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 18:43:18 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Jul 2021 20:34:05 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 0009 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.100.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-100-124.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 18:56:13 GMT
Via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
5873
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
3MW7d-DkmVugUGgitkmzFBSBnCj01pV6ThDpXaeG8g9cLl6ZJkuOQA==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 8F50 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 20:34:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.13.10
ETag
"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
3340
Expires
Sat, 31 Jul 2021 20:34:07 GMT
activityi;dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741
8228261.fls.doubleclick.net/ Frame 1AB8
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=487648736338...
507 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
fb46df2a3c1b2d7931b8d5f0fef9ddd2b90ebe8620f823c0970b8971c6734ffc
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8228261.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jul 2021 20:34:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
391
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 30-Jul-2021 20:49:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jul 2021 20:34:05 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513
8228261.fls.doubleclick.net/ Frame 6538
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688...
506 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
37f8c351b5a1b778104009491a391280e82d2c3e861950f9da1051bb610f56f2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8228261.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jul 2021 20:34:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
390
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 30-Jul-2021 20:49:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jul 2021 20:34:05 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js
www.googletagmanager.com/gtag/ Frame 2688 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47724ded934a9bfa1ee00a7cc378c69d9223e8cb39d38495bf9e7664d962abf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38760
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 18:43:18 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Jul 2021 20:34:05 GMT
conversion.js
www.googleadservices.com/pagead/ Frame B051 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
3b7fba8bb89e137ad4ce83b112d860bf6fa6f06c2c8c42baed64b34c4d0f45c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17230
x-xss-protection
0
server
cafe
etag
747158272866556147
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Jul 2021 20:34:05 GMT
activity
au-gmtdmp.mookie1.com/t/v2/ Frame 9CFD 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
secure.adnxs.com/ Frame B337
Redirect Chain
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:05 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
33f6a7dd-9773-41a9-a6ef-740e29a928d1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:05 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a02c187b-f7b4-4fc3-99ad-8cccdf167de9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
0
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:05 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f176af11-3d82-4f15-a1f2-dd2c2499456d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:05 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0b9ccf76-8d7b-4aa9-9a46-9a8fc68550f4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
0
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:05 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d9cdfa0e-b7a5-4cc0-9122-bf6e9a100d02
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:05 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
944b068d-6dff-4d47-8b13-5c35d170ea67
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=36147259842430298510578157548586007400&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%0148e00d6035d4ef657ff8ba4adfcc0834%011&ts=1627677245146
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a979d6317bf209582eb38bf981c92960639ed05ded078c35a7b4ac1f144fae2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v012-0924b2ac2.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
0hdGtj42TZc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1541
Expires
Thu, 01 Jan 1970 00:00:00 UTC
view
securepubads.g.doubleclick.net/pcs/ Frame 0A66 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstflR5t1PUaFqn1IYmAmVT5YevJA-xyAHt9J-541OVZkimu3XetSv_UXsjWSrgU6b4atvPL5Q2NaiUOexUNUSCEJcU8a6ew7FtyIENRRHKwx9dxCy50x27HdDl1sS-CXqTEvizgR90Y4TEsqI6Aa5RwcCZgFHlv4DfKM_XZXWrYvVx3ZCLHdrRsj_NV_Wiqly7qCFrwZdV0lXutaTrthTHmo9WXtryO7ZTS9eWr4hrQZpDzepKvMfevI7CNU62WaLnMs9CqAoxRVXRBV2fCe6Uavn-JjokQs39-uGHovG1ILFLeLmCx68SQdElS&sai=AMfl-YSLOBf25smAebbP_7m_4ihtuH-q90uIwi7MOszxDsi02SbX7mf9xNCrIHDvNmy5PBWbIv1vQvvBfygE&sig=Cg0ArKJSzBu5XMfHKhifEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 0A66 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
18375530890449129318
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 20:28:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 0A66 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 20:28:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0A66 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627472092244076"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38161
x-xss-protection
0
expires
Fri, 30 Jul 2021 20:34:05 GMT
l
www.google.com/ads/measurement/ Frame 0A66 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXKvNlal7Jw5VdNWWO-kJtt_kdlSyGcdNHCrVT3AJaOyB892f9eGPUvlmxOl3zfkjwathz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 0A66 		68 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 12:01:45 GMT
x-content-type-options
nosniff
age
289940
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 12:01:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5A0F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF4nymjxQZEf-1_h60Ine-A5DoctNYP9vZj9Da2Ih1BsyrG4nRbLnx2JYp8xHaHATB3_iv_dW0tw3AheFHpyEXce8Ih4F2e92sdFcmP-ubA9XBH6o056rllLGi1Se9t_5vTiAzhiG68vgWXUyb6cFHb6cXUBAFBa5yo66BDiwuqIY1nS3fZzjVocMDiP73sduOm4b0WbWnmktEx6lEdVyJObCaDjGiaxCvqS2MMgnnlmLa43ODOurVTMAKI3zbpD21294Zb0Z2yBu5iyPCn2oU0rHpr4olWYyiw2ivEPYL7CsRVATnJZyNTNzO&sai=AMfl-YQe_N9fxMG3lybKxzoXWh4LA6NInNhbF6O-IIVc-TQD1Hw-K4iRCi6ROLb4G1dYaJ7mr4dG-CkLeVG3&sig=Cg0ArKJSzPGvnRo9lzFcEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 5A0F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
18375530890449129318
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 20:28:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 5A0F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 20:28:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A0F 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627472092244076"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38161
x-xss-protection
0
expires
Fri, 30 Jul 2021 20:34:05 GMT
l
www.google.com/ads/measurement/ Frame 5A0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuN1Q_j4Ab9u0C5UwQySWGOLPRWAz1c4EK_DMOkFTcB5yvPwUldZHBGX1Q4ak-rK5BOCpC
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 5A0F 		68 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 18:43:13 GMT
x-content-type-options
nosniff
age
265852
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 18:43:13 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eca48824a13b12bd6503bda806b0a66f2b0810fdc90796c0e763c3f934cee5a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627472111755377"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Fri, 30 Jul 2021 20:34:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 881C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnQzcpWOohyaZXNVXqT2YBTvq5aTy6j55ENA9Q5vfoqzt9dGEkIVFu522mLguZrZGwptvDCtLGtK2jHAwYWlWlzlcQTxJRODbcGuNWCvn9WZwrP6wuigj3t8vwzbBgliqNKsufIrUgaEZu9uAWl0EDEAsIsYtWPiymTdXLoMa6joWuOasos31sm4-qr3Rf7plO95aMrUIrY10Npo2beOQqhmeBhU5W3-ASSebG5WmOJQ7S4I5VvcoyxGvk6Q1q0qT515I1vB15rlDMuM4u_Pnqxl4v69hkg78jGR9y8f1y32uw8ebCCIAphqXv&sai=AMfl-YQDYZkdM5NoWylgEI5yR3FgMHK2xJEvM1pSUxXMhe2Nh34ubgLnMcY9zRWRlAjw7IIu8BpeBfou0weS&sig=Cg0ArKJSzKA3ScHOf4weEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 881C 		68 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 18:43:13 GMT
x-content-type-options
nosniff
age
265852
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 18:43:13 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 881C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
18375530890449129318
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 20:28:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 881C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 20:28:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 881C 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627472092244076"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38161
x-xss-protection
0
expires
Fri, 30 Jul 2021 20:34:05 GMT
l
www.google.com/ads/measurement/ Frame 881C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVIUzdyUPYL9r_fftDTGmRem0JwuOga22Qs0t5E6QwiB2mGyUrwPhuQmrkwZyAjJzzbe1F
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame F31B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0IHXKM3y2mrPzHT_jWY0Fru2qTM_NxuHccquXlBRIr5G7IZ8sm8HLCBUsPjy85d-hm1U4HhJv3c2AjOzEK14r-iuemgpmEZtZligMi1YoHikkAPX4ZH-0Dln152GSDgGpdEd2JUhRlzUjwELu1TJ5oxIgy1K51msp6fsEwXHWwXOEWezQ2kKIW7pbvaRVOf3vzg5DVXlCh2w276hrYPLNmum0ipI-PemNZzcdYiUiaDYsDcgD-F3nyX0byPPktpRoemVWS701cwtIJSEpTVP2carHdIiOPi3E9GshInAHNHmayEr-F6SMpGMG&sai=AMfl-YT_SuyWC5RUNbc_Kv_wHcvxDQZWBnp5RigdnJ4MPSk9W6g5Yq8tn8m1FQILKbyzOP-hZ8HTWYeryWba&sig=Cg0ArKJSzJNhs5tSyJ3zEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame F31B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
18375530890449129318
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 20:28:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame F31B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 20:28:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F31B 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627644660751711"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38134
x-xss-protection
0
expires
Fri, 30 Jul 2021 20:34:05 GMT
l
www.google.com/ads/measurement/ Frame F31B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6xUcGTcidYE5A7RAoo_xatugPv4i_jvmAWfA_45IlLNFCGqZGGN4Gk40LL7m_QSt-QH7O
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
13503232906761715217
tpc.googlesyndication.com/simgad/ Frame F31B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13503232906761715217
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 12:27:06 GMT
x-content-type-options
nosniff
age
288419
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3270
x-xss-protection
0
last-modified
Wed, 23 May 2018 04:43:28 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 12:27:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8A10 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqGNdx4JpCcssskjm2qI3IAMir72JmU6QRyf-IfwOLY4_gktxK52aVjXio0AQx5WRtYgE6PF-472Q8NcidOK1Ur_EkCO4hlH2-6OUCR_ibjsHxw-Dw6FAFuh5xBONZGP_8B9gqo4QQdWT9ZgZUTjGirCPhELldPShhaNoSGR4sMTLgoKkFSRdx1EofwajQMtu7xhH2nMkRVLhzVpJYihlZzM30FYJlrQ_o1YHq4FlSr47TGpbioxQV5JdY_RnHtm9MXDXO5LozoNpov-Jqahd3ROQ9CGn2TSIbo7Qo4nVUKT6KeY3FYZmtWwD6&sai=AMfl-YQ0MuZAaOAXJiFLsO4VQ8LhpyOUiqVf41VJjMW0WF_IHAAs5qesUkcMP0jE8nrVrhIeNK0ws7pOCNK9&sig=Cg0ArKJSzG2zA5sdrTu_EAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48e00d6035d4ef657ff8ba4adfcc0834-1627677242
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 8A10 		68 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 12:01:45 GMT
x-content-type-options
nosniff
age
289940
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 12:01:45 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 8A10 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
18375530890449129318
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 20:28:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 8A10 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Aug 2021 20:28:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A10 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627472092244076"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38161
x-xss-protection
0
expires
Fri, 30 Jul 2021 20:34:05 GMT
s04402337847442
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s04402337847442?AQB=1&ndh=1&pf=1&t=30%2F6%2F2021%2022%3A34%3A5%205%20-120&cid.&newsnkidcookie.&id=48e00d6035d4ef657ff8ba4adfcc0834&as=1&.newsnkidcookie&.cid&vid=48e00d6035d4ef657ff8ba4adfcc0834&mid=36147259842430298510578157548586007400&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=6%3A34%20AM%7CSaturday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c60=TypeError%3A%20Cannot%20set%20property%20%27eVar161%27%20of%20undefined&v77=D%3Dmid&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
x-c
main-1489.I96e1bb.M0-504
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 31 Jul 2021 20:34:05 GMT
server
jag
xserver
anedge-58944c9887-46cnl
etag
3495410269750886400-4619892834691727751
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 29 Jul 2021 20:34:05 GMT
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1627677245.317351,VS0,VE9
x-served-by
cache-fra19139-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
collect
px4.ads.linkedin.com/ Frame BCEF
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1627677245320&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1627677245320%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1627677245320&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1627677245320&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQJmywFI1_SXNQAAAXr5H8HFBXZk_nDTMaBZKcd0zC-L5mw5RDD5aZFSh...
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1627677245320&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQJmywFI1_SXNQAAAXr5H8HFBXZk_nDTMaBZKcd0zC-L5mw5RDD5aZFSh-wEZBkkfE4-_Yep
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:06 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
Oswo5dSrlhaguRnS7SoAAA==

