www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.heraldsun.com.au/
Effective URL:
https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
Submission: On December 20 via api (December 20th 2021, 9:24:50 am UTC) from BE — Scanned from DE

Summary HTTP 269 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 75 IPs in 7 countries across 56 domains to perform 269 HTTP transactions. The main IP is 2.18.233.28, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2021. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 34	2.18.233.28 2.18.233.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 8	2.18.233.169 2.18.233.169	16625 (AKAMAI-AS) (AKAMAI-AS)
12	104.75.88.206 104.75.88.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
13	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2a04:fa87:fff... 2a04:fa87:fffd::c000:42d0	2635 (AUTOMATTIC) (AUTOMATTIC)
5	52.95.128.174 52.95.128.174	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:d400:1f:1414:da40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
1 3	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.111.230.77 104.111.230.77	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 5	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:4200:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
22	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	13.32.99.34 13.32.99.34	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.93 13.32.99.93	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.129.175 151.101.129.175	54113 (FASTLY) (FASTLY)
3	2600:9000:236... 2600:9000:236e:800:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.55 52.222.214.55	16509 (AMAZON-02) (AMAZON-02)
1 15	54.194.45.85 54.194.45.85	16509 (AMAZON-02) (AMAZON-02)
2	23.55.161.180 23.55.161.180	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:225... 2600:9000:2251:f000:4:77d:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.21.188.91 52.21.188.91	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
12	34.250.155.46 34.250.155.46	16509 (AMAZON-02) (AMAZON-02)
1	52.28.248.40 52.28.248.40	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.191.66 34.248.191.66	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.129 52.222.236.129	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.57 18.66.122.57	16509 (AMAZON-02) (AMAZON-02)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
2	18.66.96.113 18.66.96.113	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
3 6	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	34.249.212.247 34.249.212.247	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	54.72.156.114 54.72.156.114	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:6c00:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1 3	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 1	2620:112:f006... 2620:112:f006:bbbb::16	6336 (TURN-US-ASN) (TURN-US-ASN)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
10	2600:9000:223... 2600:9000:223f:3200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
19	35.163.200.178 35.163.200.178	16509 (AMAZON-02) (AMAZON-02)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	3.219.19.177 3.219.19.177	14618 (AMAZON-AES) (AMAZON-AES)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	199.127.207.191 199.127.207.191	26120 (RHYTHMONE) (RHYTHMONE)
1 1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	34.232.240.103 34.232.240.103	14618 (AMAZON-AES) (AMAZON-AES)
1	34.249.77.25 34.249.77.25	16509 (AMAZON-02) (AMAZON-02)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223e:f600:1e:9240:9c0:21	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
8 8	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
269	75

34 2.18.233.28 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com

www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mhr.talk.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.233.169 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-169.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.75.88.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-206.deploy.static.akamaitechnologies.com

resourcesssl.newscdn.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)

origin.go.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.95.128.174 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

news-networkeditorial.s3.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
news-networkeditorial.s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:d400:1f:1414:da40:93a1 (United States)

ASN16509 (AMAZON-02, US)

edition.pagesuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.181 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.23 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.230.77 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-77.deploy.static.akamaitechnologies.com

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:4200:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-34.fra60.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-93.fra60.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:236e:800:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-55.fra56.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.194.45.85 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.55.161.180 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-161-180.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:f000:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.188.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-188-91.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.250.155.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.248.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-248-40.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.191.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-129.fra56.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-57.fra60.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

ts2020-indies-client.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-96-113.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.87 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a8cb653677ecb1267e1d5f55ad274e54.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.212.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-212-247.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.156.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-156-114.eu-west-1.compute.amazonaws.com

secure-sdk.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:6c00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

8mqtjenkw9fv6tvn7yxl0djtgqlts1639992283.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.216 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f006:bbbb::16 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:223f:3200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 35.163.200.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-200-178.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.19.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-19-177.compute-1.amazonaws.com

a.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.191 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.240.103 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-240-103.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.77.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-77-25.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:f600:1e:9240:9c0:21 (United States)

ASN16509 (AMAZON-02, US)

d2n6ofw4o746cn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	486 KB
25	doubleclick.net 3 redirects ad.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net 8228261.fls.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	184 KB
23	googlesyndication.com pagead2.googlesyndication.com a8cb653677ecb1267e1d5f55ad274e54.safeframe.googlesyndication.com tpc.googlesyndication.com	90 KB
22	heraldsun.com.au 2 redirects www.heraldsun.com.au origin.go.heraldsun.com.au metrics.heraldsun.com.au	759 KB
17	taboola.com cdn.taboola.com trc.taboola.com am-trc-events.taboola.com pips.taboola.com cds.taboola.com	185 KB
15	demdex.net 1 redirects dpm.demdex.net newscorpau.demdex.net	19 KB
14	api.news content.api.news	176 KB
12	newscdn.com.au resourcesssl.newscdn.com.au	84 KB
10	adnxs.com 4 redirects acdn.adnxs.com secure.adnxs.com ib.adnxs.com	11 KB
9	google.com adservice.google.com www.google.com	1 KB
9	everesttech.net 9 redirects cm.everesttech.net sync-tm.everesttech.net	2 KB
9	news.com.au 1 redirects tags.news.com.au mhr.talk.news.com.au	201 KB
7	crazyegg.com script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com	29 KB
6	adsrvr.org 2 redirects js.adsrvr.org match.adsrvr.org insight.adsrvr.org	6 KB
6	imrworldwide.com cdn-gl.imrworldwide.com secure-sdk.imrworldwide.com 8mqtjenkw9fv6tvn7yxl0djtgqlts1639992283.nuid.imrworldwide.com	67 KB
5	googletagservices.com www.googletagservices.com	183 KB
5	amazonaws.com news-networkeditorial.s3.ap-southeast-2.amazonaws.com news-networkeditorial.s3-ap-southeast-2.amazonaws.com	62 KB
4	google.de adservice.google.de www.google.de	1 KB
4	tiqcdn.com tags.tiqcdn.com	21 KB
3	casalemedia.com 2 redirects ssum.casalemedia.com dsum-sec.casalemedia.com	3 KB
3	googleadservices.com www.googleadservices.com	45 KB
3	vidora.com assets.vidora.com a.vidora.com	6 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	22 KB
3	kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com	88 KB
3	newscorpaustralia.com login.newscorpaustralia.com	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	1rx.io 2 redirects sync.1rx.io	900 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	529 B
2	pubmatic.com 1 redirects image5.pubmatic.com image2.pubmatic.com	894 B
2	rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	453 B
2	linkedin.com 1 redirects px.ads.linkedin.com www.linkedin.com	1 KB
2	googletagmanager.com www.googletagmanager.com	78 KB
2	perfectmarket.com widget.perfectmarket.com	32 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	475 B
1	facebook.com www.facebook.com	1 KB
1	openx.net us-u.openx.net	274 B
1	cloudfront.net d2n6ofw4o746cn.cloudfront.net	3 KB
1	bluekai.com 1 redirects tags.bluekai.com	713 B
1	eyeota.net 1 redirects ps.eyeota.net	418 B
1	scanscout.com 1 redirects dt.scanscout.com	698 B
1	twitter.com analytics.twitter.com	674 B
1	turn.com 1 redirects d.turn.com	402 B
1	t.co t.co	471 B
1	mookie1.com au-gmtdmp.mookie1.com	610 B
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	web.app ts2020-indies-client.web.app	3 KB
1	chartbeat.net ping.chartbeat.net	201 B
1	newscgp.com au.tags.newscgp.com	48 KB
1	rlcdn.com ats.rlcdn.com	36 KB
1	chartbeat.com static.chartbeat.com	23 KB
1	fontawesome.com use.fontawesome.com	12 KB
1	ampproject.org cdn.ampproject.org	2 KB
1	pagesuite.com edition.pagesuite.com	53 KB
1	speedcurve.com cdn.speedcurve.com	6 KB
269	56

	Domain	Requested by
19	dt.adsafeprotected.com	www.heraldsun.com.au
19	www.heraldsun.com.au	2 redirects www.heraldsun.com.au
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
14	dpm.demdex.net	1 redirects www.heraldsun.com.au tags.news.com.au
14	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net www.heraldsun.com.au www.googletagservices.com
14	content.api.news	www.heraldsun.com.au
12	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.heraldsun.com.au
12	resourcesssl.newscdn.com.au	www.heraldsun.com.au ts2020-indies-client.web.app
10	static.adsafeprotected.com	pixel.adsafeprotected.com www.heraldsun.com.au
9	cdn.taboola.com	www.heraldsun.com.au cdn.taboola.com
8	sync-tm.everesttech.net	8 redirects
8	tags.news.com.au	1 redirects tags.tiqcdn.com au.tags.newscgp.com
6	www.google.com	securepubads.g.doubleclick.net www.heraldsun.com.au tpc.googlesyndication.com
6	secure.adnxs.com	3 redirects www.heraldsun.com.au
5	www.googletagservices.com	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
4	8228261.fls.doubleclick.net	2 redirects www.heraldsun.com.au
4	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
4	tags.tiqcdn.com	www.heraldsun.com.au tags.tiqcdn.com
4	trc.taboola.com	cdn.taboola.com www.heraldsun.com.au
3	www.google.de	www.heraldsun.com.au
3	ib.adnxs.com	1 redirects www.heraldsun.com.au
3	googleads.g.doubleclick.net	www.googleadservices.com
3	adservice.google.com	securepubads.g.doubleclick.net 8228261.fls.doubleclick.net
3	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com
3	cdn-gl.imrworldwide.com	tags.news.com.au cdn-gl.imrworldwide.com
3	login.newscorpaustralia.com	www.heraldsun.com.au login.newscorpaustralia.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.heraldsun.com.au
3	news-networkeditorial.s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au resourcesssl.newscdn.com.au
2	sync.1rx.io	2 redirects
2	sync.search.spotxchange.com	1 redirects
2	ssum.casalemedia.com	2 redirects
2	insight.adsrvr.org	js.adsrvr.org
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	1 redirects
2	secure-sdk.imrworldwide.com	www.heraldsun.com.au
2	www.googletagmanager.com	secure-ds.serving-sys.com
2	js.adsrvr.org	secure-ds.serving-sys.com
2	metrics.heraldsun.com.au	tags.news.com.au www.heraldsun.com.au
2	assets.vidora.com	www.heraldsun.com.au assets.vidora.com
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	nebula-cdn.kampyle.com	tags.tiqcdn.com nebula-cdn.kampyle.com
2	am-trc-events.taboola.com	www.heraldsun.com.au
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	news-networkeditorial.s3.ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	sync.targeting.unrulymedia.com	1 redirects
1	www.facebook.com
1	image2.pubmatic.com
1	us-u.openx.net
1	dsum-sec.casalemedia.com
1	pixel.rubiconproject.com
1	udc-neb.kampyle.com
1	d2n6ofw4o746cn.cloudfront.net
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	ps.eyeota.net	1 redirects
1	dt.scanscout.com	1 redirects
1	image5.pubmatic.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	a.vidora.com	assets.vidora.com
1	token.rubiconproject.com	www.heraldsun.com.au
1	d.turn.com	1 redirects
1	t.co	www.heraldsun.com.au
1	www.linkedin.com	www.heraldsun.com.au
1	px.ads.linkedin.com	1 redirects
1	8mqtjenkw9fv6tvn7yxl0djtgqlts1639992283.nuid.imrworldwide.com	www.heraldsun.com.au
1	tracking.crazyegg.com	script.crazyegg.com
1	a8cb653677ecb1267e1d5f55ad274e54.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	au-gmtdmp.mookie1.com	www.heraldsun.com.au
1	acdn.adnxs.com	www.heraldsun.com.au
1	snap.licdn.com	www.heraldsun.com.au
1	static.ads-twitter.com	www.heraldsun.com.au
1	ts2020-indies-client.web.app	www.heraldsun.com.au
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	ping.chartbeat.net	www.heraldsun.com.au
1	cdn.adsafeprotected.com	tags.news.com.au
1	au.tags.newscgp.com	tags.tiqcdn.com
1	ats.rlcdn.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	ad.doubleclick.net	tags.tiqcdn.com
1	mhr.talk.news.com.au	www.heraldsun.com.au
1	use.fontawesome.com	cdn.taboola.com
1	cdn.ampproject.org	www.heraldsun.com.au
1	edition.pagesuite.com	www.heraldsun.com.au
1	origin.go.heraldsun.com.au	www.heraldsun.com.au
1	cdn.speedcurve.com	www.heraldsun.com.au
269	95