Redirect headers

date
Fri, 30 Jul 2021 20:34:05 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1627677245320&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQJmywFI1_SXNQAAAXr5H8HFBXZk_nDTMaBZKcd0zC-L5mw5RDD5aZFSh-wEZBkkfE4-_Yep
x-li-proto
http/2
x-li-pop
prod-edc2
content-length
0
x-li-uuid
YqSK0dSrlhZAcu5APSsAAA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame B051 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1627677245341&cv=9&fst=1627677245341&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c4ba13f6c0a023cd186bb51fd7e23bfa5fa70c5c69e8ee3cc15921d31bc41a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
982
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 0A66 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75725b0e46e5739587ea1f222ceef5ab7148f95d4e9ed12ce4ef5c107494f44b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame FD1E 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=571695458&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b0-f175-11eb-812a-0ae761671616
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef31b8f18ad9ade66ce7a4f771afd3722bdbf4cde2cc19075a44ecd34848715e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-server-name
app20.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame 5A0F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a3f142c3e2e0e353d23206cfe829b434d9b7e7d834911147b0a82f2d0754acb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 94EE 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1063288749&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b1-f175-11eb-812a-0ae761671616
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
237fe1ac082fdd689c7b4eb9ec7798ce78e6ff289fe478fbd0100b1e3fb37852

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-server-name
app13.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
adsct
t.co/i/ Frame CBBD 		43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 30 Jul 2021 20:34:05 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
70c37bddabdd143b37dd16d2e44ff9192506c20999bb83443d30a59690b8e538
x-transaction
fa559c6c8bfdeb75
expires
Tue, 31 Mar 1981 05:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame F08A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13910
x-xss-protection
0
server
cafe
etag
8154934153164151798
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Jul 2021 20:34:05 GMT
pixie
ib.adnxs.com/ Frame 8F50 		42 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1627677245442&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1627677245442&et=1627677245442&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 20:34:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.17.9
Connection
keep-alive
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
Content-Length
42
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame F31B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuppu96Mhr9MR3kGlXZvc_IWDcig7bxTfNHbN7UY1n1eS1AAvLbat1C8eM_08bMeVAjWJaNjtDXZublbk-9v1v2XKH8YjU21H7FA39UmxNYQYOvbBQCOhMIvS5n_r6ISYW8Am_xs_756mLcfH0erUHDhkqtENPx_R1w-EmL5GA0r-iDFnJpAyf0E4S7Jz8aBn3xKaNbi9Ioj-tZPWuXX2_cmC-vxO0vkLhNY053cZldOLKvgvSxogJRW9hSZ6FlDOYUpf-1b61InE3VudOzIaUoGzpm9CgeA8AC7Yl9iGDwWpv4coXbuetIneTA7HQ&sai=AMfl-YTtRpBYqXQZjSX6t05nHSw2tJzwT2AlN2MxZxUvxPOfXVayqOB2syvXhg_GvVQCNa5Cc-aGsXEyklgP&sig=Cg0ArKJSzIvYU672emu3EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame F31B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f434bf312730ba34439d41f9840d29165bed8e57568a0bb7304b9e15b1441cc8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 580F 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=714064199&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b3-f175-11eb-812a-0ae761671616
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ecf1d23c6ccd9d7f6f7a32b023b86b44f31c516298e85e868b376e9b9f895f34

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-server-name
app16.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame 881C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7dba2a46cbb63081c7e0d564eccd34e25616f7cff41b6c0b4d37160fcbcd6221

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame F9D5 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1482594562&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b2-f175-11eb-812a-0ae761671616
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f9c4c506d1117169cbc38713778c753effbd1ef38a4ade913b62f721cc722242

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-server-name
app23.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame 8A10 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbeab58cf552a46188d89eabb959026e66d6af05c55f46e1bde64a4955ff4e76

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 4D26 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1138389963&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b4-f175-11eb-812a-0ae761671616
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e44ad5f308fdc384d5dcc1061b79a6829debcfb79cb41f5cac26e7f9cd356a66

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-server-name
app04.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 2688 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13910
x-xss-protection
0
server
cafe
etag
8154934153164151798
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Jul 2021 20:34:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0A66 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKiLR20Ub96HJRXMPnFWgBk88lh8kTBiZAb5fHBE-h6Fp0TXN7s8nyYNxMUfcQbOj2VN3x3TnQtDMz3eQLuVODfczPAOd2s3LQ648Sd1hWlEhKlLcMLlxgXTVuE4YoRaQBIakLAFt6AR2wav5aK0dRphLX7746MY1xoNeEaHoSZKqRSmSu3RgcdlmzB8B47-FuPtaTUBgzV5gX43vmyIWpvYjtu5ghA-bp5TPpZgWnwQv16p_MSgvGhlzdysjCgEqtT8BmRxceR4ruW4XYp6SjTLgc04Jk-XJUeOg1jITXhKhvigvMZYQCJqXy9i0&sai=AMfl-YTbm7-vJ0ier0rLFzlAisTVPSvnacC2tsHIqH1l3IbnWi2Imor6HBio9guOeggqZigU6KhE7UmXplDg&sig=Cg0ArKJSzOkz_LC4lA0mEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 5A0F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmYe4QbhzxVL9Kdbgmeez47SRAFhtBhUOSqn1LHXWkTx7winKdLsueh70whIi8Y4GLGddvNplYj5YFPsb8JBMNxTnCwTIalOFV3mRRpdJSeijX-Bebsj2x_1wPoUxGBNQ82BZfZFozvxfwZiRYb0OySUH2OiXrAJu7Ec0QdUO3HGUByQhjJmjtIYvDZbEyT7EbC9zxZKqFRSoSlYgI434P3_V5t3Q03Fkn6yxmSUZowz-dbB3vm2Efh7J_N17hvtyLM3VEzphLrgzVvCYgzokkJR1wQRXzAXIYxj9E3wYwtFbta6kWpCvdUp_uusk&sai=AMfl-YQHH5tJRxZUpAosTogH-BfcFO9IHNyqC5WUfh1Vdgugg0fH2tAT5zIfLBr8UKMdUy6l4uJxv9hnYWBY&sig=Cg0ArKJSzKWEga464N2SEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
adservice.google.com/ddm/fls/i/dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513;~oref=http... Frame 046D 		505 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513;~oref=https://www.heraldsun.com.au/
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
210bb38b56f23be19ed9ad0bba4f74923fd2ec9e0e2c1e0bf06bcf4e57f224fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513;~oref=https://www.heraldsun.com.au/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8228261.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://8228261.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jul 2021 20:34:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
390
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adservice.google.com/ddm/fls/i/dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741;~oref=htt... Frame 89AE 		506 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741;~oref=https://www.heraldsun.com.au/
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6809d611176a31ae4b315f90c7b8693f66c912144bb793fc8cc72e18c191e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741;~oref=https://www.heraldsun.com.au/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8228261.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://8228261.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jul 2021 20:34:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
391
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 881C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthlfWHt19PitSX1-u1mPVflEPgbiM6OigFzxqPbQ_LIMzrdPSWwXSyiinz_5S92eBzBBhC-EoPBtaP-poC9WkpX5An6j3bZydPfHKYekE3VfDTFrwfKUmCiFiS3tCutciJVK4efB5KXTl-xRU8L5C1WtVJ9bvSEtsIpEmAjimEXdgitE7hXP4_jR8BpnDYLzIORS-hOc5uHXEZNWntkjy-PUufOMgvOusCwdjdl5eqwiW9d1ULwlW3NPbNgSOA35Dsmavq_Kivn8C2MkOBRwKbR4QK4sCn63qnTDdf5WpxA8IBDRvlhopyyXfpjk4&sai=AMfl-YSw5akxXdT4j320JsCuWcCZT6S7hJg9yBFmryNuquEy2-1p4MUrxJqKEMRdJp4cmro4A_FeTWyStqWA&sig=Cg0ArKJSzKAN7Jwj3V_bEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 8186 		44 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=o148c3nkqrfebosutzc2a4nhw6ncb1627677245&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.602&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.67.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
o148c3nkqrfebosutzc2a4nhw6ncb1627677245.nuid.imrworldwide.com/ Frame 8186 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o148c3nkqrfebosutzc2a4nhw6ncb1627677245.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ec00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 04:19:44 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
68592
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
b_A_kLW5PLaniHlIe0DLwsgZCa4_F2lYwR0VBKFnUSRQ-kNJ8ggiYA==
ibs:dpid=358&dpuuid=3760687087462388286
dpm.demdex.net/ Frame 7573
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3760687087462388286
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3760687087462388286
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-0c7f2393d.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
a2wxnRkWRms=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:05 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
dd780eab-854e-4675-a9ef-d65b7bc5eaae
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3760687087462388286
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8A10 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwBjXlF-MYpcOBYejOiimVcJGJ2k6Vq0MUw3RNtGbilq9eYe3GGYCuU-Y7vjyXQJJiyIBETxzEA1Fn9LYk8JFGnHkZMm1E0efOhBdNCODfEFfkYx-zyYVXy2TaXAfVN0ljHAoCBrfaxIaQFTAcJvwaSPIHwcP8tS9dZ6o_ysiqBVF4bXirNZsCUugNveUQaYwj_ENWAbm7RZ_SUNSDOKyncy5iN0o2_BVTL6r-SoPFmgk3xKLsyPeI0ytzQDeMfpbVf4HYvqZm_KMVhczKeDMBm40XLxkoLbPeTInO5c2-I2giFSKoXDI1M5sRMEw&sai=AMfl-YRIQgZTdYDRi9kzR30VrbWILTochFewfvpgrhLFG92xfT44EJydI0U8HcoFVOt-g_bWewD5CzAJ9xaJ&sig=Cg0ArKJSzIp8_CabvG7zEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
www.google.com/pagead/1p-user-list/859754747/ Frame B051 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1627677245341&cv=9&fst=1627675200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3850231181&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/859754747/ Frame B051 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/859754747/?random=1627677245341&cv=9&fst=1627675200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3850231181&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame F08A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1627677245641&cv=9&fst=1627677245641&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4760804c597c68830327ce364ecad0aa5af594f354b41ff63d9022bd6d943fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1009
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.gr.19.8.220.js
static.adsafeprotected.com/ Frame FD1E 		183 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.220.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=571695458&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b0-f175-11eb-812a-0ae761671616
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2520e1b2c6b1743aa9ddc88e28a44af1b69da06019fbaeefac488c06800406c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 20:15:23 GMT
content-encoding
gzip
age
87522
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Jul 2021 20:00:10 GMT
server
AmazonS3
etag
W/"b542a496e13a9c728ccd5da3eee49d1b"
vary
Accept-Encoding
x-amz-version-id
Dftb.Kx7mMGsNgTV5rPLii8uXuq1GM1Y
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
ZChBsIIdHAK_88Q9O--iDlR3jI5L2P9GHp9FMale_q7vtuKDifDzsA==
main.gr.19.8.220.js
static.adsafeprotected.com/ Frame 94EE 		183 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.220.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1063288749&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b1-f175-11eb-812a-0ae761671616
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2520e1b2c6b1743aa9ddc88e28a44af1b69da06019fbaeefac488c06800406c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 20:15:23 GMT
content-encoding
gzip
age
87522
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Jul 2021 20:00:10 GMT
server
AmazonS3
etag
W/"b542a496e13a9c728ccd5da3eee49d1b"
vary
Accept-Encoding
x-amz-version-id
Dftb.Kx7mMGsNgTV5rPLii8uXuq1GM1Y
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
Ebq2IrmmIL7pWr-sazMoCG5qp20uEakbB_sqHPNBhsfAIdnv4rFQhQ==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 2688 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1627677245654&cv=9&fst=1627677245654&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfa1ccb357d76b74f4c65aca3a3005b244bd74b5f65dd27d65aaddacf2678d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1010
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.gr.19.8.220.js
static.adsafeprotected.com/ Frame 580F 		183 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.220.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=714064199&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b3-f175-11eb-812a-0ae761671616
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2520e1b2c6b1743aa9ddc88e28a44af1b69da06019fbaeefac488c06800406c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 20:15:23 GMT
content-encoding
gzip
age
87522
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Jul 2021 20:00:10 GMT
server
AmazonS3
etag
W/"b542a496e13a9c728ccd5da3eee49d1b"
vary
Accept-Encoding
x-amz-version-id
Dftb.Kx7mMGsNgTV5rPLii8uXuq1GM1Y
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
BMFNeq6YWhKHWvkfdgQi_8VH90x2mhRfmRO67ZZqZgeVH4k1WXD5kA==
main.gr.19.8.220.js
static.adsafeprotected.com/ Frame F9D5 		183 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.220.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1482594562&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b2-f175-11eb-812a-0ae761671616
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2520e1b2c6b1743aa9ddc88e28a44af1b69da06019fbaeefac488c06800406c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 20:15:23 GMT
content-encoding
gzip
age
87522
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Jul 2021 20:00:10 GMT
server
AmazonS3
etag
W/"b542a496e13a9c728ccd5da3eee49d1b"
vary
Accept-Encoding
x-amz-version-id
Dftb.Kx7mMGsNgTV5rPLii8uXuq1GM1Y
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
mccmsl-DwNt5Pfjww__J78FaXUPtDk70XW-vWQ74fZwxRcNELur7nQ==
main.gr.19.8.220.js
static.adsafeprotected.com/ Frame 4D26 		183 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.220.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1138389963&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b4-f175-11eb-812a-0ae761671616
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2520e1b2c6b1743aa9ddc88e28a44af1b69da06019fbaeefac488c06800406c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 20:15:23 GMT
content-encoding
gzip
age
87522
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Jul 2021 20:00:10 GMT
server
AmazonS3
etag
W/"b542a496e13a9c728ccd5da3eee49d1b"
vary
Accept-Encoding
x-amz-version-id
Dftb.Kx7mMGsNgTV5rPLii8uXuq1GM1Y
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
R5dmznecDDYDV9-lBgTWdiv30iFV93ktEpGtWcl-co27Z-KgFW4oPA==
/
adservice.google.de/ddm/fls/i/dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741;~oref=http... Frame AC18 		194 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741;~oref=https://www.heraldsun.com.au/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741;~oref=https://www.heraldsun.com.au/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CNKKhaDSi_ICFVLM1QodEgIFWQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4876487363383.741;~oref=https://www.heraldsun.com.au/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jul 2021 20:34:05 GMT
expires
Fri, 30 Jul 2021 20:34:05 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
adservice.google.de/ddm/fls/i/dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513;~oref=https... Frame 3C44 		194 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513;~oref=https://www.heraldsun.com.au/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513;~oref=https://www.heraldsun.com.au/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CI-ghaDSi_ICFdkaBgAdAn8Ljw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=537423056688.513;~oref=https://www.heraldsun.com.au/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jul 2021 20:34:05 GMT
expires
Fri, 30 Jul 2021 20:34:05 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
www.google.com/pagead/1p-user-list/707564276/ Frame F08A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1627677245641&cv=9&fst=1627675200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7s0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=4180895044&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/707564276/ Frame F08A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/707564276/?random=1627677245641&cv=9&fst=1627675200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7s0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=4180895044&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame 2688 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1627677245654&cv=9&fst=1627675200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7s0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=4040571104&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/820018408/ Frame 2688 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/820018408/?random=1627677245654&cv=9&fst=1627675200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7s0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=4040571104&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=470&dpuuid=7802032901935382286
dpm.demdex.net/ Frame 7573
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7802032901935382286
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7802032901935382286
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-0cf239086.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ZO+JvcChR6w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7802032901935382286
pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sca.17.5.10.js
static.adsafeprotected.com/ Frame 7ABF 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.10.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15046b412e4b2bb053eff2d17f40dea6307c98b4a5d4586db994448e25d483ed

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 16:45:39 GMT
content-encoding
gzip
age
100107
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 28 Jul 2021 20:09:31 GMT
server
AmazonS3
etag
W/"a8f16e64ce0c9a4d251d29a33dcc2409"
vary
Accept-Encoding
x-amz-version-id
BbyANIzRRnF5q2f96vSWRdV7BiqtifQF
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
Msv6NgFR-xEhwuif1m7231tPaE6llgEe0FhG80P8FYJ5541NnM2f9w==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=571695458&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b0-f175-11eb-812a-0ae761671616&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:b92b0e9b-ce11-cd0f-6417-9fc473c2e658,c:jTaasf,sl:outOfView,em:true,fr:true,mn:app20ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:84,fm:sEGjQsI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h1%7C1i1%7C1j1%7C1k1%7C1l,idMap:1g*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:116,oid:7bc46c3d-f175-11eb-96e5-02467abe7cd0,v:19.8.220,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.10.js
static.adsafeprotected.com/ Frame B86A 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.10.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15046b412e4b2bb053eff2d17f40dea6307c98b4a5d4586db994448e25d483ed

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 16:45:39 GMT
content-encoding
gzip
age
100107
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 28 Jul 2021 20:09:31 GMT
server
AmazonS3
etag
W/"a8f16e64ce0c9a4d251d29a33dcc2409"
vary
Accept-Encoding
x-amz-version-id
BbyANIzRRnF5q2f96vSWRdV7BiqtifQF
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
B9ms9R0yaSzVX8m8ChmsawGha3OpwhiUEqjKJaatNrKpMVRM0NeXoA==
mon
pixel.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1063288749&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b1-f175-11eb-812a-0ae761671616&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:fa7c6ab7-0541-6fee-450c-4d6e31fabadf,c:jTaasO,sl:outOfView,em:true,fr:true,mn:app13ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:136,fm:sEGjQsL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1j1%7C1k1%7C1l,idMap:1h*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:147,oid:7bc49392-f175-11eb-9dc8-062810ec67f6,v:19.8.220,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
x-server-name
app22.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.10.js
static.adsafeprotected.com/ Frame CD18 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.10.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15046b412e4b2bb053eff2d17f40dea6307c98b4a5d4586db994448e25d483ed

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 16:45:39 GMT
content-encoding
gzip
age
100107
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 28 Jul 2021 20:09:31 GMT
server
AmazonS3
etag
W/"a8f16e64ce0c9a4d251d29a33dcc2409"
vary
Accept-Encoding
x-amz-version-id
BbyANIzRRnF5q2f96vSWRdV7BiqtifQF
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
D5AA4j_rGnlKT4yXREXyRClovKn_zeNS0fpFYi3yqCZH_NHuMC2YOg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1482594562&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b2-f175-11eb-812a-0ae761671616&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:2abf9d7d-1d5e-c4e9-4a66-578dc970125d,c:jTaat7,sl:outOfView,em:true,fr:true,mn:app23ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.9572.1.1,am:i,cc:1274.9572.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:145,fm:sEGjQsW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i*.10507%7C1i1%7C1j1%7C1k1%7C1l,idMap:1i*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:156,oid:7bca8682-f175-11eb-9ff7-0ad2739237b2,v:19.8.220,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b92b0e9b-ce11-cd0f-6417-9fc473c2e658&tv=%7Bc:jTaatw,pingTime:-2,time:194,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:246,beZ:247,mfA:330,cmA:331,inA:331,inZ:336,prA:336,prZ:353,si:361,poA:362,poZ:372,cmZ:372,mfZ:372,loA:402,loZ:404,ltA:439,ltZ:439%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:115%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:194,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:114,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEGjQsI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j1%7C1k1%7C1l,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:78,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt34.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
token
token.rubiconproject.com/ Frame 7573 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=36126207129743048330580553676847753842&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sca.17.5.10.js
static.adsafeprotected.com/ Frame BE6F 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.10.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15046b412e4b2bb053eff2d17f40dea6307c98b4a5d4586db994448e25d483ed

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 16:45:39 GMT
content-encoding
gzip
age
100107
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 28 Jul 2021 20:09:31 GMT
server
AmazonS3
etag
W/"a8f16e64ce0c9a4d251d29a33dcc2409"
vary
Accept-Encoding
x-amz-version-id
BbyANIzRRnF5q2f96vSWRdV7BiqtifQF
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
jF66z3b90qmnLJuEFRmVIISrqimF3wbbJKn-HD7699ozwPMBS3v-6w==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=714064199&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b3-f175-11eb-812a-0ae761671616&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:df9ecd9f-4280-641f-42c9-f2b8c7ac4378,c:jTaatS,sl:outOfView,em:true,fr:true,mn:app16ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.10603.10.10,am:i,cc:0.10603.10.10,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:192,fm:sEGjQsU+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k1%7C1l,idMap:1j*,pl:,rmeas:1,rend:1,renddet:A.qs.tn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:204,oid:7bc70403-f175-11eb-973f-067f141e2336,v:19.8.220,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fa7c6ab7-0541-6fee-450c-4d6e31fabadf&tv=%7Bc:jTaau0,pingTime:-2,time:221,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:224,beZ:225,mfA:360,cmA:360,inA:360,inZ:362,prA:362,prZ:367,si:371,poA:371,poZ:376,cmZ:376,mfZ:376,loA:406,loZ:408,ltA:444,ltZ:444%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:146%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:221,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:146,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEGjQsL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1j1%7C1k1%7C1l,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:72,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2abf9d7d-1d5e-c4e9-4a66-578dc970125d&tv=%7Bc:jTaau4,pingTime:-2,time:214,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:148,beZ:149,mfA:293,cmA:293,inA:293,inZ:294,prA:294,prZ:299,si:303,poA:303,poZ:307,cmZ:307,mfZ:307,loA:330,loZ:332,ltA:361,ltZ:362%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:155%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:214,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:155,wc:0.0.1600.1200,ac:1274.9572.1.1,am:i,cc:1274.9572.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B68~0%5D,as:%5B68~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEGjQsL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1h2%7C1i*.10507%7C1i1%7C1j1%7C1k1%7C1l,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22%5D,sinceFw:58,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt47.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.10.js
static.adsafeprotected.com/ Frame BD4D 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.10.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15046b412e4b2bb053eff2d17f40dea6307c98b4a5d4586db994448e25d483ed