This site contains links to these domains. Also see Links.

Domain
www.plusrewards.com.au
myaccount.heraldsun.com.au
www.escape.com.au
supercoach.heraldsun.com.au
tips.com.au
www.runforthekids.com.au
www.dailytelegraph.com.au
www.newsletters.news.com.au
www.realestate.com.au
www.braingains.com.au
www.facebook.com
www.twitter.com
www.instagram.com
heraldsun.com.au
myaccount.news.com.au
www.newscorpaustralia.com
www.newsphotos.com.au
www.newsconcierge.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.news.com.au
www.theaustralian.com.au
www.themercury.com.au
www.geelongadvertiser.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.townsvillebulletin.com.au
www.thechronicle.com.au
www.ntnews.com.au
www.weeklytimesnow.com.au
www.codesports.com.au
www.buysearchsell.com.au
leader.local.heraldsun.com.au
www.foxsports.com.au
www.foxtel.com.au
hipages.com.au
kayosports.com.au
www.mytributes.com.au
www.punters.com.au
www.odds.com.au
www.racenet.com.au
www.skynews.com.au
apps.apple.com
play.google.com
preferences.news.com.au
vip.wordpress.com

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2021-02-25` - `2022-02-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-12` - `2022-11-13`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
origin.go.heraldsun.com.au R3	`2021-11-09` - `2022-02-07`	3 months	crt.sh
*.s3-ap-southeast-2.amazonaws.com Amazon	`2021-03-26` - `2022-03-25`	a year	crt.sh
edition.pagesuite.com Amazon	`2021-10-18` - `2022-11-15`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
au.tags.newscgp.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2021-04-28` - `2022-05-03`	a year	crt.sh
*.vidora.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
metrics.heraldsun.com.au DigiCert TLS RSA SHA256 2020 CA1	`2021-06-15` - `2022-07-16`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
web.app GTS CA 1D4	`2021-12-02` - `2022-03-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
vidora.com R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
Frame ID: 1D9ED827DA3CE459B68CA118BAACB20E
Requests: 159 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=1bGtUvqCZIa-OPzDO05kzRYCLJ2PZnOJ&nonce=850dhtgk0UQvwNYmGqOt5Cb0kTe1.wSl&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
Frame ID: 4079F35E0D49D479445ADD2B9B2A6B8F
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: CC9D835205EA11176C478AE61DEC28A3
Requests: 22 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 77FC25FB5605467242B19416DCDC5883
Requests: 3 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 2E96423D98AD5D1D2942D523B65177E4
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 8AABD3C47CA968D667A0A6F55DD8FBA4
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 9B616953BA0F74E38213C514C867E506
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 6EA10C6C5027B4D5D71F91A659676CC7
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 79371C7529EAECE4BB369AE5D1F9724B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: E5C84389F00FF710353E42B185ADA1F8
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPvc_KuH8vQCFVqU1QodJOIBmw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7112928836627.219
Frame ID: 503C5940F6863DCF06D6EF99EB0A5668
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSN_auH8vQCFS0fBgAd_l8KVA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8369718173801.779
Frame ID: F544631A8BE678B635415C51ACC5584E
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 5B1FD57386C1DBC5C439FAEFB8D60689
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 25130EA520D279EE04CCCA1316A05E7A
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 3CF4144E194F7C6977FD7E682C2C9E98
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: B2BE436DFEA5BEE51F3F024878E8C516
Requests: 1 HTTP requests in this frame

Frame: https://a8cb653677ecb1267e1d5f55ad274e54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 38CED666D62463F7D68C19C813CFB469
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM6ehyngKXWMuUclj5b5bTYaTfxVx31w0m-qkR8Om2BK5hxEdAZhnbqbsRUPVa9gqGejZmq6P7RCV-oqkgTTMeblFvqS04fTZdlbOiAXEQytmxOkBY0VsVs7KkuTD2twprP7fJtSRYLe8MPQmxmfULnUBwKL0biPUv6aXiHZ7sGf26-zbpqrjUb-mxXhVia2E8cY0a9F0fgcQF-iMaFSEvyH4h-Ck_lB0IBbURUCbKaNWkdaZhTPzzQ6fGCoGd8lJ3y_hQTm75sW8o56RNqKEveEDzZh6cX6jgZJ6V-tmvemmcigCUMsXm-xBK&sai=AMfl-YQUxWoBrCLoESI21u86x6s_l_nEPEq-CLAnEkS5D-b4Zx-FDzkPFX6lld1_7GE2jPrH-pksMAzXc1fN&sig=Cg0ArKJSzMFpyttrhL3NEAE&uach_m=[UACH]&adurl=
Frame ID: EF77A24A4BAB690A872EC32AE9E0CBC0
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuTeKBWFMGhEz1pJqt9nAQ86kQR-Z0_xJfh0iZ2IO-PAcM6FwT6h5KTLW8vD1zYbkeQZz-V9i9smX1U27hUqzmCcZzKURF0WUqxGc21qjJQoB4Kpc4WbR9_PVc6nHNgdsHqJ1EQ4JLOiIxjpqqOKmlen2XHOgi_wskOBsxPLJYFpsRrXlwUlezlfabeGZ4tKTVR2z8J-YuYpd6F8YOriyZGbsYJhW6R1BPC-keGz6GV4S5xWdVMMVEudwP0WJcxJE1ffR1eGH-ZajT6N3vIGHu4i-hnswZuEtG0h-Ionfq1KXPSHTJVc_SeMFm&sai=AMfl-YQGqmfHp7tpxln4VmGPoy9MVeX-qD2zIuSOKdHbUdxuSPzWOvReshtWwI8U-HFhU2znJtpoRCPqXm-e&sig=Cg0ArKJSzA8Ssgh6bpgnEAE&uach_m=[UACH]&adurl=
Frame ID: 667A783679763693AC5A6F06BE265D7B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYE4JQ6u9ikBgbF99R7cwtRJlLC42o5N5L07urO4EqrUHDq-wiNmgr5sfYKaOwP6kiF9m-rmiURfsK2CD0l9-CKXR8hBCtW6vfNldnSbufybIWAhy_2fb7Aa-n2UVw1DNBSO_CUzlv36osFnvur2dAZCv35uinZkobFu3Jy2plAQ0MLpSjYR27vgDeDEyhqKx2ihfQi8xD6YWyJ5QESBam-PvZwiZ_e2h3ZUhEszLzpPPjOxCKNXvbRNGJqb-tY9hbttj4lXgj7u1ThtcN9RIVNIwuVt6Zg_1xALl-Tsawek_TmCFU4UMJ6P6l&sai=AMfl-YTZQcdDsePV6W1SHULl8tlJtvk6fbPB4SUXZ_PvgoQmjdKxVL2MrTN0_JOCUkkF9VbeNZvR5onavBaY&sig=Cg0ArKJSzIdeJGZbgpI1EAE&uach_m=[UACH]&adurl=
Frame ID: 8B814C44B8372DC5982D50F76542CEE9
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu721YTykHxrKZtcZ-AIPUXc9UVU54hdW-usvhGyeDReZ4Mizf1ywW6huj4Z_EZkkG6nTc0HWM-TASx3fOmTXFoIqF-ng9tdbXVzCuBHLn-IQrvRMgrFqb47AlPEa9-3hXZPvCObsojzIF-y_NiH9HumuXQy-axW-XElwxeIr6TaCnhUifLAgmftJiSPNLZnR3XvA8XdpNLig5RZVSNBBVSCmPRq6qWtKZ4v7A4CIKtEBGXgLOXfCtvKWedtKO2yn8wLwa2vpQ_yDVdegSaxlsFyU7FP79JrAGwgV4pGJ884slF9X2yqdycWbIR&sai=AMfl-YSqeOmdGH5Qx4hUPksjjQXgllTLM_NCW58LSoJDuVM5J8eOu9-JsqvTbOKjnj1gIO4-rRZUzivYJrGp&sig=Cg0ArKJSzBN0O_jlnznKEAE&uach_m=[UACH]&adurl=
Frame ID: 0F2020A9F977CB4FADB3FAC68F0B55D2
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTo3PXx_TvA-RnELHYbagjifkG1y2kkCwgzkZAsaXLSCZB17P8f8Uq3I1hNOXw2It31tYBs0fMNIpNXTguJfAK4GhXGgINs9qLnU38AHZfNcXQL_nu-t3T7rYRitR5dshD1KTxr5bS3ARG8XPH8AZDl8CDjr0SIDG3jyCRWBqLjPa4Nil2SSV1SHcHcvs-ah21o0lO5ytUKTFTsw1QEdFzSi7fVGn5JzkpG9xw0WvrUpWHUGfnjcQs0XXnyFnAjc5BJwxc7dWV_T_cdyC0FmO8RvdMvsq7Bl9qfq6XorTLWLUZ3yC4hKJpdaMv&sai=AMfl-YQdZJxuenj0f7O0xVEPj43DsdDy85UpupjcCV6SFnBMLsznFSiOTDzve_s997IMelQICKIGDIYTHKu3&sig=Cg0ArKJSzO3Y5PS9c9q8EAE&uach_m=[UACH]&adurl=
Frame ID: E431BDBD6BFC02F11E693C5E253414E8
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=363924643&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f5-6176-11ec-a725-02c390e9b11a
Frame ID: 376F3F1D2A07519A4B1EE62F8F408EC1
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234143368&pubOrder=305536031&cb=1551662581&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f7-6176-11ec-a725-02c390e9b11a
Frame ID: CDE01B0B6CF999BFB99AA64FD7040EDF
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=448065051&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f6-6176-11ec-a725-02c390e9b11a
Frame ID: 2090949C8A66CD643952BC7787727EC2
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1899090152&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f8-6176-11ec-a725-02c390e9b11a
Frame ID: CB470B685FE6B1943A16ABDA0349D1C2
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=2106239756&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f9-6176-11ec-a725-02c390e9b11a
Frame ID: 854F786733E4E05D8E33028DA65521E2
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: AA8C5D09FDBBA525ED39F5C8206B11FE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: A49F8550590FEA3BC84AB3C06E96ADE4
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: B17DFFBDB6C937913068E3EE8E0428DC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: FEA8F6A1F6C253C3D70F10207E8F899B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 034D4C313289342FBA9AABE8F3562099
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 44870C61B2924F2F197B175C8FC8C0FC
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: DD04AA67EC55033DC7CE51E6389B7D7B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3609426ED360312A70E3794AEDBF3F69
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EFDF4C0DD0CE6225E178F8BA7964456B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