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 16:45:39 GMT
content-encoding
gzip
age
100107
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 28 Jul 2021 20:09:31 GMT
server
AmazonS3
etag
W/"a8f16e64ce0c9a4d251d29a33dcc2409"
vary
Accept-Encoding
x-amz-version-id
BbyANIzRRnF5q2f96vSWRdV7BiqtifQF
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
gTwb3gHoqGsClVFSo3Qsj6qjANW5TiKErE_crk4SEBafTYBArzSC9w==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1138389963&custom=homepage&custom3=168400391&adsafe_par&impId=7b72c9b4-f175-11eb-812a-0ae761671616&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:c504c8ad-4be7-a3d0-144c-ec5dd2e259f9,c:jTaauf,sl:outOfView,em:true,fr:true,mn:app04ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.3983.1.1,am:i,cc:800.3983.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:214,fm:sEGjQsY+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:223,oid:7bcde267-f175-11eb-957a-061b2abdf756,v:19.8.220,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:05 GMT
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=df9ecd9f-4280-641f-42c9-f2b8c7ac4378&tv=%7Bc:jTaauH,pingTime:-2,time:255,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:168,beZ:169,mfA:360,cmA:361,inA:361,inZ:362,prA:362,prZ:367,si:372,poA:373,poZ:377,cmZ:377,mfZ:377,loA:407,loZ:408,ltA:424,ltZ:424%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:10,h:10,t:204%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:256,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:204,wc:0.0.1600.1200,ac:0.10603.10.10,am:i,cc:0.10603.10.10,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEGjQsU+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k.10507%7C1k1%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:A.qs.tn,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1%5D,sinceFw:51,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt40.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c504c8ad-4be7-a3d0-144c-ec5dd2e259f9&tv=%7Bc:jTaauQ,pingTime:-2,time:260,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:128,beZ:129,mfA:341,cmA:341,inA:341,inZ:342,prA:342,prZ:347,si:351,poA:351,poZ:355,cmZ:355,mfZ:355,loA:374,loZ:375,ltA:387,ltZ:387%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:223%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:260,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:223,wc:0.0.1600.1200,ac:800.3983.1.1,am:i,cc:800.3983.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEGjQsU+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168%5D,sinceFw:36,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=771&dpuuid=CAESEBm4JHzU8GrsJIBVzqSjIaw&google_cver=1
dpm.demdex.net/ Frame 7573
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzYxMjYyMDcxMjk3NDMwNDgzMzA1ODA1NTM2NzY4NDc3NTM4NDI=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBm4JHzU8GrsJIBVzqSjIaw&google_cver=1?gdpr=0&gdpr_consent=
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBm4JHzU8GrsJIBVzqSjIaw&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-0461d9108.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
cSFM3HjcTeQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBm4JHzU8GrsJIBVzqSjIaw&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
a67c436f4631a85afb70d8d9bdb1f763a2719e000b77fa8a14f952302146d04b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Jul 2021 20:34:06 GMT
content-encoding
gzip
etag
W/"df4-/71mDTasA3o06EzhxWeilsPPf+M"
x-powered-by
Express
x-cache-hits
0
content-length
1019
x-served-by
cache-ams21039-AMS
server
Google Frontend
x-timer
S1627531752.030601,VS0,VE198
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
4fb50d14a7273b2d981221a453e14229
cache-control
private, max-age=459370
function-execution-id
tupyasp3t0y1
accept-ranges
bytes
x-orig-accept-language
en-US,en;q=0.9
x-country-code
DE
expires
Thu, 05 Aug 2021 04:10:16 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-type
text/html
function-execution-id
9mf1i1docyof
server
Google Frontend
x-cloud-trace-context
b65173920dd38c590d4a210e10228afa
x-country-code
DE
x-orig-accept-language
en-US
x-powered-by
Express
accept-ranges
bytes
x-served-by
cache-ams21051-AMS
x-cache-hits
0
x-timer
S1627677246.968009,VS0,VE199
cache-control
private, max-age=604800
expires
Fri, 06 Aug 2021 20:34:06 GMT
date
Fri, 30 Jul 2021 20:34:06 GMT
x-i
true
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b92b0e9b-ce11-cd0f-6417-9fc473c2e658&tv=%7Bc:jTaavS,time:340,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:340,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:114,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B252~0%5D,as:%5B252~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEGjQsI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt44.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fa7c6ab7-0541-6fee-450c-4d6e31fabadf&tv=%7Bc:jTaavT,time:338,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:338,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:146,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B201~0%5D,as:%5B201~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEGjQsL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2abf9d7d-1d5e-c4e9-4a66-578dc970125d&tv=%7Bc:jTaavU,time:328,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:328,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:155,wc:0.0.1600.1200,ac:1274.9572.1.1,am:i,cc:1274.9572.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B182~0%5D,as:%5B182~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEGjQsL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1h2%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=df9ecd9f-4280-641f-42c9-f2b8c7ac4378&tv=%7Bc:jTaavV,time:331,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:331,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:204,wc:0.0.1600.1200,ac:0.10603.10.10,am:i,cc:0.10603.10.10,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B138~0%5D,as:%5B138~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEGjQsU+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k.10507%7C1k1%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:A.qs.tn%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt32.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c504c8ad-4be7-a3d0-144c-ec5dd2e259f9&tv=%7Bc:jTaavW,time:328,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:328,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:223,wc:0.0.1600.1200,ac:800.3983.1.1,am:i,cc:800.3983.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sEGjQsU+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=903&dpuuid=74e5f22a-e2e2-4538-822d-fb57c0276daf
dpm.demdex.net/ Frame 7573
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=74e5f22a-e2e2-4538-822d-fb57c0276daf
42 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=74e5f22a-e2e2-4538-822d-fb57c0276daf
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcscanary-prod-irl1-1-v018-0d697b020.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dFdVndZ+Qro=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=74e5f22a-e2e2-4538-822d-fb57c0276daf
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
up
insight.adsrvr.org/track/ Frame 965C 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.189.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-189-245.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

date
Fri, 30 Jul 2021 20:34:06 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
adsct
analytics.twitter.com/i/ Frame CBBD 		31 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 30 Jul 2021 20:34:06 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
cf5a6a6229807b8b87bab4d522258dce21d5e93587221afc24cac7eef62fea81
x-transaction
d259a4be034c7ef7
expires
Tue, 31 Mar 1981 05:00:00 GMT
up
insight.adsrvr.org/track/ Frame 6DDC 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.189.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-189-245.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

date
Fri, 30 Jul 2021 20:34:06 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ibs:dpid=19566&dpuuid=%s
dpm.demdex.net/ Frame 7573
Redirect Chain
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
42 B
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v012-0e429de18.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
n5U9eWZWRBM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
server
nginx
etag
"60b82817-cde"
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
expires
Fri, 30 Jul 2021 20:34:06 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b92b0e9b-ce11-cd0f-6417-9fc473c2e658&tv=%7Bc:jTaazp,pingTime:-10,time:559,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMHYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMHZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.10v220002022000220000022002222000022220200000222200222220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,asp:1627677246202%7C%7C1d1971089b45bdb9180ffe55c23cfdff%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cd9e330452bd84a56926504ec748759e1%7C%7Ce1eabd27f2361337318d7fbcda48a721%7C%7Cc59cc81cd4be0c86443efdcc68b85d57%7C%7C41dd9b5e44b06b25075f43179b08a366%7C%7Ca5753af45cfbf69cc15c26cb2e2e94d1%7C%7C1627502962%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/election-campaign/assets/ 		1 B
313 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/election-campaign/assets/style.css
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
etag
"34d5848c995803cfd00c2f7f02d807e2069b51ffca60a40f05d2d7229ef13b69"
last-modified
Thu, 22 Jul 2021 05:49:06 GMT
x-timer
S1627000952.534438,VS0,VE159
x-i
true
x-served-by
cache-ams21049-AMS
content-type
text/css; charset=utf-8
cache-control
max-age=1800
date
Fri, 30 Jul 2021 20:34:06 GMT
x-cache-hits
0
accept-ranges
bytes
content-length
1
expires
Fri, 30 Jul 2021 21:04:06 GMT
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/election-campaign/assets/ 		1 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/election-campaign/assets/main.js
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1b96347a6b03b970c88f9d66026d7b39f51a1272f8d017254319c84900ab1431
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
"8ef7556de4b64a5a02d891d51367455f564615465c3272d4ca2fbe6f52ed2c41"
last-modified
Thu, 22 Jul 2021 05:49:06 GMT
x-timer
S1627000952.713646,VS0,VE170
x-i
true
x-served-by
cache-ams21023-AMS
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
date
Fri, 30 Jul 2021 20:34:06 GMT
x-cache-hits
0
accept-ranges
bytes
content-length
598
expires
Fri, 30 Jul 2021 21:04:06 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 		969 B
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/style.css
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
"617866c501ae2baecee3c33975ca8125d4935302e86a88dedf91278f1aec543e"
last-modified
Thu, 22 Jul 2021 05:49:06 GMT
x-timer
S1626933053.017221,VS0,VE1
x-i
true
x-served-by
cache-ams21061-AMS
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=1330
date
Fri, 30 Jul 2021 20:34:06 GMT
x-cache-hits
1
accept-ranges
bytes
content-length
406
expires
Fri, 30 Jul 2021 20:56:16 GMT
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/main.js
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
"799b8c406ecbbc260dc9ac71c011202326bd9a557b155ba1707af12579eded3c"
last-modified
Thu, 22 Jul 2021 05:49:06 GMT
x-timer
S1626933053.947707,VS0,VE1
x-i
true
x-served-by
cache-ams21049-AMS
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1313
date
Fri, 30 Jul 2021 20:34:06 GMT
x-cache-hits
1
accept-ranges
bytes
content-length
1276
expires
Fri, 30 Jul 2021 20:55:59 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/interactive-loader/assets/ 		1 B
311 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/interactive-loader/assets/style.css
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
etag
"34d5848c995803cfd00c2f7f02d807e2069b51ffca60a40f05d2d7229ef13b69"
last-modified
Thu, 22 Jul 2021 05:49:06 GMT
x-timer
S1626932973.393750,VS0,VE0
x-i
true
x-served-by
cache-ams21060-AMS
content-type
text/css; charset=utf-8
cache-control
max-age=1769
date
Fri, 30 Jul 2021 20:34:06 GMT
x-cache-hits
2
accept-ranges
bytes
content-length
1
expires
Fri, 30 Jul 2021 21:03:35 GMT
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/interactive-loader/assets/ 		1 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/interactive-loader/assets/main.js
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1b96347a6b03b970c88f9d66026d7b39f51a1272f8d017254319c84900ab1431
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
"8ef7556de4b64a5a02d891d51367455f564615465c3272d4ca2fbe6f52ed2c41"
last-modified
Thu, 22 Jul 2021 05:49:06 GMT
x-timer
S1626932973.403927,VS0,VE1
x-i
true
x-served-by
cache-ams21082-AMS
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
date
Fri, 30 Jul 2021 20:34:06 GMT
x-cache-hits
1
accept-ranges
bytes
content-length
598
expires
Fri, 30 Jul 2021 21:04:06 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame EFA4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame EFA4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=IKy3BL2q5KlW&ev=1&orig=trc&pid=562107
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=IKy3BL2q5KlW&ev=1&orig=trc&pid=562107
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Fri, 30 Jul 2021 20:34:07 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19010

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=IKy3BL2q5KlW&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-589cbd599f-m56nr
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame EFA4
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3760687087462388286&orig=trc
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3760687087462388286&orig=trc
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Fri, 30 Jul 2021 20:34:06 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15321

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:06 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
cfbfca83-fe00-41c8-826b-9af8e7cf7e08
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3760687087462388286&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame EFA4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG1TxPwiW-jq1Wqpr0fJAkw&google_cver=1
0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG1TxPwiW-jq1Wqpr0fJAkw&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 30 Jul 2021 20:34:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1627677246.274949,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19139-FRA