http://www.heraldsun.com.au/ HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&163... HTTP 302
https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

269
Requests

90 %
HTTPS

31 %
IPv6

56
Domains

95
Subdomains

75
IPs

7
Countries

3032 kB
Transfer

8493 kB
Size

80
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://www.plusrewards.com.au/heraldsun/offers
Title: Rewards

Search URL Search Domain Scan URL

URL: https://myaccount.heraldsun.com.au/s
Title: My account

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/
Title: Travel

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/afl
Title: SuperCoach AFL

Search URL Search Domain Scan URL

URL: http://tips.com.au/afl/?source_code=HSWEB_TIP1271
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/bbl
Title: SuperCoach BBL

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/racing
Title: SuperCoach Racing

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/nrl
Title: SuperCoach NRL

Search URL Search Domain Scan URL

URL: https://tips.com.au/nrl/
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://www.runforthekids.com.au/

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/education-new-south-wales/2022-back-to-school-covid-rules-how-nsw-education-will-change/news-story/7fd52abfa07287a2816b5410175bced3

Search URL Search Domain Scan URL

URL: https://www.newsletters.news.com.au/heraldsun

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/top-lists/14-best-plane-paint-jobs-ever-from-the-hilarious-to-the-brilliant/image-gallery/caff6374835e25db4a2b355801661ca7

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/destinations/australia/victoria/wilsons-promontory-the-coastal-wilderness-that-australians-are-bonkers-about/news-story/41bb269cb5ec2cff0a46990b2b0e8751
Title: Why this beach spot sends Aussies bonkers

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/top-lists/tourism-australias-top-10-instagram-posts-of-2021/news-story/e24720ef57424c1197482cdaf6cd9e3d?galleryimage=6
Title: Hilarious photo the world went nuts for

Search URL Search Domain Scan URL

URL: https://www.braingains.com.au/
Title: Brain GainsAustralia’s best puzzles in one app

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heraldsun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/theheraldsun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldsunphoto

Search URL Search Domain Scan URL

URL: http://heraldsun.com.au/help-rss

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_GCRACA_W52&hideRegistrationTnC=true
Title: Group/Corporate subscriptions

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/careers
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_SDO_SDO5A_M01
Title: Subscription terms

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_LAPP_17A_W04#subscribe
Title: App only subscription terms

Search URL Search Domain Scan URL

URL: http://www.newsphotos.com.au/C.aspx?VP3=CMS3&VF=Home
Title: Photo Sales

Search URL Search Domain Scan URL

URL: https://www.newsconcierge.com.au/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: The Daily Telegraph

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: The Courier Mail

Search URL Search Domain Scan URL

URL: http://www.adelaidenow.com.au/
Title: The Advertiser

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: The Australian

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: The Mercury

Search URL Search Domain Scan URL

URL: https://www.geelongadvertiser.com.au/
Title: Geelong Advertiser

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: The Cairns Post

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: Gold Coast Bulletin

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: Townsville Bulletin

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: The Chronicle

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: NT News

Search URL Search Domain Scan URL

URL: https://www.weeklytimesnow.com.au/
Title: The Weekly Times

Search URL Search Domain Scan URL

URL: https://www.codesports.com.au/
Title: CODE Sports

Search URL Search Domain Scan URL

URL: https://www.buysearchsell.com.au/
Title: Buy Search Sell Classifieds

Search URL Search Domain Scan URL

URL: http://leader.local.heraldsun.com.au/
Title: Find Your Local

Search URL Search Domain Scan URL

URL: http://www.foxsports.com.au/
Title: Foxsports

Search URL Search Domain Scan URL

URL: https://www.foxtel.com.au/index.html
Title: Foxtel

Search URL Search Domain Scan URL

URL: https://hipages.com.au/
Title: Hipages

Search URL Search Domain Scan URL

URL: https://kayosports.com.au/
Title: Kayo

Search URL Search Domain Scan URL

URL: https://www.mytributes.com.au/
Title: My Tributes

Search URL Search Domain Scan URL

URL: https://www.punters.com.au/
Title: Punters

Search URL Search Domain Scan URL

URL: https://www.odds.com.au/
Title: odds.com.au

Search URL Search Domain Scan URL

URL: https://www.racenet.com.au/
Title: racenet.com.au

Search URL Search Domain Scan URL

URL: https://www.skynews.com.au/
Title: Sky News

Search URL Search Domain Scan URL

URL: https://www.news.com.au/coupons
Title: Coupons

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/herald-sun/id392582225

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newscorp.heraldsun

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##collect
Title: Find out more about our policy and your choices, including how to opt-out.

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##optout
Title: Relevant ads opt-out

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.heraldsun.com.au/ HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1639992272209318987 HTTP 302
https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1639992282880&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639992282880&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=

Request Chain 77

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1639992283099 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1639992283099

Request Chain 99

https://cm.everesttech.net/cm/dd?d_uuid=45079665630853389200481573138334814669 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YcBL2wAAAKfH-QP7

Request Chain 115

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7112928836627.219 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPvc_KuH8vQCFVqU1QodJOIBmw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7112928836627.219

Request Chain 116

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8369718173801.779 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSN_auH8vQCFS0fBgAd_l8KVA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8369718173801.779

Request Chain 120

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Request Chain 121

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Request Chain 122

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

Request Chain 140

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1639992283823&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1639992283823%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue

Request Chain 165

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7197960770900258331

Request Chain 174

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3720652418440280106

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDUwNzk2NjU2MzA4NTMzODkyMDA0ODE1NzMxMzgzMzQ4MTQ2Njk= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEG9sAxXN1B0myjThF8pDbDE&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 221

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=066f7b0a-b8d1-45ae-a60d-520db3c3de29

Request Chain 234

https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s

Request Chain 235

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YcBL3Ikuic8RzQgylPdwlQAA%261203

Request Chain 237

https://dt.scanscout.com/ssframework/uid?UIAA=45079665630853389200481573138334814669&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-efd39f36c7da881d1b96ead858fdc4e5

Request Chain 240

https://ps.eyeota.net/match?bid=6j5b2cv&uid=45079665630853389200481573138334814669&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 245

https://usermatch.krxd.net/um/v2?partner=adobe&id=45079665630853389200481573138334814669 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=45079665630853389200481573138334814669

Request Chain 246

https://tags.bluekai.com/site/43981?id=45079665630853389200481573138334814669&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Request Chain 256

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWNCTDJ3QUFBS2ZILVFQNw==

Request Chain 259

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YcBL2wAAAKfH-QP7&expires=90

Request Chain 264

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YcBL2wAAAKfH-QP7

Request Chain 266

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YcBL2wAAAKfH-QP7

Request Chain 267

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YcBL2wAAAKfH-QP7

Request Chain 268

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcBL2wAAAKfH-QP7

Request Chain 269

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YcBL2wAAAKfH-QP7&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YcBL2wAAAKfH-QP7&img=1&__user_check__=1&sync_id=abe858d5-6176-11ec-820e-1348667f0206

Request Chain 270

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YcBL2wAAAKfH-QP7&t=2592000&o=0

Request Chain 272

https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1639992286249 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fe6e3ae6-e44c-4eca-8ded-b15548a64569-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-fe6e3ae6-e44c-4eca-8ded-b15548a64569-003 HTTP 302
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-fe6e3ae6-e44c-4eca-8ded-b15548a64569-003

269 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldsun.com.au/
Redirect Chain

http://www.heraldsun.com.au/
https://www.heraldsun.com.au/
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1639992272209318987
https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

439 KB
77 KB

9538ms
9538ms

Document
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

061fc4b950f18d9655cb0cf4f2eb727bb779cd5ab9c250240694faa43fe1d464

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
content-type: text/html; charset=UTF-8
x-powered-by: WordPress VIP <https://wpvip.com>
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
x-opw: 4
x-bpath: OLD
x-arrrg4
x-arrrg5: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d0e5a29226c90c064e2cdc92144f8c525-1639992272&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=0e5a29226c90c064e2cdc92144f8c525
blaizehappened: true
x-rq: ewr4 0 2 9980
x-xss-protection: 1
x-content-type-options: nosniff
host-header: a9130478a60e5f9135f765b23f26593b
x-akamai-transformed: 9 449095 0 pmb=mTOE,4
content-encoding: gzip
expires: Mon, 20 Dec 2021 09:24:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 20 Dec 2021 09:24:42 GMT

Redirect headers

server: AkamaiNetStorage
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "d983fed02a23590126769ebc3c0f82d9:1638256900.718606"
cache-control: max-age=1245
date: Mon, 20 Dec 2021 09:24:32 GMT

GET
H2 200 charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 47ms
14ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 03A09A05F9B00284
etag: "c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=339026
accept-ranges: bytes
content-length: 11472
x-amz-id-2: 7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
expires: Fri, 24 Dec 2021 07:35:08 GMT

GET
H2 200 charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 12 KB
12 KB 67ms
34ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: D2D8C5FED1731C4D
etag: "ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=151134
accept-ranges: bytes
content-length: 12052
x-amz-id-2: F9ZHKgAnBk09tWfFGtJVkR2NpeEYeYl5A6ryw0e+c/gLQAp04Rx16nC+dsFJTTAPIb4D0qyY0Bg=
expires: Wed, 22 Dec 2021 03:23:36 GMT

GET
H2 200 charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 12 KB
12 KB 77ms
44ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: EE3D21683166F96F
etag: "da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=471094
accept-ranges: bytes
content-length: 12440
x-amz-id-2: BGzA4H6MhiNFsVMRHnDid7w0RneCV9f+L69FdEMmbqtC5J6BXqShCVeo7uP6Jum7BVtWfb2VAeI=
expires: Sat, 25 Dec 2021 20:16:16 GMT

GET
H2 200 charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
11 KB 85ms
53ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 4N2W2Y6HDY8Z3Q2W
etag: "29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=219126
accept-ranges: bytes
content-length: 11372
x-amz-id-2: Z1HhaEEhR+4SW45rFV+SZJ/QiklrgDUhrbvWmFxzzpa1Kifm2MvbbI9Ateo09sYRHNLYlfgsmGM=
expires: Wed, 22 Dec 2021 22:16:48 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 55 B
681 B 138ms
138ms Stylesheet
text/css 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 74
x-rq: bom2 0 2 9980
last-modified: Tue, 30 Nov 2021 03:05:49 GMT
server: nginx
etag: "61a5950d-37"
vary: User-Agent
content-type: text/css
cache-control: max-age=50
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 20 Dec 2021 09:25:32 GMT

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 17 KB
6 KB 50ms
13ms Script
application/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: f11311a0c8bd8b60421e3278c2af6945e5259b36306a04f20dd638de12225cb6

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
via: 1.1 vegur, 1.1 varnish
age: 3539
x-cache: HIT
x-cache-hits: 8
content-encoding: gzip
content-length: 6250
x-served-by: cache-fra19157-FRA
last-modified: Mon, 20 Dec 2021 08:25:43 GMT
server: Apache
x-timer: S1639992282.371434,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Dec 2021 08:25:43 GMT

GET
H2 200 ipad-interface.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 2 KB
2 KB 154ms
153ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3a4dee8e2cad1c820f3b4b97f62dddc491ea2274483947b4878b33354334a4b6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 958
x-rq: ewr4 0 2 9980
last-modified: Mon, 13 Dec 2021 05:26:51 GMT
server: nginx
etag: W/"61b6d99b-879"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 200 js-critical-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 7 KB
3 KB 156ms
155ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=16

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1d09498d082b381c57dda251260cef7705d68b9321e4e5c5a8eee6bc98d58799

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 2687
x-rq: ewr4 0 2 9980
last-modified: Mon, 13 Dec 2021 05:26:51 GMT
server: nginx
etag: W/"61b6d99b-1a13"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=8
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 20 Dec 2021 09:24:50 GMT

GET
H2 200 1d572b4c Show response
www.heraldsun.com.au/akam/11/ 32 KB
12 KB 1193ms
1192ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/akam/11/1d572b4c

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

40a787b8c9f633d795ab50c5a4c23c8847f80c1994d99893cfacc49da7215932

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
etag: "2078ad4c6661b23379f471b06a7e22d8d9259e815e2461f27e1ef53f775a30d8"
is-https: true
x-arrrg4: https://www.heraldsun.com.au/
x-opw: 4
content-length: 10395
pragma: no-cache
x-bpath: OLD
blaizehappened: true
date: Mon, 20 Dec 2021 09:24:43 GMT
vary: User-Agent, Accept-Encoding
content-type: application/javascript
expires: Mon, 20 Dec 2021 09:24:43 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg5: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f11%2f1d572b4c&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=1d572b4c&session=0e5a29226c90c064e2cdc92144f8c525
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 265 KB
37 KB 234ms
208ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d03c884b8d4766d0b2639feef65acf36b86e32451fa9406130eb5ee961708307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: cHeSoo5TIKUMJt6GvBsRIYKB1w1iZbKx
content-encoding: gzip
etag: "42f153e98ca80032d70d21ba54ca49d4"
age: 0
x-cache: HIT
content-length: 37199
x-amz-id-2: tmf8NyRCV3joQyk6f5eK8pP0BYofAxW+TqcLLWl5lCnYm7qJCCZhd3SAj/3EVcRUHw9qRTfbPyY=
x-served-by: cache-fra19183-FRA
last-modified: Sun, 19 Dec 2021 10:45:30 GMT
server: AmazonS3
x-timer: S1639992282.357599,VS0,VE194
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: Accept-Encoding
x-amz-request-id: 8TE2E53SE4AK8ZZ2
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 43
x-cache-hits: 1

GET
H2 200 heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
4 KB 55ms
54ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 3055
x-rq: ewr4 0 2 9980
last-modified: Thu, 09 Dec 2021 04:33:51 GMT
server: nginx
etag: W/"61b1872f-1f69"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1890719
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 11 Jan 2022 06:36:41 GMT

GET
H2 200 442b63fb86dca5dcc349cbc9cf9e3b44
content.api.news/v3/images/bin/ 15 KB
15 KB 151ms
140ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/442b63fb86dca5dcc349cbc9cf9e3b44?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b6610df5e9c8e4008b9bec141a2c24f11d1d52052afe5a9196f1fbf6bb3bced5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: 442b63fb86dca5dcc349cbc9cf9e3b44
date: Mon, 20 Dec 2021 09:24:42 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 6fd19a70a6125903472ff8b881f1277b-442b63fb86dca5dcc349cbc9cf9e3b44-650
x-serial: 1199
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5181756
last-modified: Mon, 20 Dec 2021 08:45:25 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 15208
expires: Fri, 18 Feb 2022 08:47:18 GMT

GET
H2 200 cbf7a2cc748a167d41ced167cd5c0976
content.api.news/v3/images/bin/ 3 KB
3 KB 137ms
127ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/cbf7a2cc748a167d41ced167cd5c0976?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c33d204609950d7776b0cf914918e1639cda7484e9b4d30cc0f36552dd2a797c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: cbf7a2cc748a167d41ced167cd5c0976
date: Mon, 20 Dec 2021 09:24:42 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: f3a0a655aca792b819df668c84d8527e-cbf7a2cc748a167d41ced167cd5c0976-150
x-serial: 889
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5175559
last-modified: Mon, 20 Dec 2021 07:06:18 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 2788
expires: Fri, 18 Feb 2022 07:04:01 GMT

GET
H2 200 76560f99cab437e3a5742e8c637adf17
content.api.news/v3/images/bin/ 5 KB
5 KB 152ms
141ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/76560f99cab437e3a5742e8c637adf17?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 244501c614c821bb9cf25b63449f508ae760c4da91e9a2bf3a7992e89f69ebad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: 76560f99cab437e3a5742e8c637adf17
date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Mon, 20 Dec 2021 09:02:18 GMT
server: Akamai Image Manager
etag: 354d5d7815915c8e4ec18d6c4a27b3e5-76560f99cab437e3a5742e8c637adf17-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5182638
access-control-allow-headers: x-newsapi-api-key
content-length: 5027
expires: Fri, 18 Feb 2022 09:02:00 GMT

GET
H2 200 10635be73c1b0b6871c1c2ac116382fc
content.api.news/v3/images/bin/ 5 KB
5 KB 180ms
169ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/10635be73c1b0b6871c1c2ac116382fc?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 07d41c1631de9e00ae154319eaa44dfcff558e41f32dbf2191c76248b558d589

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: 10635be73c1b0b6871c1c2ac116382fc
date: Mon, 20 Dec 2021 09:24:42 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 99f796441db0b304542634aece40b64a-10635be73c1b0b6871c1c2ac116382fc-150
x-serial: 198
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5165078
last-modified: Mon, 20 Dec 2021 04:09:40 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 5070
expires: Fri, 18 Feb 2022 04:09:20 GMT

GET
H2 200 2285d869e64e9c14353fb6a9f4340f48
content.api.news/v3/images/bin/ 5 KB
6 KB 188ms
178ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/2285d869e64e9c14353fb6a9f4340f48?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a1f40a2fd70e16fac6728f64fd507a59b25ce6249a744ba90bf739843ce8c64e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: 2285d869e64e9c14353fb6a9f4340f48
date: Mon, 20 Dec 2021 09:24:42 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 64612b737a14dabcdf62091538dcf7e0-2285d869e64e9c14353fb6a9f4340f48-150
x-serial: 906
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5164740
last-modified: Mon, 20 Dec 2021 04:03:51 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 5350
expires: Fri, 18 Feb 2022 04:03:42 GMT

GET
H2 200 b63549bd8400baf4a1cdbf9e30e88ed8
content.api.news/v3/images/bin/ 39 KB
40 KB 143ms
133ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/b63549bd8400baf4a1cdbf9e30e88ed8?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c2ab5ebff680dd94f0f5a854ea4c37e42d220eed57e18bea51b7f10a764b3ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: b63549bd8400baf4a1cdbf9e30e88ed8
date: Mon, 20 Dec 2021 09:24:42 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: d88ef2a7422a9285d2897deaa40b9e56-b63549bd8400baf4a1cdbf9e30e88ed8-650
x-serial: 1441
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5177558
last-modified: Mon, 20 Dec 2021 07:38:30 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 40156
expires: Fri, 18 Feb 2022 07:37:20 GMT

GET
H2 200 8a374063af045f3c1525e1a1585a6927
content.api.news/v3/images/bin/ 37 KB
37 KB 50ms
49ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/8a374063af045f3c1525e1a1585a6927?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e6aa24d28e49875e742ba7ed22eab98f6d2281073b9ba23fc58bacabb2d01a65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: 8a374063af045f3c1525e1a1585a6927
date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Mon, 20 Dec 2021 07:30:03 GMT
server: Akamai Image Manager
etag: 3cce0e0317de639d713ed8c68d1487fd-8a374063af045f3c1525e1a1585a6927-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5177021
access-control-allow-headers: x-newsapi-api-key
content-length: 37864
expires: Fri, 18 Feb 2022 07:28:23 GMT