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG1TxPwiW-jq1Wqpr0fJAkw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EFA4 		42 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:425
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame EFA4
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c27381e4-b9f1-4bc4-90f6-de3e047c6682-tuct7fde7be
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c27381e4-b9f1-4bc4-90f6-de3e047c6682-tuct7fde7be
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c27381e4-b9f1-4bc4-90f6-de3e047c6682-tuct7fde7be
tbl-x-upstream
10.41.14.57:10213
date
Fri, 30 Jul 2021 20:34:06 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15321
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame EFA4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=74e5f22a-e2e2-4538-822d-fb57c0276daf
0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=74e5f22a-e2e2-4538-822d-fb57c0276daf
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 30 Jul 2021 20:34:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1627677246.277037,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19139-FRA

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=74e5f22a-e2e2-4538-822d-fb57c0276daf
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame EFA4
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:07 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:07 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame EFA4 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-589cbd599f-lgzwd
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame EFA4 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame EFA4 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:09 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame EFA4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9f682c78-3541-4a4f-83de-fdaea596e70f
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9f682c78-3541-4a4f-83de-fdaea596e70f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.127:10213
date
Fri, 30 Jul 2021 20:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17084

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Fri, 30 Jul 2021 20:34:13 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9f682c78-3541-4a4f-83de-fdaea596e70f
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1442
content-type
text/html; charset=utf-8
content-length
222
expires
Fri, 30 Jul 2021 00:00:00 GMT
/
loadus.exelator.com/load/ Frame EFA4
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOapMAe833g0V--KFP65kIwLUZirdxUR8L30ZibA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOapMAe833g0V--KFP65kIwLUZirdxUR8L30ZibA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=bf9367ae-3a93-4be1-a697-2bf88fc9f83d&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/441/5/3.gif?puid=e_2e4b6e7c-906d-4d62-9ec8-202dbc95fa04&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOKiacHJppwG19yXAvKqkK8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3760687087462388286&opid=apx&ops=&utidl=tech:goo:CAESEOKiacHJppwG19yXAvKqkK8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19466210288&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/3/5.gif?puid=c150ff316d838a67b8ba47facff2229d&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/2/6.gif?puid=f59a50fd-8435-464f-94cc-6c6f5867de2c&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
0
0
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame EFA4
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zHbafC7CCiyY9msHP2IEYQ
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zHbafC7CCiyY9msHP2IEYQ
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Fri, 30 Jul 2021 20:34:07 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20482

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zHbafC7CCiyY9msHP2IEYQ
date
Fri, 30 Jul 2021 20:34:07 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame EFA4 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Fri, 30 Jul 2021 20:33:26 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame EFA4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=c6dbaca5-e5b5-4697-b10e-9672aa74b823&gdpr=0&gdpr_consent=
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=c6dbaca5-e5b5-4697-b10e-9672aa74b823&gdpr=0&av_tc=True
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=370fb0b3-2b7a-49a1-86ee-a5df11bbf205&expires=2&ssp=taboola&bsw_param=c6dbaca5-e5b5-4697-b10e-9672aa74b823
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c6dbaca5-e5b5-4697-b10e-9672aa74b823
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c6dbaca5-e5b5-4697-b10e-9672aa74b823
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Fri, 30 Jul 2021 20:34:09 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17493

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c6dbaca5-e5b5-4697-b10e-9672aa74b823
date
Fri, 30 Jul 2021 20:34:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame EFA4
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=73c34531-0adc-4f59-8428-b9f854a43afb
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=73c34531-0adc-4f59-8428-b9f854a43afb&tbid=9a2a1586-dab9-4889-a934-6bf3ed4d8122-tuct7fde7be&query=taboola_hm%3D73c34531-0adc-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=73c34531-0adc-4f59-8428-b9f854a43afb&tbid=9a2a1586-dab9-4889-a934-6bf3ed4d8122-tuct7fde7be&query=taboola_hm%3D73c34531-0adc-4f59-8428-b9f854a43afb&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1627677248.723556,VS0,VE11
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19139-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=73c34531-0adc-4f59-8428-b9f854a43afb&tbid=9a2a1586-dab9-4889-a934-6bf3ed4d8122-tuct7fde7be&query=taboola_hm%3D73c34531-0adc-4f59-8428-b9f854a43afb&isDirect=0
tbl-x-upstream
10.41.14.57:10213
date
Fri, 30 Jul 2021 20:34:07 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19682
sd
u.openx.net/w/1.0/ Frame EFA4
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&gdpr=0&gdpr_consent=
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:08 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&gdpr=0&gdpr_consent=
date
Fri, 30 Jul 2021 20:34:08 GMT
via
1.1 google
server
OXGW/16.211.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame EFA4
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=05d7189c-1a4d-52d3-bb58-de94da5cbcd4
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=05d7189c-1a4d-52d3-bb58-de94da5cbcd4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Fri, 30 Jul 2021 20:34:08 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17869

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=05d7189c-1a4d-52d3-bb58-de94da5cbcd4
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame EFA4 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.233.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:08 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame EFA4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=_l1Tw-zGRKeW_7q3Dbe9MQ&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&ui=_l1Tw-zGRKeW_7q3Dbe9MQ
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&ui=_l1Tw-zGRKeW_7q3Dbe9MQ
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Fri, 30 Jul 2021 20:34:07 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18396

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&ui=_l1Tw-zGRKeW_7q3Dbe9MQ
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EFA4
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date
Fri, 30 Jul 2021 20:34:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
70
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19139-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1627677248.123903,VS0,VE0
date
Fri, 30 Jul 2021 20:34:08 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
45
x-cache-hits
743
ibs:dpid=23728&dpuuid=YQRiPpcGh7UoHm61uzNYrQAA%261166
dpm.demdex.net/ Frame 7573
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YQRiPpcGh7UoHm61uzNYrQAA%261166
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YQRiPpcGh7UoHm61uzNYrQAA%261166
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-08328c47a.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9CpUO/n4R6E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YQRiPpcGh7UoHm61uzNYrQAA%261166
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
264
Expires
Fri, 30 Jul 2021 20:34:06 GMT
indie.css
resourcesssl.newscdn.com.au/cs/ts2020/assets/css/ 		81 B
394 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/css/indie.css?t=1
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/election-campaign/assets/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
084d32a7498684efdaaed30f2d8ea491a926ee0fe1d49b4bf0f9a1dc49c4fb5f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:07 GMT
last-modified
Thu, 22 Jul 2021 00:16:37 GMT
server
AmazonS3
x-amz-request-id
5JJVP6W4Z6ZS2RG7
etag
"79a0a545e3054cff597279f2eff7088c"
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
content-length
81
x-amz-id-2
eDhEW7bSS4zV/finADJkA6kpdplW2DO+9J1XfWRN2xxvQO4e14Bldojh1IkKiPufPTt3M6VHxjo=
expires
Fri, 30 Jul 2021 21:04:07 GMT
lazy-load.js
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/adelaidenow/2020/covid-19/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/adelaidenow/2020/covid-19/lazy-load.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/interactive-loader/assets/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.74 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
bb87c699f65695d1ca03ca6ea1bb004e74d362f3c40142f26c8356555609a046

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 20:34:09 GMT
Last-Modified
Tue, 13 Jul 2021 03:25:32 GMT
Server
AmazonS3
x-amz-request-id
EG3SZRG8C4W29MGJ
ETag
"36631158d8454ece5214fb7796969aaf"
Content-Type
application/javascript
x-amz-version-id
cI160lm4xVj2QMFYJErMbKWqifMzMk2K
Accept-Ranges
bytes
Content-Length
2248
x-amz-id-2
kNrUfR+MHTSXoRWHGFDVf6JrbYBbqCLRZ/rzxTcneB66X7b0Ttshbxe8XIbnF0CbgmX4GaxvWRQ=
ibs:dpid=30432&dpuuid=CI-fcec641626e67d4916828039307fb359
dpm.demdex.net/ Frame 7573
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=36126207129743048330580553676847753842&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-fcec641626e67d4916828039307fb359
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-fcec641626e67d4916828039307fb359
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-0a778d318.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7po1Y5J7SEo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-fcec641626e67d4916828039307fb359
Date
Fri, 30 Jul 2021 20:34:06 GMT
useSecure
true
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 7573
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=36126207129743048330580553676847753842&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-0ef5447a8.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
/GcUAV3wTXQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Fri, 30 Jul 2021 20:34:06 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fa7c6ab7-0541-6fee-450c-4d6e31fabadf&tv=%7Bc:jTaaFl,pingTime:-10,time:924,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMHYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMHZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.10v220002022000220000022002222000022220200000222200222220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,asp:1627677246202%7C%7C1d1971089b45bdb9180ffe55c23cfdff%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cd9e330452bd84a56926504ec748759e1%7C%7Ce1eabd27f2361337318d7fbcda48a721%7C%7Cc59cc81cd4be0c86443efdcc68b85d57%7C%7C41dd9b5e44b06b25075f43179b08a366%7C%7Ca5753af45cfbf69cc15c26cb2e2e94d1%7C%7C1627502962,sca:%7Bspg:b92b0e9b-ce11-cd0f-6417-9fc473c2e658%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt49.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usermatch.gif
beacon.krxd.net/ Frame 7573
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=36126207129743048330580553676847753842
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=36126207129743048330580553676847753842
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=36126207129743048330580553676847753842
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.20.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1627677247
x-served-by
beacon-n013-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=36126207129743048330580553676847753842
date
Fri, 30 Jul 2021 20:34:07 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a013-ash-prod.krxd.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=df9ecd9f-4280-641f-42c9-f2b8c7ac4378&tv=%7Bc:jTaaFP,pingTime:-10,time:945,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMHYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMHZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.10v220002022000220000022002222000022220200000222200222220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,asp:1627677246202%7C%7C1d1971089b45bdb9180ffe55c23cfdff%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cd9e330452bd84a56926504ec748759e1%7C%7Ce1eabd27f2361337318d7fbcda48a721%7C%7Cc59cc81cd4be0c86443efdcc68b85d57%7C%7C41dd9b5e44b06b25075f43179b08a366%7C%7Ca5753af45cfbf69cc15c26cb2e2e94d1%7C%7C1627502962,sca:%7Bspg:b92b0e9b-ce11-cd0f-6417-9fc473c2e658%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt45.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=134096&dpuuid=GNh0wQ9999ep0xHC
dpm.demdex.net/ Frame 7573
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=36126207129743048330580553676847753842&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=GNh0wQ9999ep0xHC
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=GNh0wQ9999ep0xHC
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v012-01a7a837a.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tMbb6tccQ90=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=GNh0wQ9999ep0xHC
Date
Fri, 30 Jul 2021 20:34:06 GMT
Connection
keep-alive
Content-Length
0
BK-Server
6c1b
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame 7573
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVFSaVBRQUFBR3d5eVJIbA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVFSaVBRQUFBR3d5eVJIbA==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627677247.899590,VS0,VE0
x-served-by
cache-fra19145-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVFSaVBRQUFBR3d5eVJIbA==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 7573
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YQRiPQAAAGwyyRHl&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YQRiPQAAAGwyyRHl&expires=90
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627677247.899842,VS0,VE0
x-served-by
cache-fra19145-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YQRiPQAAAGwyyRHl&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c504c8ad-4be7-a3d0-144c-ec5dd2e259f9&tv=%7Bc:jTaaKv,pingTime:-10,time:1231,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMHYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMHZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.10v220002022000220000022002222000022220200000222200222220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,asp:1627677246202%7C%7C1d1971089b45bdb9180ffe55c23cfdff%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cd9e330452bd84a56926504ec748759e1%7C%7Ce1eabd27f2361337318d7fbcda48a721%7C%7Cc59cc81cd4be0c86443efdcc68b85d57%7C%7C41dd9b5e44b06b25075f43179b08a366%7C%7Ca5753af45cfbf69cc15c26cb2e2e94d1%7C%7C1627502962,sca:%7Bspg:b92b0e9b-ce11-cd0f-6417-9fc473c2e658%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt40.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2abf9d7d-1d5e-c4e9-4a66-578dc970125d&tv=%7Bc:jTaaL0,pingTime:-10,time:1264,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMHYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMHZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.10v220002022000220000022002222000022220200000222200222220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,asp:1627677246202%7C%7C1d1971089b45bdb9180ffe55c23cfdff%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cd9e330452bd84a56926504ec748759e1%7C%7Ce1eabd27f2361337318d7fbcda48a721%7C%7Cc59cc81cd4be0c86443efdcc68b85d57%7C%7C41dd9b5e44b06b25075f43179b08a366%7C%7Ca5753af45cfbf69cc15c26cb2e2e94d1%7C%7C1627502962,sca:%7Bspg:b92b0e9b-ce11-cd0f-6417-9fc473c2e658%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b92b0e9b-ce11-cd0f-6417-9fc473c2e658&tv=%7Bc:jTaaLz,time:1313,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1313,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:114,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1225~0%5D,as:%5B1225~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:120,fm:sEGjQsI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:07 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fa7c6ab7-0541-6fee-450c-4d6e31fabadf&tv=%7Bc:jTaaLV,time:1332,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1333,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:146,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1196~0%5D,as:%5B1196~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:104,fm:sEGjQsL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:07 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
rum
dsum-sec.casalemedia.com/ Frame 7573
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQRiPQAAAGwyyRHl
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQRiPQAAAGwyyRHl
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 30 Jul 2021 20:34:07 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627677247.983554,VS0,VE0
x-served-by
cache-fra19145-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQRiPQAAAGwyyRHl
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
ib.adnxs.com/ Frame 7573
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YQRiPQAAAGwyyRHl
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YQRiPQAAAGwyyRHl
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 20:34:07 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7a94a613-5d57-4650-a926-79212b5cd0e0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627677247.086415,VS0,VE0
x-served-by
cache-fra19145-FRA
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YQRiPQAAAGwyyRHl
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 7573
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YQRiPQAAAGwyyRHl
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YQRiPQAAAGwyyRHl
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YQRiPQAAAGwyyRHl
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:08 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YQRiPQAAAGwyyRHl
date
Fri, 30 Jul 2021 20:34:08 GMT
via
1.1 google
server
OXGW/16.211.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame 7573
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQRiPQAAAGwyyRHl
1 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQRiPQAAAGwyyRHl
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:444
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627677247.287284,VS0,VE0
x-served-by
cache-fra19145-FRA
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQRiPQAAAGwyyRHl
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 7573
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YQRiPQAAAGwyyRHl&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YQRiPQAAAGwyyRHl&img=1&__user_check__=1&sync_id=7d897b24-f175-11eb-87d7-194044dd0406
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YQRiPQAAAGwyyRHl&img=1&__user_check__=1&sync_id=7d897b24-f175-11eb-87d7-194044dd0406
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 20:34:08 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
110
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 30 Jul 2021 20:34:08 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YQRiPQAAAGwyyRHl&img=1&__user_check__=1&sync_id=7d897b24-f175-11eb-87d7-194044dd0406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
88
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 7573
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YQRiPQAAAGwyyRHl&t=2592000&o=0
43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YQRiPQAAAGwyyRHl&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 13:34:07 PDT
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
hRZDE/cdF5CkmSFokO/Hrjn65J29pK8aNBjkQW+2L4PCA3D2n/0MuTkwElK3RWhi/du95XgNFHg7QR0UfMcvww==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Fri, 30 Jul 2021 13:34:07 PDT

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627677247.489078,VS0,VE0
x-served-by
cache-fra19145-FRA
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YQRiPQAAAGwyyRHl&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=147592
dpm.demdex.net/ Frame 7573
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=9a2a1586-dab9-4889-a934-6bf3ed4d8122-tuct7fde7be
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=9a2a1586-dab9-4889-a934-6bf3ed4d8122-tuct7fde7be
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-037293239.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
M4OV9YAHTfc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
9
date
Fri, 30 Jul 2021 20:34:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1627677248.591953,VS0,VE9
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=9a2a1586-dab9-4889-a934-6bf3ed4d8122-tuct7fde7be
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19139-FRA
ibs:dpid=461447&dpuuid=RX-6146a9d7-3f9f-417b-b7b5-06beeccb260d-003
dpm.demdex.net/ Frame 7573
Redirect Chain
  • https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1627677247725
  • https://sync.targeting.unrulymedia.com/csync/RX-6146a9d7-3f9f-417b-b7b5-06beeccb260d-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-6146a9d7-3f9f-417b-b7b5-06beeccb260d-003
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-6146a9d7-3f9f-417b-b7b5-06beeccb260d-003
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-6146a9d7-3f9f-417b-b7b5-06beeccb260d-003
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v012-0569733e3.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
uRC/lbqlRJo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-6146a9d7-3f9f-417b-b7b5-06beeccb260d-003
date
Fri, 30 Jul 2021 20:34:07 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX6146a9d73f9f417bb7b506beeccb260d003
content-type
text/html
gn
secure-dcr.imrworldwide.com/cgi-bin/ 		44 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=o148c3nkqrfebosutzc2a4nhw6ncb1627677245&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16276772450853652&c30=bldv,6.0.0.602&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1627677245038&c3=st,c&c64=starttm,1627677247&adid=1627677245038&c58=isLive,false&c59=sesid,&c61=createtm,1627677247&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&c62=sendTime,1627677247&rnd=4322
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.67.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:08 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
pips.taboola.com/ 		64 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:08 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19131-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=cc945519-3ce4-48e2-9b72-ef6016a95743-tuct7fde7bc&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Jul 2021 20:34:08 GMT
Cache-Control
no-store
Server
nginx
Connection
close
hostnames.js
d2n6ofw4o746cn.cloudfront.net/adelaidenow/2020/covid-19/ 		475 B
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2n6ofw4o746cn.cloudfront.net/adelaidenow/2020/covid-19/hostnames.js?ver=
Requested by
Host: news-networkeditorial.s3-ap-southeast-2.amazonaws.com
URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/adelaidenow/2020/covid-19/lazy-load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ee00:1e:9240:9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd6e3db2479b69fbd2d0ccc96a3eeb36a19a4cdaf6d104aadef571f451fe5976

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
bKrfnQlW4fZpkDrRZoSWXpfSEbhd9n12
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
last-modified
Tue, 04 May 2021 04:22:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"ef7ef9736896e2c57fb9d9ad2a0b575e"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 30 Jul 2021 20:34:08 GMT
accept-ranges
bytes
content-length
475
x-amz-cf-id
D3RjA8Xh_IRZ2ZKeh23zu9FbAULFkSZQHw66TMoUJjKW4QkwM9TGIg==
generic1627609460201.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		371 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1627609460201.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b7b71d134771279411de99eca76e45b5c05703a6e89e6665a13956b899afabd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OuI5xDstviNsOmxGvXN4k_b0mzfXONCM
content-encoding
gzip
etag
"76a61e25a1f2ed2b68f004319319adc9"
age
0
via
1.1 varnish
x-cache
HIT
x-amz-request-id
2WTMGCCXW5ZEFD32
x-amz-id-2
ZLIRoshCuOO7MDriHv/OJ2v6xC18b4MrcTVHAdeqj7SJPCnOREO+jVIAv7TIXCy+868rHJIDYfU=
x-served-by
cache-fra19121-FRA
accept-ranges
bytes
last-modified
Fri, 30 Jul 2021 01:44:21 GMT
server
AmazonS3
x-timer
S1627677248.493447,VS0,VE0
date
Fri, 30 Jul 2021 20:34:08 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
83561
x-cache-hits
5
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2208ae9f4ebb6f883ecc7d0b6b0e18333ad5ebd4241f17b167cd142012e8d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 20:34:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8539
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 20:34:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 30 Jul 2021 20:34:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E0C8 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 30 Jul 2021 20:10:30 GMT
expires
Sat, 30 Jul 2022 20:10:30 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1418
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6964 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7b4228396c28b31b19622bed8c58af796c6077edaec13e81430221ef52f7d9ac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eq+1224f0GwHI4RWy9e5aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

expires
Fri, 30 Jul 2021 20:34:08 GMT
date
Fri, 30 Jul 2021 20:34:08 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-eq+1224f0GwHI4RWy9e5aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
pagead2.googlesyndication.com/bg/ Frame E0C8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 11:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
117254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Jul 2022 11:59:54 GMT
886d346e5227673f543afa5b04a85336
content.api.news/v3/images/bin/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/886d346e5227673f543afa5b04a85336?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7cea95fe548323fa1cdb6fc2bb6f0c5f0555a229cc41dbf13bbc70e707406700

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
886d346e5227673f543afa5b04a85336
date
Fri, 30 Jul 2021 20:34:08 GMT
last-modified
Fri, 30 Jul 2021 10:58:54 GMT
server
Akamai Image Manager
etag
be0f1fa56ec2fbe8197c18df68ceb76e-886d346e5227673f543afa5b04a85336-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5149454
access-control-allow-headers
x-newsapi-api-key
content-length
9753
expires
Tue, 28 Sep 2021 10:58:22 GMT
d190a8ab637e6ffb7d2cfe9cb64336fd
content.api.news/v3/images/bin/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d190a8ab637e6ffb7d2cfe9cb64336fd?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2d6943ac33383610ace50a828ebb88a0c625979351c9b7ed9e4d7f1c0ca68c3f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
d190a8ab637e6ffb7d2cfe9cb64336fd
date
Fri, 30 Jul 2021 20:34:08 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
b1c24b85b720bf45f3ddf03e6df1ab1d-d190a8ab637e6ffb7d2cfe9cb64336fd-320
x-serial
315
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5137407
last-modified
Fri, 30 Jul 2021 07:37:49 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
8621
expires
Tue, 28 Sep 2021 07:37:35 GMT
4f4755ec5350a793f1e4c77e94e8c64f
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/4f4755ec5350a793f1e4c77e94e8c64f?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3ff60a0747afa5a9d9cdaa204768ad87450452fea8d85c0c26b0a5ba6d51fb12

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
4f4755ec5350a793f1e4c77e94e8c64f
date
Fri, 30 Jul 2021 20:34:08 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
c0c73352bc02fe60334f68c53117ae4b-4f4755ec5350a793f1e4c77e94e8c64f-320
x-serial
255
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5142753
last-modified
Fri, 30 Jul 2021 09:09:09 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
4454
expires
Tue, 28 Sep 2021 09:06:41 GMT
ajax-loader.gif
d2n6ofw4o746cn.cloudfront.net/adelaidenow/2020/covid-19/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2n6ofw4o746cn.cloudfront.net/adelaidenow/2020/covid-19/img/ajax-loader.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ee00:1e:9240:9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vSj6P36RhAthsyW.1bNmHzxUuW8abVDf
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 00:57:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"a51c5608d01acf32df728f299767f82b"
x-cache
Hit from cloudfront
content-type
image/gif
date
Fri, 30 Jul 2021 20:34:08 GMT
accept-ranges
bytes
content-length
3208
x-amz-cf-id
G_w-cX9zFufgYnAVzalG4WRoSz8bAdwx0dxeprJeozQHxXCqYO181g==
8dc8103c0836789cbaf4528801b15376
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8dc8103c0836789cbaf4528801b15376?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
99c906982454519382f88889e6833f6c6cb56b97417023fad2c4ed29b5c23153