GET
H2 200 BOB_Image_350x197_Rewards.png
origin.go.heraldsun.com.au/wp-content/uploads/2021/12/ 31 KB
31 KB 82ms
8ms Image
image/webp 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.heraldsun.com.au/wp-content/uploads/2021/12/BOB_Image_350x197_Rewards.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 851688d85f7a4451cc946d3ee4834e88291612d91f3b483ee816224ca11d0c5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
x-rq: hhn2 109 28 443
last-modified: Wed, 15 Dec 2021 21:56:10 GMT
server: nginx
etag: "5fe605df1cec34ba"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 31806
expires: Thu, 15 Dec 2022 21:56:10 GMT

GET
H/1.1 200
OK rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 28 KB
28 KB 1107ms
288ms Image
image/png 52.95.128.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.128.174 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 09:24:44 GMT
Last-Modified: Thu, 09 Sep 2021 21:17:00 GMT
Server: AmazonS3
x-amz-request-id: 68TE6MPZ2PF1YE0S
ETag: "731035d55715734eff2f2a0f9afb31e7"
Content-Type: image/png
x-amz-version-id: fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Accept-Ranges: bytes
Content-Length: 28648
x-amz-id-2: l0sJp7+QBfIVos3xLu1VTVhxYpxJexB/9ci4VsJu6hFfDC2KZNJdu//TDkVc4+nR4KR8mVfE6gY=

GET
H/1.1 200
OK games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 4 KB
5 KB 1131ms
310ms Image
image/svg+xml 52.95.128.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.128.174 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 09:24:44 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: 68TCJSC1NA7NW7V1
ETag: "2fa79b1c302fa407df95b287a47e01bc"
Content-Type: image/svg+xml
x-amz-version-id: mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges: bytes
Content-Length: 4533
x-amz-id-2: UE9SjPf3HXPcdrURR6ZqOXXuGQv86opcx4h4xOMHKYPkvd1R/Lt7NO5VGzlyKbpyt871+q/muog=

GET
H/1.1 200
OK horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 9 KB
9 KB 1111ms
309ms Image
image/svg+xml 52.95.128.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.128.174 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 09:24:44 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: 68T0PJDK8QGE6KS8
ETag: "e9dc4230a2305a0cb7743e2ade763349"
Content-Type: image/svg+xml
x-amz-version-id: NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Accept-Ranges: bytes
Content-Length: 9223
x-amz-id-2: bEiTo/y9KMxP/ez3ypgvcpBgemVO6GeuSGJP/wCPQd1K3vUWEP7GdqHKhJ6xjOPnsSicgiRN6tw=

GET
H/1.1 200
OK braingains.svg
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 17 KB
17 KB 1125ms
318ms Image
image/svg+xml 52.95.128.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/braingains.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.128.174 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 09:24:44 GMT
Last-Modified: Wed, 15 Dec 2021 03:04:45 GMT
Server: AmazonS3
x-amz-request-id: 68T7XTDP0MFJB0AS
ETag: "a5e3e51d1e5816755ebf71f5ea933857"
Content-Type: image/svg+xml
x-amz-version-id: BSPbSueNKMvcQ7CCwOmuub6mQNodfiBJ
Accept-Ranges: bytes
Content-Length: 17305
x-amz-id-2: 5bb7tSlPX+X4BHmnf7tnIDR9YIu9S/WGk8nk9+O0qB6gRH2uyRQk+J0uNNki5nsMbIMmshnH0sk=

GET
H2 200 get_image.aspx
edition.pagesuite.com/ 52 KB
53 KB 69ms
12ms Image
image/jpeg 2600:9000:223e:d400:1f:1414:da40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edition.pagesuite.com/get_image.aspx?pbid=38d72c05-d55e-479e-a6ea-985d57be1901&h=400
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:d400:1f:1414:da40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7f27629c3d695f6e831f2e2a1fd845c27e4e14dda7f18968f41d11b7cc9e4e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:10:14 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified: Sun, 19 Dec 2021 16:19:32 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
age: 868
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: private
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: G0rh6WUBVIj1zSgn3-utrAiTG9F8Om1L5DfcMFxdeccuHt4NOYXJ7g==

GET
H2 200 heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
3 KB 107ms
107ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 2891
x-rq: ewr4 0 2 9980
last-modified: Mon, 29 Nov 2021 02:22:27 GMT
server: nginx
etag: W/"61a43963-1e5e"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1186007
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 03 Jan 2022 02:51:29 GMT

GET
H2 200 amp-story-player-v0.css
cdn.ampproject.org/ 1 KB
2 KB 73ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 433
x-xss-protection: 0
server: sffe
date: Mon, 20 Dec 2021 09:24:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "3825f3d139803f67"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 20 Dec 2021 09:24:42 GMT

GET
H2 200 / Show response
www.heraldsun.com.au/_static/ 98 KB
99 KB 205ms
204ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZsaWZhYWRoUkWAK+4Iig=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-rq: ewr4 0 2 9980
last-modified: Thu, 16 Dec 2021 20:56:54 GMT
server: nginx
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: User-Agent
content-type: application/javascript
expires: Mon, 20 Dec 2021 09:24:43 GMT
cache-control: max-age=1
is-https: true
content-length: 100749
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-opw: 4
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 540 B
859 B 33ms
11ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Wed, 16 Sep 2020 23:56:43 GMT
server: AmazonS3
x-amz-request-id: 4R7K4V2MCP8N6R9R
etag: "4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=84995
accept-ranges: bytes
content-length: 540
x-amz-id-2: yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
expires: Tue, 21 Dec 2021 09:01:17 GMT

GET
H2 200 title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 535 B
855 B 32ms
20ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Thu, 17 Sep 2020 00:28:25 GMT
server: AmazonS3
x-amz-request-id: BX6X5G9GEK1G9M4M
etag: "b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=126416
accept-ranges: bytes
content-length: 535
x-amz-id-2: DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
expires: Tue, 21 Dec 2021 20:31:38 GMT

GET
H2 200 source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 21ms
21ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Tue, 01 Sep 2020 04:31:33 GMT
server: AmazonS3
x-amz-request-id: 34B4778288C88CAA
etag: "899c8f78ce650d4009d42443897aa723"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=583217
accept-ranges: bytes
content-length: 16112
x-amz-id-2: 0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
expires: Mon, 27 Dec 2021 03:24:59 GMT

GET
H2 200 source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 26ms
26ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Tue, 22 Sep 2020 06:30:09 GMT
server: AmazonS3
x-amz-request-id: B9F079BFD69B8BC1
etag: "c85615b296302af51e683eecb5e371d4"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=345570
accept-ranges: bytes
content-length: 15948
x-amz-id-2: DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
expires: Fri, 24 Dec 2021 09:24:12 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 55 B
680 B 140ms
129ms Stylesheet
text/css 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=16

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 74
x-rq: dca8 0 2 9980
last-modified: Thu, 02 Dec 2021 01:25:03 GMT
server: nginx
etag: "61a8206f-37"
vary: User-Agent
content-type: text/css
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 274 KB
82 KB 96ms
86ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

4768c9c09426579117c9cc397f7bffc83c22b7ebe652b2fa492496ae8b680ab2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "6778d105432607d0b73f0a808e1b81ad:1636438006.632996"
vary: User-Agent, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=449
date: Mon, 20 Dec 2021 09:24:42 GMT
is-https: true
x-opw: 4
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 20 Dec 2021 09:32:11 GMT

GET
H2 200 js-metro-desktop-lazy.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 70 KB
21 KB 164ms
154ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=16

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a9788e6d2c4b88ebf92572a8cae613d13ca16b49b720b210e755fee3ce245db0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 21214
x-rq: ewr4 0 2 9980
last-modified: Mon, 13 Dec 2021 05:26:51 GMT
server: nginx
etag: W/"61b6d99b-11742"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=39
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 20 Dec 2021 09:25:21 GMT

GET
H2 200 js-weather.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 166ms
157ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=16

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b51682aed5b828e21c44f642b6e16ee4484e645a35a3400e7ce2dab44d25b993

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 2095
x-rq: ewr4 0 2 9980
last-modified: Mon, 13 Dec 2021 05:26:51 GMT
server: nginx
etag: W/"61b6d99b-18f2"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=53
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 20 Dec 2021 09:25:35 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 3 KB
2 KB 242ms
213ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding: gzip
etag: "1a868d280f9424f5d82876d6cf0c46b9"
age: 0
x-cache: HIT, HIT
content-length: 1123
x-amz-id-2: w6b8vHj2uqQmtAmYk27ttPzgR4r530W1jR59ElFIYQVNtz2Ca0eFqdLAwiiR/AdI9WZQDedoqTk=
x-served-by: cache-lax10648-LGB, cache-fra19139-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1639992283.623119,VS0,VE205
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: Accept-Encoding,,
x-amz-request-id: K65519AD0AQBTHVS
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20211219-1-RELEASE.js Show response
cdn.taboola.com/libtrc/ 613 KB
127 KB 9ms
9ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211219-1-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 69965a279d0d284d914bc0d5575afe131f6e157af594761e2eb71eef648a73e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: O0K97j0fuoneruPNxAp.rGyo0XB_Ebuk
content-encoding: br
etag: "f8c5e0dd767a0a5d5c129cc8f4450a2e"
age: 24877
x-cache: HIT
content-length: 129342
x-amz-id-2: cVkmilM9RGQXlS5ws8217ARK5hH6rkMu82w0aMQts0s+ssUpuh9HpkxkW2Vd3GimvwdVHOK77G8=
x-served-by: cache-fra19183-FRA
last-modified: Sun, 19 Dec 2021 10:21:28 GMT
server: AmazonS3-br
x-timer: S1639992283.594665,VS0,VE0
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: Accept-Encoding
x-amz-request-id: NTKWZ7FV6CJ9GVZB
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 22
x-cache-hits: 64646

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 37ms
8ms Script
application/javascript 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 04:59:41 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 16654
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efd.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: yODIpDFDheNY9fiIVm2j323Y4InGm8w3qgDxDm51qBZC4vu6adlv4w==

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 36ms
16ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://www.heraldsun.com.au/
Origin: https://www.heraldsun.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6072318
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EABP876Q5FGX8041
x-amz-id-2: s/sgUlOc3ETlJ+nSPmVIslFdTw76yEDKnYPaexQIwJhiluvZfd1YmyLRd9TFou5RQFXTAWgZ4WU=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jM3tUnpWU9imc1OcEdorJh385xRfplFdrLqqnNS6F2oe7VkORaoRSj2JFqtheerrJ55LyV1toTPvPi6Lv3QXvE9wKIpxf%2FrrQAz%2BNVodW6deh98NK7%2BWG4yPtHuu9EvPogxBZLV%2F2H8lo%2BKldhM6vNKA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6c07d1b79871430f-FRA

GET
H2 200 json Show response
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 2 KB
2 KB 104ms
97ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=09%3A24%3A42.820&lti=deflated&data=%7B%22id%22%3A670%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1639910724799%2C%22vi%22%3A1639992282793%2C%22cv%22%3A%2220211219-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11509%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A973.78125%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211219-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d549964452d445140f42ab9eb3e8b73fab8ea6d9d0419d708ef32e289a16153

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 63
date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
server: nginx
x-timer: S1639992283.834563,VS0,VE63
x-served-by: cache-fra19183-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1639992282880&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639992282880&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%2...