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
8dc8103c0836789cbaf4528801b15376
date
Fri, 30 Jul 2021 20:34:08 GMT
last-modified
Fri, 30 Jul 2021 09:06:15 GMT
server
Akamai Image Manager
etag
0c7008679166e1944753c70847a87054-8dc8103c0836789cbaf4528801b15376-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5142710
access-control-allow-headers
x-newsapi-api-key
content-length
6787
expires
Tue, 28 Sep 2021 09:05:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072701&jk=4336215579218088&bg=!ZmWlZSHNAAals0SOpbM7ACkAdvg8WnOhxFR89AYc8maWCx7aYJxfq-wC5mz0qtb2qqCDX8Jcs0R_GAIAAACjUgAAAAtoAQcKAFxLXM73x449rSJ0l6vsmQLYVHncYx3FdrhfXsLd0NnMR2YwO6gH_vZyoHz2BfqTBK7CbWw4eFkPa6Gmm3zfss6NmbUPWhgoq2b7JVCf0DhzVAQ7oC-j6K9wv7yVppkCiFsvnC9hWhGY__YKEZLYC-BO4WCbouTcTzcmoXy7QD1sTslDDg5_pQDn76IuJNzB29gEPVx5lsJsSPAlwuzK1tgY9AQloiUESqU8WAprm42yB1fqRIdRR7tVQKuPcOPP0k0Ylyg9sM4icPjNPDb_UxsWsqdFdyXvXFYT7re8-dGvk0B2uzTtaPTgkd1-bM4RbH01X6v6Nfdp7974MzPD061J7Fr43maxZlH2NxVHQQ0gG42W4J9MbZWgYZLU7mSeCae6nucQqM0OiPdZM0lgSTItEV9u7SpsZoVp7NwBphC5EBAAIHhlZNQLEKRWgzmCsnRQdhcHYaYrbVv76mR-4AfXoOTv-v8nxpMFh78CYEhxWBOKucEEi-BnlagSveTCheFOoFHC3V7sTJq7dLFvJ5mFxZHinXjnb3CQax14FtkDGJ9num7-klB0E1kZm6x5fryhFvon9wiPPpyyulJ-ksolq9OZTzKpQ1wqWYZhqQvSjkFdMPo4SnFBxF9uAPunPhy38_9-4yBarKGkeLhSNxgF_a4UBJkzNIVwVMGYsLeDzE757h0Nwo7ETtM5526TZTnmXc7iJ_FHDBwDzrfVes0X5zQBlgrzE1GLV6BQeDhtuHYC0EzcSATLHcve_-KIZpcDZmsPJ0QI43wuQ93VBGVOZb4TFgCT57Lfyjs1c_jixaOT9IqGA44aBFNCb9cuQJKNKsZ54BceRW8OxO2D-vHJjFqUIRU0hLK_2DoVFh_uB59-pM9Ugj8-DzPk9I7_3U-txWroLW-ygVpx88I3a7kTN4UZBd4iN_b9Da8YKdnvlm_JvHSXSUA9i8qfiA-jArfOHv5Al7827GmEhHBTWOZkFTT3pqqbbA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b92b0e9b-ce11-cd0f-6417-9fc473c2e658&tv=%7Bc:jTabO7,time:5315,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5315,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:114,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5227~0%5D,as:%5B5227~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:103,fm:sEGjQsI+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:11 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fa7c6ab7-0541-6fee-450c-4d6e31fabadf&tv=%7Bc:jTabOx,time:5338,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5338,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:146,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5201~0%5D,as:%5B5201~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:106,fm:sEGjQsL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a111%7C1b111%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.44.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:11 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=C5EC9qDKgS5WBhra6A&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=11299&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=3299&t=B3a0DojGNuayAVbgDIPkaSB4BqJr&V=128&tz=-120&_acct=anon&sn=2&sv=BXB6IgD4hcdMBUOnP0EcM4oR6uoQ&sd=1&im=06030402&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.44.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-44-81.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 20:34:19 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/11/18f3127f
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/WPFfxFvyIRS5/WuOzuR/rfd3UA/X7u1zNkt/XgdUa3RMAg/WVt/YQmEhS3g
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/11/18f3127f
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/WPFfxFvyIRS5/WuOzuR/rfd3UA/X7u1zNkt/XgdUa3RMAg/WVt/YQmEhS3g
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/11/18f3127f
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/WPFfxFvyIRS5/WuOzuR/rfd3UA/X7u1zNkt/XgdUa3RMAg/WVt/YQmEhS3g
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/11/18f3127f
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/WPFfxFvyIRS5/WuOzuR/rfd3UA/X7u1zNkt/XgdUa3RMAg/WVt/YQmEhS3g
Domain
loadus.exelator.com
URL
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

322 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| _taboola object| utag_data object| bruce_rtget number| LUX_t_start number| LUX_t_end object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| udm_ object| ns_p object| COMSCORE object| placementData object| _tfa string| nam function| loadjs function| Rampart function| webpackHotUpdateRampart object| __core-js_shared__ boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg function| parcelRequire object| lazySizes object| ads_api object| auth object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag undefined| isAsync undefined| httpGetAsync undefined| parseResponse object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| Nielsen_Event object| trac function| _tealium_old_error boolean| __tealium_twc_switch object| newskey object| nb object| sectionData number| _sf_endpt number| gptPluginLoaded number| gcTicker object| m object| nn number| nielsenSinglePageEvent object| ads_core object| ads_extra object| googletag string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| __iasPET object| kw_ignore object| mready object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| app object| metrics object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| ggeac object| google_js_reporting_queue boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL function| pbjsChunk object| pbjs object| _pbjsGlobals object| NOLCMB function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick object| V60 object| NOLBUNDLE string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| KAMPYLE_EMBED object| regeneratorRuntime object| core function| setImmediate function| clearImmediate object| ats object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| vidora function| vidoraTrackExtraElements object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc object| diagPixSentCodes object| __iasAdRefreshConfig object| CE2BH function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ads_ready object| vidora_ns function| omrhp number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal string| ptclString function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents undefined| oneTagObj function| ebDecode object| bsResponseObj object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired string| s_tnt string| f0 object| s_i_newscorpau-hsweb_newscorpau-global function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __IntegralASExec object| indieApps function| loadInteractive function| initInteractive function| addCSS function| addScript object| GoogleGcLKhOms object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata object| tbopt object| google_image_requests

25 Cookies

Domain/Path Name / Value
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: e96d5d7d-9c13-42a0-92b4-5ff9b5730c07.1627677245.1.1627677245.1627677245.e05152c5-6472-47b6-a622-15e4ac04ea51
.imrworldwide.com/ Name: SSCVER
Value: v1
www.heraldsun.com.au/ Name: vidoraUserId
Value: ubu37vitjhl78uof2r15dflm56pudg
.heraldsun.com.au/ Name: s_ppv
Value: https%253A%2F%2Fwww.heraldsun.com.au%2F%2C11%2C11%2C1200
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwiwvve4g-npORAFOAFaBzA1NGYzMm9gAg..
.heraldsun.com.au/ Name: tp
Value: 11263
.demdex.net/ Name: dextp
Value: 358-1-1627677245621|470-1-1627677245721|481-1-1627677245844|771-1-1627677245956|903-1-1627677246058|19566-1-1627677246175|23728-1-1627677246276|30432-1-1627677246377|30064-1-1627677246478|66757-1-1627677246579|134096-1-1627677246680|144230-1-1627677246781|144231-1-1627677246882|144232-1-1627677246983|144233-1-1627677247084|144234-1-1627677247185|144235-1-1627677247286|144236-1-1627677247386|144237-1-1627677247487|147592-1-1627677247588|461447-1-1627677247689
.heraldsun.com.au/ Name: s_cc
Value: true
.heraldsun.com.au/ Name: s_ppn
Value: no%20value
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.830322472.1627677245
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: s_gdslv_s
Value: First%20Visit
.heraldsun.com.au/ Name: s_nr
Value: 1627677245277-New
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C18839%7CMCMID%7C36147259842430298510578157548586007400%7CMCAAMLH-1628282045%7C6%7CMCAAMB-1628282045%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-2015792035%7CMCOPTOUT-1627684445s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18846%7CvVersion%7C5.1.1
.demdex.net/ Name: demdex
Value: 36126207129743048330580553676847753842
www.heraldsun.com.au/ Name: _ncg_marketingCloudVisitorId
Value: 36147259842430298510578157548586007400
.adsrvr.org/ Name: TDID
Value: 74e5f22a-e2e2-4538-822d-fb57c0276daf
.doubleclick.net/ Name: IDE
Value: AHWqTUkj6WcXAKqvzpcBtyNAJLcX9Sg8eXAhmdOO73-TqgWizsXXCF6cdq2Dk0F4
www.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C36147259842430298510578157548586007400
.imrworldwide.com/ Name: IMRID
Value: 7be5af90-f175-11eb-9ecf-ab5f9b715268
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.heraldsun.com.au/ Name: nc_eu
Value: y
www.heraldsun.com.au/ Name: _cb_ls
Value: 1
.heraldsun.com.au/ Name: s_gdslv
Value: 1627677245279