0
224 B

9ms
9ms

Image
text/plain

13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639992282880&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efd.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: iQooU9OIg-9s0KvesImPj2Vkxrb-NxofoPNtTzXVfjdyHaORLWmWYg==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 20 Dec 2021 09:24:42 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efd.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639992282880&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=
content-length: 277
x-amz-cf-id: 9hEp9cLMibORbjF4034WWSW5xf-XS1e095KPJwEbAFNI1rKVrQBS0Q==

GET
H2 200 comments-count Show response
mhr.talk.news.com.au/api/v1/ 1 KB
1 KB 895ms
869ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mhr.talk.news.com.au/api/v1/comments-count?ids=73f83023cfd06a5b0d2bba49dcede69f,fb124cdb80064eef88f42fd523bf2812,a42ad185e688c2b99b16a1236ee4ff76,71019130a0867caf429f955602293bd6,269bf20726f9bd7c85857eea46042a21,509d45a73e03f5bfa618c2c3de6b90e0,637da119aef423da5f5ca9606da98a98,c54080e13a81b4546b7b13e65be9d99c,f2d9c82176dfa92dca4a46af1d470d0f,fab875a648b7d740071a161479b92a69,a22e1cca82d9c0dd46fbfbd92082bd97,264ad25e5a3e5b7869817861d12030df,f0da491b542c2d2a186e6ec1042fcb54,82f4d95bd644f38b32c59ba8cf92571a,07437031e4d84685f64fc0771bcdf745,aeaa2646df609e7a481ec31c81f6870a,9cbc7f643f3b320b74b8c62b21140cd9,de1dd4ca8208f121fc332b70eb83e1a4,a3678c0cb03395f3b8909550f40f7fb6,7d07e9a0c5a15185be6a82db932c36f9,a4c75caa1037c0dc641c20a7d3f0ecfd,9b3b78a9f6fdc933d98ff2af357b3210,619d1322388164a1bbd64471c07db183,b79413eb6babdfed0da53e2b4eb17439,ea55d5ce59e35d6aa0a94e14f712573a,e8e5c51fd88041e9f00e12db8ad293ae,66da65bce24ff9d2d48495f9c63ee329,9456d0a2bba99390c19cebe6b6b51dc2,59bcb0ad1aa734c8b4036f9a52600d40,b60ecc1d06fe2b8d9db482d24ce60a66,991db3e137aefa802d95110614eb9f9f,c7b794cda6b9c5295e049d0261068fa5,418197b7e49bf669dffb84ca47b448ca,70affd5e4fdcafb3ab3a33ba25a79252,3de1b22778750c12e1d1cb96f7761342,412e9dc3c79003b1a697f45950cc0598,a45d780d34b97f492fb1f2cf3b8e7de7,98d4227fd1a9a9792277bb743e994fec,1ae2ccf8b538f02650eec25e4bd6c9e8

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx/1.20.1 /

Resource Hash

75c458b79f1e763ecf2d91662b17d71ec65552f8086e8f5760494c9382000592

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.20.1
etag: W/"5bc-3MGfRoMptYrVY0rayWfPDnAcKo8"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
access-control-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
x-talk-trace-id: aa81ef00-6176-11ec-b7a9-ade6e3e2cf6b
vary: Accept-Encoding
content-length: 842
x-xss-protection: 1; mode=block

GET
H2 200 3000 Show response
www.heraldsun.com.au/wp-json/api/weather/ 2 KB
3 KB 113ms
112ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-json/api/weather/3000

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5a762e207c9f21df44f682fd4d5eb327561cdd40354836398ced15a2b2d2c04e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options: nosniff
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 1704
x-rq: ewr4 0 2 9980
allow: GET
server: nginx
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: User-Agent
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=34
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 20 Dec 2021 09:25:16 GMT

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 4079 2 KB
3 KB 430ms
402ms Document
text/html 104.111.230.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=1bGtUvqCZIa-OPzDO05kzRYCLJ2PZnOJ&nonce=850dhtgk0UQvwNYmGqOt5Cb0kTe1.wSl&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-230-77.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

aaef88c5ef277089f0e2f4c035e84128f736d1fb569f2dbd420404c268e56625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 6c07d1b88c8516ea-FRA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 6c07d1b88c8516ea
ot-tracer-sampled: true
ot-tracer-spanid: 423593005a79728d
ot-tracer-traceid: 62f6f3a05f6fe968
x-auth0-requestid: c13bbc9b816d356e6746
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1639992284
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 538 0 pmb=mTOE,3
expires: Mon, 20 Dec 2021 09:24:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 20 Dec 2021 09:24:43 GMT
content-length: 805
vary: Accept-Encoding

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 4 KB
2 KB 38ms
12ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c5d28eb33550c89561373b8883dbb7c74fa10be117cc0d8addfcc9e5fb882da3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 04:25:55 GMT
server: AkamaiNetStorage
etag: "3c97c012f0a4ead3d17ca636e99a1d1b:1637641555.766849"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1553
expires: Mon, 20 Dec 2021 09:29:42 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 67 KB
18 KB 48ms
23ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91c7d0e8937476b94df3a31a54c2a569f950fa68bff2739c692407229655d484

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 04:25:56 GMT
server: AkamaiNetStorage
etag: "9adbd7fff5776b2de5cd7ed92823b6c9:1637641555.997099"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 18402
expires: Mon, 20 Dec 2021 09:29:42 GMT

GET
H2 200 js-c3po-bundle.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 184 KB
44 KB 133ms
133ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=16

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

77b3d451d95d7e97f94f7a951b865a75829d24836c9a75294791abf22b7e37dd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 44727
x-rq: ewr4 0 2 9980
last-modified: Mon, 13 Dec 2021 05:26:51 GMT
server: nginx
etag: W/"61b6d99b-2dfef"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=54
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 20 Dec 2021 09:25:37 GMT

GET
H2 200 js-vidora-client.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 7 KB
4 KB 147ms
147ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=16

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0225664895447c49efce36499596557cddfad2a80913acc5f648b8c54cafeeca

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 2988
x-rq: ewr4 0 2 9980
last-modified: Mon, 13 Dec 2021 05:26:51 GMT
server: nginx
etag: W/"61b6d99b-1b27"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 20 Dec 2021 09:24:44 GMT

GET
H2 200 a14d4be07f3c7ee6472d564b41b35914
content.api.news/v3/images/bin/ 7 KB
7 KB 52ms
51ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/a14d4be07f3c7ee6472d564b41b35914?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c0c37303cd0b175182eb856313a052865f06393a3d9659147af641c628d03dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: a14d4be07f3c7ee6472d564b41b35914
date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Mon, 13 Dec 2021 22:07:45 GMT
server: Akamai Image Manager
etag: fbd5062f9d53b19a779bcf57b672e359-a14d4be07f3c7ee6472d564b41b35914-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=4624960
access-control-allow-headers: x-newsapi-api-key
content-length: 7234
expires: Fri, 11 Feb 2022 22:07:22 GMT

GET
H2 200 8496eb28c80077d7d054d7271b8bb5a9
content.api.news/v3/images/bin/ 7 KB
7 KB 57ms
57ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/8496eb28c80077d7d054d7271b8bb5a9?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7da316d874739aaca53d683fcc932e92090aff6e5925bd17f7e1e345be18a25c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: 8496eb28c80077d7d054d7271b8bb5a9
date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Thu, 16 Dec 2021 02:59:12 GMT
server: Akamai Image Manager
etag: c088ba8d30e1d548b7940c076c826af6-8496eb28c80077d7d054d7271b8bb5a9-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=4815264
access-control-allow-headers: x-newsapi-api-key
content-length: 7109
expires: Mon, 14 Feb 2022 02:59:06 GMT

GET
H2 200 b55367149812b5dc925ab4fba0552cc2
content.api.news/v3/images/bin/ 6 KB
6 KB 58ms
58ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/b55367149812b5dc925ab4fba0552cc2?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 09fa098c324e40c3bca3be65863d5768aba847b029e3bc1711b8b391c74b72c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: b55367149812b5dc925ab4fba0552cc2
date: Mon, 20 Dec 2021 09:24:42 GMT
last-modified: Mon, 13 Dec 2021 22:29:46 GMT
server: Akamai Image Manager
etag: 8568b7c6699e9845db076c03723c7f91-b55367149812b5dc925ab4fba0552cc2-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=4626206
access-control-allow-headers: x-newsapi-api-key
content-length: 6270
expires: Fri, 11 Feb 2022 22:28:08 GMT

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 111 KB
30 KB 8ms
8ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding: gzip
etag: "b7fcedf037c57085d364b689ca46f32e"
age: 3445455
x-cache: HIT, HIT
content-length: 30954
x-amz-id-2: ReRbE714voELZRZj+sJSDLFN048IEgTUHMZRuuVxq+nZV8RXpk2SKj9IGRpU+r0uHZA8xyakb2k=
x-served-by: cache-lax10676-LGB, cache-fra19139-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1639992283.931026,VS0,VE1
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: Accept-Encoding,,
x-amz-request-id: VAWVAEK5BQSKZBC2
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211219-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: n7qu5_m2oY3yYk8zx0ISQgopnHkiUO7s
content-encoding: gzip
etag: "103abcd7af0ff73c2bca84d874ada0e2"
age: 7867
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6020
x-amz-id-2: 71B8G0Uax0wDIJO4xcLj8YIF/2vsmk7zh5v4nWeKP/OYb9ehdDQyAMx0pou0VcyI8yHAZWViuDc=
x-served-by: cache-fra19183-FRA
last-modified: Tue, 30 Nov 2021 12:15:08 GMT
server: AmazonS3
x-timer: S1639992283.936500,VS0,VE0
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: Accept-Encoding
x-amz-request-id: DM4WHH1JXZDNRM0N
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 22
x-cache-hits: 2829293

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
946 B 7ms
7ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211219-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 8oi59FmV5lZnBSZug04yEHoBr2VIEPOj
content-encoding: gzip
etag: "44e0fb48ae5c8af459ee8102bcc39ee7"
age: 7867
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 702
x-amz-id-2: iFVFvmeQKInSRvPmOMjpx9e796JdpMASKTQROUtwOnMuFvcFjIkVcAu3KiHnksQkCefA05OClWw=
x-served-by: cache-fra19183-FRA
last-modified: Tue, 30 Nov 2021 12:15:07 GMT
server: AmazonS3
x-timer: S1639992283.936622,VS0,VE0
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: Accept-Encoding
x-amz-request-id: DM4NG7BXNQAFRQKD
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 22
x-cache-hits: 36697

GET
H2 200 tfa-eid.20211219-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 8ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20211219-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13fe4a7b374c4d71d3455837d0a4d496b2f02c7447200dc4250ef8aa6c827e36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 7KLBjFn4j82dgTcQxU2l4GQomTIvxTjp
content-encoding: gzip
etag: "e448301828576b3bec8dcae7595fd543"
age: 104
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5061
x-amz-id-2: 3EhqeXSOTo+Ud11Otg63xkXrNvreVCL9K3yr5Q0Lyn8gULMm+ymVCmMv0WszZBp+zQd1bvzj/8Y=
x-served-by: cache-fra19183-FRA
last-modified: Sun, 19 Dec 2021 10:41:45 GMT
server: AmazonS3
x-timer: S1639992283.937837,VS0,VE0
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: Accept-Encoding
x-amz-request-id: EHP37QN3S9T3XZ4C
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 22
x-cache-hits: 446

GET
H2 200 sha256.20211219-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 9ms
9ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20211219-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70724231c97d52c5ad88dc4507160dc721c1550b42f9318f6c6f4e4d4477c942

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: vYqZi7Hl3F4cKq9k0ZmKy_hfZERrecw9
content-encoding: gzip
etag: "34aa95d9816e456a29c01406a11ffa2c"
age: 82
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 2590
x-amz-id-2: SLfQomBGsAUSMCWW8gYTO6JgqR8GxHNfBMPtXsZc+Jcj733ws7oIJdLdsR6zb0o6WsauVjEP4Sk=
x-served-by: cache-fra19183-FRA
last-modified: Sun, 19 Dec 2021 10:42:21 GMT
server: AmazonS3
x-timer: S1639992283.938077,VS0,VE0
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: Accept-Encoding
x-amz-request-id: WKM33G8VXFG28AJE
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 22
x-cache-hits: 328

GET
H2 200 distance-from-article.20211219-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 11ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20211219-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78f88f00250817df6b8978aefad7d488d48ce650af676a88a2a0db6dedde43ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: ZynOKx.7kE3QA6s4yCcobjl7yLoNTOaY
content-encoding: gzip
etag: "9b1557e67fb186a9e8ea2dafa86123e9"
age: 85
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1005
x-amz-id-2: +bvf2v+RZJGo2j1hg0jF4JQ4q6ED8YrN2iuYo+lWNLx8SKQXT9UnVz1mXgYC0KBluI4aQeOJZXM=
x-served-by: cache-fra19183-FRA
last-modified: Sun, 19 Dec 2021 10:43:41 GMT
server: AmazonS3
x-timer: S1639992283.946637,VS0,VE0
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: Accept-Encoding
x-amz-request-id: 6T8JCW5E8ND3VJKZ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 22
x-cache-hits: 167

GET
H2 200 article-detection.20211219-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 11ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20211219-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e189d148233b54987426726b6131b672fe63811a8eb9e09e584bfb4cd741469

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: vFqBdNiYpUabD6NTOruVZmKwRJLgdZjB
content-encoding: gzip
etag: "d412ab1a2416092b899c75b77a254375"
age: 65
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 856
x-amz-id-2: 5J7THWGmYWDCWQxkleRdfaKQ5BOzyDY8CT56iV1lwxCXCXTAWmnZR9uyziNwSPDEJJe2yKVSB+c=
x-served-by: cache-fra19183-FRA
last-modified: Sun, 19 Dec 2021 10:44:27 GMT
server: AmazonS3
x-timer: S1639992283.946771,VS0,VE0
date: Mon, 20 Dec 2021 09:24:42 GMT
vary: Accept-Encoding
x-amz-request-id: WKM3JXD1DCNZZX3G
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 22
x-cache-hits: 143

GET
H2 204 debug
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 0
89 B 57ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=09%3A24%3A42.938&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-midrail-native&llvl=2&id=8313&cv=20211219-1-RELEASE&lt=deflated&pct=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 7830

GET
H2 204 supply-feature
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
313 B 22ms
22ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/supply-feature?route=AM:AM:V&tvi2=-2&lti=deflated&ri=4f864285a79bd4f75897817d820e8681&sd=v2_6f4c34c6b0ac42eb842f7d83482a394d_54b570e8-a5c3-43c3-8e8b-8c2a4348349a-tuct8b9d15a_1639992282_1639992282_CIi3jgYQgPNHGKmdobndLyABKAEwODib4wlAgooQSJ3d3ANQpewQWABgAGiApKeijMutlDNwAA&ui=54b570e8-a5c3-43c3-8e8b-8c2a4348349a-tuct8b9d15a&pi=/&wi=873729681997272865&pt=home&vi=1639992282793&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A553.78125%2C%5C%22articleClasses%5C%22%3A%5C%22site-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22SECTION%5C%22%2C%5C%22threshold%5C%22%3A%5C%22246%5C%22%7D%22%7D&tim=09%3A24%3A42.963&id=9201&llvl=2&cv=20211219-1-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 20 Dec 2021 09:24:42 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639992283.967697,VS0,VE8
x-served-by: cache-fra19183-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 social
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
230 B 18ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&tvi2=-2&lti=deflated&ri=4f864285a79bd4f75897817d820e8681&sd=v2_6f4c34c6b0ac42eb842f7d83482a394d_54b570e8-a5c3-43c3-8e8b-8c2a4348349a-tuct8b9d15a_1639992282_1639992282_CIi3jgYQgPNHGKmdobndLyABKAEwODib4wlAgooQSJ3d3ANQpewQWABgAGiApKeijMutlDNwAA&ui=54b570e8-a5c3-43c3-8e8b-8c2a4348349a-tuct8b9d15a&pi=/&wi=873729681997272865&pt=home&vi=1639992282793&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=09%3A24%3A42.980&id=9195&llvl=2&cv=20211219-1-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 20 Dec 2021 09:24:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 14ms
13ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16399922829850.3229183493911054
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:42 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 831
expires: Mon, 20 Dec 2021 09:24:42 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 11ms
10ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:42 GMT
cache-control: max-age=72944
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 B7670439;dcadv=4149947;sz=1x2;ord=93516864411.30913 Show response
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 30 KB
12 KB 89ms
39ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=93516864411.30913?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

de76627742edb6cb84a5f297d60d8d6576b8f1721e9402f6073dd367bb5b4eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 65ms
25ms Script
application/x-javascript 2600:9000:223c:4200:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 08:44:51 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:28:27 GMT
server: nginx
age: 2392
etag: W/"6179eeab-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 2g4Mhg_mEDK9QAiEHog0Qxvf_N8G8sUaIOJ_tF1pXs_TadhhiCrDAA==
expires: Mon, 20 Dec 2021 10:44:51 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 181 KB
62 KB 33ms
33ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 52e0417217c73b5bc0bd83ddc5767018e44361f8ee994d3c0e5ddd5c7f1e404a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "75c9daea98db9b237420576cca22586a:1639536775.780378"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=19794
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 86 KB
27 KB 26ms
25ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 96f69f9e35360e8ab43d62ab58c2b7ead48720d94ef4a7dea4af80a64a6b1535

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "b75d527c8d9dfb415545865d738fb883:1639439581.053356"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=78157
content-type: application/x-javascript
content-length: 27581

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 54ms
31ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1076 / 88 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 310 KB
98 KB 44ms
43ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: beeda9a17b4eee343f7ec43d45f3046b4133b8eea4b23ea0667d206c1d5f7d36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "a10134beab56207257f1f2ac785713ee:1632115066.493479"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=17154
content-type: application/x-javascript

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
36 KB 40ms
11ms Script
application/x-javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding: br
etag: W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age: 74316
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 8c7650e47b7f894f6ae5a1fc4919cee6
last-modified: Thu, 16 Dec 2021 12:45:56 GMT
server: AmazonS3
date: Sun, 19 Dec 2021 12:46:08 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA60-P3
content-type: application/x-javascript
x-amz-cf-id: 1vzL99CsuImvno753Lmjvy33axMd69letpcxL4aOECCQ5Gxo4JWCGw==

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 25 KB
10 KB 19ms
19ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=19387
content-type: application/x-javascript
content-length: 9840

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 41ms
11ms Script
text/javascript 13.32.99.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-93.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18ce848868d27ccd09f0701a569852b17a05608a24acde0f4883c82f3405ff74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 09:00:19 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 30 Nov 2021 07:22:26 GMT
Server: AmazonS3
Age: 1465
ETag: W/"55c95d52f12da6906cda6a2b1283a0d6"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: hv3wurfUpwmaP-fBWRy5I66Yz0zMkvKCjcW4aKAQ86tP8fjqo_RPdw==

GET
H2 200 2988.js Show response
script.crazyegg.com/pages/scripts/0018/ 5 KB
2 KB 37ms
19ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d91e1f1004c910402c81c62dc28a79609f7381f6f8e5fd5118c0a08ff40a96a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 246614
cf-polished: origSize=4899
cf-ray: 6c07d1b8ef30d6c9-FRA
ce-version: 11.1.376
last-modified: Fri, 17 Dec 2021 12:54:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 2 KB
1 KB 45ms
6ms Script
application/javascript 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 619b9a80dc03dd254a74bdbe5088341a6c02a3e80106d4fa96bdbc1595d94ca2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: m_mZDvDY_EQuWbaaYRpUdbqqZIrSr61P
content-encoding: gzip
etag: "43812f1a0157d39e23e721e9e3c15d7b"
age: 365056
via: 1.1 varnish
x-cache: HIT
content-length: 665
x-amz-id-2: i/FCpXC7BAXL4hJDs7YpJ4QlgC6BXucfVPMLNafKnHRRTyEFev+FjNR42OEB+R4htOInC3uPSDs=
x-served-by: cache-fra19144-FRA
last-modified: Thu, 16 Dec 2021 04:00:20 GMT
server: AmazonS3
x-timer: S1639992283.085858,VS0,VE0
date: Mon, 20 Dec 2021 09:24:43 GMT
vary: Accept-Encoding
x-amz-request-id: G8HP1516TX9BAHYE
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 112

GET
H2 200 utag.985.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 2 KB
1 KB 38ms
38ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 02:18:16 GMT
server: AkamaiNetStorage
etag: "479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 899
expires: Tue, 04 Jan 2022 09:24:43 GMT