11 Console Messages

Source Level URL
Text
console-api log URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 23)
Message:
UTRACK loaded (from tealium)
console-api log URL: https://tags.news.com.au/prod/tad/tad.js(Line 5)
Message:
AD CORE ERROR: TypeError: Cannot read property 'disc.segments' of null
console-api log URL: https://tags.news.com.au/prod/tad/tad.js(Line 5)
Message:
AD CORE ERROR: 17 function(e,a){var t=e.localStorage;t["disc.segments"]&&(a.ad_audi_segs=t["disc.segments"].split(",")||[])}
console-api warning URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 227)
Message:
Medallia Tag Loaded
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js(Line 6)
Message:
[GPT] Invalid arguments: PubAdsService.setTargeting('adl', false).
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js(Line 6)
Message:
[GPT] Invalid arguments: PubAdsService.setLocation(50.12).
console-api log URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3)
Message:
vidora-client 1.3.4 4a354580d3cf929b5a8a7d86ed03be7f4218d021
console-api log URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1)
Message:
%c Vidora API finished initializing! background: #222; color: #b9da52
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.10.js(Line 32)
Message:
a: 0.004150390625 ms
console-api warning URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1627609460201.js(Line 894)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1627609460201.js(Line 888)
Message:
TypeError: Cannot read property 'trackEvent' of undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
ads.avads.net
ads.betweendigital.com
adservice.google.com
adservice.google.de
am-trc-events.taboola.com
analytics.twitter.com
assets.vidora.com
ats.rlcdn.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
beacon.krxd.net
bh.contextweb.com
bs.serving-sys.com
bttrack.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
d.turn.com
d2n6ofw4o746cn.cloudfront.net
dc3d6e888577bf70cc6c7e8f1d267e6b.safeframe.googlesyndication.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
eb2.3lift.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heraldsun.com.au
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
images.taboola.com
insight.adsrvr.org
jadserve.postrelease.com
js.adsrvr.org
loadus.exelator.com
login.newscorpaustralia.com
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
newscorpau.demdex.net
o148c3nkqrfebosutzc2a4nhw6ncb1627677245.nuid.imrworldwide.com
origin.go.heraldsun.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s1.rui.au.reastatic.net
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
script.crazyegg.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.co
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
loadus.exelator.com
login.newscorpaustralia.com
104.109.77.38
104.111.230.77
104.244.42.195
104.244.42.5
108.174.10.14
13.224.100.124
13.224.193.100
13.224.96.124
13.224.96.53
13.224.96.83
13.248.242.197
139.162.78.222
141.226.224.32
141.226.228.48
142.250.184.226
142.250.185.130
142.250.185.226
142.250.186.130
142.250.186.70
15.188.95.229
151.101.1.195
151.101.12.157
151.101.13.175
151.101.13.181
151.101.13.44
151.101.14.217
151.101.14.49
178.250.0.163
18.195.155.181
18.195.66.88
184.30.24.190
185.64.190.80
185.86.139.115
185.94.180.125
188.42.191.196
192.132.33.46
198.148.27.140
199.127.207.180
2.18.232.130
2.18.233.169
2.18.233.180
2.18.233.28
2.18.234.21
2001:678:cb4:bbbb::13
213.19.147.45
216.52.2.39
23.45.99.241
23.55.161.4
2600:9000:20eb:3000:1e:c291:240:93a1
2600:9000:20eb:dc00:4:77d:a0c0:93a1
2600:9000:2190:400:8:48e:53c0:93a1
2600:9000:2190:6200:18:1fcd:34f:cdc1
2600:9000:2190:8c00:1e:a43d:b640:93a1
2600:9000:21f3:b600:2:42d9:3100:93a1
2600:9000:21f3:ec00:1d:667e:2a40:93a1
2600:9000:21f3:ee00:1e:9240:9c0:21
2606:4700:3037::6815:4e07
2606:4700::6813:9408
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a02:26f0:6c00:2b0::25ea
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:3::300
2a04:fa87:fffd::c000:42d0
3.223.233.80
34.233.44.251
34.248.191.66
34.249.67.64
34.250.155.46
34.98.64.218
35.205.207.25
35.227.202.26
35.244.159.8
37.252.172.36
52.206.55.189
52.212.101.97
52.213.189.245
52.31.20.108
52.57.150.20
52.57.82.36
52.95.128.115
52.95.128.74
54.208.44.81
54.93.69.146
69.173.144.138
76.223.111.18
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
084d32a7498684efdaaed30f2d8ea491a926ee0fe1d49b4bf0f9a1dc49c4fb5f
0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d
09bab387cf0f1f209c38108070710c0910067f1c3a4331abcd9c4af037e0e23b
0b006d3b878851bd808dacd48c9b0c92b23644b4024528d34d76aff8bda68fa1
0b7b71d134771279411de99eca76e45b5c05703a6e89e6665a13956b899afabd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd062d458c82221b76575b73fb1f93ab4cddb79cee797d36c7731e9a4bee0e1
0e96098bb2152ccf47f6d2314f50deb5313d5443b1a7a0a3f18e6b34c8455b8d
10fb2e7bc0fb49a10347df3928829396f921e38ab2c1985f9834d9567fde2bf1
13c9350034038d5486373f354f8c9f9e36d290c79e93878194ee1c6e804534c3
15046b412e4b2bb053eff2d17f40dea6307c98b4a5d4586db994448e25d483ed
19353d2b4d79956569a1ac629398c8f6ec8275a06279d37b926738e500e39edb
1a3f142c3e2e0e353d23206cfe829b434d9b7e7d834911147b0a82f2d0754acb
1b96347a6b03b970c88f9d66026d7b39f51a1272f8d017254319c84900ab1431
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1d91e1f1004c910402c81c62dc28a79609f7381f6f8e5fd5118c0a08ff40a96a
210bb38b56f23be19ed9ad0bba4f74923fd2ec9e0e2c1e0bf06bcf4e57f224fc
2143df38d0790552d51c8e476c0617548ab569020395f881be4a38ce473d0e04
237fe1ac082fdd689c7b4eb9ec7798ce78e6ff289fe478fbd0100b1e3fb37852
27fff26f8ff688b2661d461f084ef0eaeefe1d2140515b6404862f5a18fd28ac
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b9c4754dbddaa739fa993ad9e9d7747025b75d34cb2af3fa22ee983cb1734ef
2d6943ac33383610ace50a828ebb88a0c625979351c9b7ed9e4d7f1c0ca68c3f
2de5db4bad6476a0de247839770accbfd0399b8c92e296fbaf3e274a6ef35f56
330da112ebc410437373800cbd2e3b2f957f29dee19297e2c947d37ecd3a1834
37f8c351b5a1b778104009491a391280e82d2c3e861950f9da1051bb610f56f2
386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb
397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7
3b7fba8bb89e137ad4ce83b112d860bf6fa6f06c2c8c42baed64b34c4d0f45c6
3ff60a0747afa5a9d9cdaa204768ad87450452fea8d85c0c26b0a5ba6d51fb12
4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025
4760804c597c68830327ce364ecad0aa5af594f354b41ff63d9022bd6d943fd0
47724ded934a9bfa1ee00a7cc378c69d9223e8cb39d38495bf9e7664d962abf7
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
49951ea080af236b8cf5fb0293a5981592f8f89f62d4f0ba4c84f8d46bd8ee71
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d85ebc2c64fe3288b92d262ae4c567084a214a194cf6306c9b65ac2318ef671
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560ae750fe8ce4608f8f06472aafc192ae2cfaa1f14038ab8c8f92e97c34baf5
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
5692dfedf85b6847f85098a682a035e110c5d8ca0c8a48d789275e2d4841becc
57ed96d31fc16f26bc5085a2f31d0e1cd44234fd3d7ac829a052caae81d9021f
59cb71b9e76b9047bb3d25ff19b6fd4edd00341332c326e9b3c464bc24c5369f
5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe
5d8d9a25d740d84796f550995000f5cb09444587a73d0bb8f3c3ec0255f766e5
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6005f2326a3bcec44dc13142f605220b3ebe3d465b3df216fd8d5795dca8b92f
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
6525ef13f3eecef0a305084624e34852311af3e807f850bbced086d563d34dda
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
68846b71d18b8e4470d493c486f401b96759df9bc446a288f651ef1ab4970ce6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c74ac5b824536884634fd010c7d65a75c20bd27b0e32a0b2ea5ccbda2660dd4
6e288a5a83728610b9a2b07a6d38440716c19d0e6847fac0e079bf23deb6dec9
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
6e6ea4df4b442b78dfefa35bc834347ffa7f09394b6eb491f2f13c6e6125bf46
6f7871d93d5c3d1704ff63df786e947d15254a0dc27af5b429b03a7090d07ff0
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
714cafff07c401d54cda0b09af30d81dd5e3e2bc5891556168366fcc771a5bc4
71a8fdaf97655c40070a0fd034eeff672a5526d7d768ccd314f46567a440f57d
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c
7313b1057f6543d7eb7acaa080be92b436473884cc71a5b0bdf5ece0d5e0aa4d
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
75725b0e46e5739587ea1f222ceef5ab7148f95d4e9ed12ce4ef5c107494f44b
7ac3316bff6fdb179ab98a319773d5c3beaa035a1f8c03f162a6100f8c49a899
7b4228396c28b31b19622bed8c58af796c6077edaec13e81430221ef52f7d9ac
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cea95fe548323fa1cdb6fc2bb6f0c5f0555a229cc41dbf13bbc70e707406700
7cecae3130085b75e1a5eef842b60677bdcec0ed4a6c59757c7a9f6f86a1283c
7dba2a46cbb63081c7e0d564eccd34e25616f7cff41b6c0b4d37160fcbcd6221
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84b2051c012ad6cb45b30bee85f013ee273962cf42ceba1a4406947bf61655e5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
8bc3da8c3505b3d92ab4b5b3b972135290ad2552146eb61c79465caa262fb27f
8f9e1fbd7f5751a862c874885290583d162f7e874c8bea31aa4bc034bfc73249
8fbfb42bb82ce3052352ce7cf22ae4e2b0dbeed1c324f2c490e8e0405d09b3d7
92dc040e3cfb48df68b8fe3d9705a33f1eebb016b13d47b4c25eaf7ee76ba975
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
99c906982454519382f88889e6833f6c6cb56b97417023fad2c4ed29b5c23153
9acafa201452e79c6c7c99d36c32dd14427ae54a474d517a4763e141ed2c8b9a
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
9c7d85da7c52ee0490f67a70f3926a2688d4649606a593439f3e7d367ecddabe
9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a220475224ac5b3ec1b7413e467254923fa989bba6ccef3efe0ab25e4a8795b2
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3cc81180383c279f79f23304043fc874a2853bb9c620119e0f64f1fb8b01068
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a67c436f4631a85afb70d8d9bdb1f763a2719e000b77fa8a14f952302146d04b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a979d6317bf209582eb38bf981c92960639ed05ded078c35a7b4ac1f144fae2d
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab479a8f853819978096cf83b095708b263fb3fcc03964b39902abd9d2137341
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6809d611176a31ae4b315f90c7b8693f66c912144bb793fc8cc72e18c191e68
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
b9dac894c5e8033a3e2345e44e325f1ce74278da4a3ea49564948a7e7a8097f5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb87c699f65695d1ca03ca6ea1bb004e74d362f3c40142f26c8356555609a046
be4e3fdf225cbce1694c7ba81350069e05f1f03fb941e4340b35de933845ddf5
bfa1ccb357d76b74f4c65aca3a3005b244bd74b5f65dd27d65aaddacf2678d14
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637
c1c27bae168b290fcb2b2fd66a3416715f2c10ff1b6c2c5eb815c059fe15bc37
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c
c64a9311d22ab66c7dd274f8d1e557ad97460b86c83d62f83cf9ae963cd23cda
c664dda5c6b8228087e2463f60c0364dec9e7bba804ec004c13ccb530710257f
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda
d1c4ba13f6c0a023cd186bb51fd7e23bfa5fa70c5c69e8ee3cc15921d31bc41a
d2208ae9f4ebb6f883ecc7d0b6b0e18333ad5ebd4241f17b167cd142012e8d58
d2520e1b2c6b1743aa9ddc88e28a44af1b69da06019fbaeefac488c06800406c
d2a6caf762ce2532ec1519ccb8f0e025956dcef0b0b93b746baaf330d263c3ef
d37ecc4f7725c2e06a39e8d1fdd05e353cc98cde5e8c304d5c6e6dac9c1c9bba
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
d6b9d70d57ae22041f49187f590e9bba1aeda7212173a3fbb6e86a3d8a75f905
d8963edab44a83d4b2f2a5b85d04a650c57ea5cb2b0ca7d022b8534fe4e3ff4c
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e0c9d8c4902557d8bcefcbf5610193a06e02fe8e104e8010f195dbeb75fa5890
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e426571309a827787f8a614c5000ce80fc14246c3db32656d1863ab98257140c
e44ad5f308fdc384d5dcc1061b79a6829debcfb79cb41f5cac26e7f9cd356a66
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e86e18664688b599cc9c128156abffa50b76b1d0c470e7bc23ee32ab13c02b32
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
eca48824a13b12bd6503bda806b0a66f2b0810fdc90796c0e763c3f934cee5a2
ecf1d23c6ccd9d7f6f7a32b023b86b44f31c516298e85e868b376e9b9f895f34
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef31b8f18ad9ade66ce7a4f771afd3722bdbf4cde2cc19075a44ecd34848715e
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f434bf312730ba34439d41f9840d29165bed8e57568a0bb7304b9e15b1441cc8
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f7d46570f9245cc2bf9eecf25b2db05ace9f862ec128f9be95cef2bad0bd42cd
f84964feb8603e67eeb83847bc5991febd87aa9cb36254488cf5eac28a9849ef
f8f7cfeaeceac7a3987e0bb743deb5698f4c3f8ca7d3f9694765d12748d616be
f9c4c506d1117169cbc38713778c753effbd1ef38a4ade913b62f721cc722242
fa5d800c79f373f6b5cc7730b262585832761ca3024892d08d95ea92c0138fa8
fb46df2a3c1b2d7931b8d5f0fef9ddd2b90ebe8620f823c0970b8971c6734ffc
fbeab58cf552a46188d89eabb959026e66d6af05c55f46e1bde64a4955ff4e76
fd6e3db2479b69fbd2d0ccc96a3eeb36a19a4cdaf6d104aadef571f451fe5976