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 33 KB
7 KB 65ms
8ms Script
application/javascript 2600:9000:236e:800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ae479c769d63000346f80d17ae8c80858a21d1c1df616be9407527ad0bebcce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: GPkJQLN73giz65cB6I2w6YR7qpL4hoVs
content-encoding: gzip
etag: W/"7ed65fdc56bd912db59cbf07cc3ffb7a"
last-modified: Sun, 19 Dec 2021 05:18:43 GMT
server: AmazonS3
age: 3320
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Mon, 20 Dec 2021 08:32:47 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: lHP5sD1osixTvUc17QteKe3gHqBOBKUv-hiTqto6n75Xsm8eLj-VcA==

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 36ms
8ms Script
application/javascript 52.222.214.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 14 Dec 2021 16:16:53 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 493671
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P3
X-Amz-Cf-Id: E2GeYukFCPwcEe4ns2zaL2OAVxYjivn_TohxvZJxogoZgTKIncCPjQ==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1639992283099
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1639992283099

5 KB
2 KB

36ms
36ms

XHR
application/json

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1639992283099

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

648ec2b396a0c4da175310adbc6dad147e4db4b7f529baed78d130e2185eff55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-039f4fbcd.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 9Dl4kpybR64=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1540
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v025-0011bdc79.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.heraldsun.com.au
X-TID: 9R+7HKKxSEw=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1639992283099
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 2988.json Show response
script.crazyegg.com/pages/data-scripts/0018/ 25 KB
2 KB 36ms
21ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0018/2988.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 960af9323fa76650d46b804fbfa88e43aeaf48ed334722a730ec3ba69121535c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 246613
ce-version: 11.1.376
content-length: 2123
timing-allow-origin: *
last-modified: Fri, 17 Dec 2021 12:54:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6c07d1b99d3f692d-FRA

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 56 KB
18 KB 38ms
8ms Script
application/javascript 23.55.161.180
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.161.180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-161-180.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 01b7c7a8df5b11bf567f89ec0f2efecc702ecfba83cc34a223f3d3ec12affee6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 12:25:08 GMT
server
x-powered-by: ARR/2.5
etag: "7cf3f02665e0d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=319
accept-ranges: bytes
content-length: 17701

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 7ms
7ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202111230425&cb=1639992283116
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 20 Dec 2021 09:34:43 GMT

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 63 B
362 B 669ms
654ms XHR
text/plain 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:43 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 63
mime-version: 1.0
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 11 KB
5 KB 65ms
10ms Script
application/javascript 2600:9000:2251:f000:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f000:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3357e0ff5e267f686f3a3f12c8fba0423d0792bb86884520c6eaecf9adeca534

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 12:37:36 GMT
content-encoding: gzip
etag: W/"9cfc2b12057c4bed13ead445642de3eb"
last-modified: Wed, 08 Dec 2021 21:44:52 GMT
server: AmazonS3
age: 74828
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 4ZixpkwUS3hbpl3PyEyuQN1UzJfULdiEY9-WNj2hjAbRGGpCkS_Slw==

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 16ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 157 B
139 B 37ms
21ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3cbf419fa8bfbec8332afd3d2878b3223ece9fcb468cdeaaa19c339ab84c50d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114
x-xss-protection: 0
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 344ms
130ms Image
image/gif 52.21.188.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=Doxi92pPZiYD7Ur1Q&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11509&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=10602&t=bcNMLD1QTDgD187jFD8b3CIChvuOd&V=129&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=0&_acct=anon&sn=1&sv=x-v3j4HKrZCXjSL7BqsdHNxogKA&sd=1&im=06030402&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.188.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-188-91.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:43 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 158988083230f20c205b1fea7c972825
content.api.news/v3/images/bin/ 9 KB
9 KB 96ms
95ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/158988083230f20c205b1fea7c972825?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: fe45023a36895237f316ca35fe8421859224dd3a75f070aab4c01b7ec5407c57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: 158988083230f20c205b1fea7c972825
date: Mon, 20 Dec 2021 09:24:43 GMT
last-modified: Mon, 20 Dec 2021 06:33:47 GMT
server: Akamai Image Manager
etag: 2ecf3eebda782571f42cb02eda6099d3-158988083230f20c205b1fea7c972825-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5173721
access-control-allow-headers: x-newsapi-api-key
content-length: 9145
expires: Fri, 18 Feb 2022 06:33:24 GMT

GET
H2 200 b6d1896f52290e389ac3885cbbfd5d21
content.api.news/v3/images/bin/ 16 KB
17 KB 1503ms
1502ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/b6d1896f52290e389ac3885cbbfd5d21?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: ef9fbe28596f2f02eb9519f8ade33d34ea892eff75b22cb2df3cec7621abf4eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: b6d1896f52290e389ac3885cbbfd5d21
date: Mon, 20 Dec 2021 09:24:44 GMT
last-modified: Mon, 20 Dec 2021 09:02:18 GMT
server: Akamai Image Manager
etag: 94de5d980432887c5a17b48e92966c7f-b6d1896f52290e389ac3885cbbfd5d21-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5182665
access-control-allow-headers: x-newsapi-api-key
content-length: 16692
expires: Fri, 18 Feb 2022 09:02:29 GMT

GET
H2 200 d6ca843081445ec493e0874c6d039941
content.api.news/v3/images/bin/ 7 KB
8 KB 1272ms
1271ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/d6ca843081445ec493e0874c6d039941?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: eba5c91114f8eacd1a3fed038c00d5ba52a5618ef99e9cd8b266d4b986a2b8b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: d6ca843081445ec493e0874c6d039941
date: Mon, 20 Dec 2021 09:24:44 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: a414dce64b6a0f38c484e572e0a9c207-d6ca843081445ec493e0874c6d039941-320
x-serial: 855
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5182623
last-modified: Mon, 20 Dec 2021 09:02:19 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 7317
expires: Fri, 18 Feb 2022 09:01:47 GMT

GET
H2 200 mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 366 KB
366 KB 41ms
41ms Image
image/png 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
x-opw: 4
content-length: 373561
x-rq: ewr4 0 2 9980
last-modified: Sun, 12 Dec 2021 23:48:47 GMT
server: nginx
etag: W/"61b68a5f-5b713"
vary: User-Agent
content-type: image/png
cache-control: max-age=155930
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 22 Dec 2021 04:43:33 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ 8 KB
4 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=93516864411.30913?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 09:21:23 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
524 B 72ms
51ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXabNiIeKH9G0aaO2QMinvyUMi3tqFoCVEcXypWS9tNZOaJRmHk2AjS3RoFSH5ZE4A3jyklaK3Rpwh_BgeFcFXalbPWoITHhSLkRqAVOW-Wm7gQfNcWjims13MDGrubYPcJsHyb72G&sig=Cg0ArKJSzHK0ufkZfd4NEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20211207.73578&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=93516864411.30913?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 11.1.376.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 71 KB
23 KB 14ms
14ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 14:25:17 GMT
server: cloudflare
age: 851858
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6c07d1ba18a1d6c9-FRA
content-length: 23366

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 193 KB
54 KB 11ms
9ms Script
application/javascript 2600:9000:236e:800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 20 Dec 2021 08:50:22 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
server: AmazonS3
age: 2062
etag: W/"711241d99f4dbd99c7bef0f79ce85582"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: cMRN_04lvqSJdvtl7TZbazXb3VGsS_cB
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
content-type: application/javascript
x-amz-cf-id: rchdn0W-qBbcymFu0vLQ2nESKcLjz0NSoClCHRdMsXy0bViSX18pSw==

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 18 KB
2 KB 114ms
92ms XHR
application/octet-stream 23.55.161.180
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.161.180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-161-180.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 82d8f9e43991ed1ad3e24a47253db1aee093d6fb43c185f1f4e19a5d00fb423c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: C6Yt0XQN8JQ6sg.g4tfxBlQsuE50bubU
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 03:23:42 GMT
server: ATS/7.1.0
x-amz-request-id: MXD9AT428JFCDQDR
etag: "02491d02b66b5991e5c2d7212b930146"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=456
date: Mon, 20 Dec 2021 09:24:43 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 1282
x-amz-id-2: rdG71F7pFSuakD5VWQP1kciOv77z339SrZbGff+r4yFxRb22Hs/1E8YeEmohXUau5zmjxC/ofmo=

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 638 B
876 B 153ms
70ms XHR
application/json 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=e333eb12-61e7-cbd4-ae12-00817394de95&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ed6941cd34f5d592588be86a3cfbe71efbae34586496f4641406d909817a1934

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
x-server-name: app14.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 Serving Show response
bs.serving-sys.com/ 10 KB
3 KB 74ms
29ms Script
text/html 52.28.248.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=4341835557617889276&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D7197816831683832535$$&ns=0&rnd=8473054309911259
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.248.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-248-40.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6196d0db71e13bd6083b233f37f748c37466389cc9937b404cb0036d0496977d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: text/html; charset=UTF-8
content-length: 2430
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
newscorpau.demdex.net/ Frame CC9D 7 KB
3 KB 238ms
69ms Document
text/html 54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 20 Dec 2021 09:24:43 GMT
DCS: dcs-prod-irl1-2-v025-0af234dcf.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 15 Dec 2021 16:40:58 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: LaXvQYYRTQU=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
metrics.heraldsun.com.au/ 48 B
516 B 154ms
53ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=45055863766684201460479186355854917847&ts=1639992283414

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

e9a62338d47a1f9091f10180ed4905ac0a0098e808e762e781637c9c01d7097e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-675dccd488-p6gt7
vary: Origin
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YcBL2wAAAKfH-QP7
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=45079665630853389200481573138334814669
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YcBL2wAAAKfH-QP7

42 B
945 B

115ms
45ms

Image
image/gif

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YcBL2wAAAKfH-QP7

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-0e625c9cd.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Z7wS7JmbSOs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YcBL2wAAAKfH-QP7
Date: Mon, 20 Dec 2021 09:24:43 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 2988.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0018/ 2 KB
614 B 18ms
17ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0018/2988.json?t=455553
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 037c6ba68e340c8f9bc7ce2f2070da3ed3f01a0dc3c426fb105a3c73b13b28b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 246613
ce-version: 11.1.376
content-length: 548
timing-allow-origin: *
last-modified: Fri, 17 Dec 2021 12:54:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6c07d1bb693d692d-FRA

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 77FC 12 KB
4 KB 23ms
19ms Document
text/html 2600:9000:236e:800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: IljONPHQ882rCgbxybbkGTEVB8TZxE7m
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Dec 2021 08:50:46 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: xSkxDuWMP2UTc_bgfguNWfHpwTrXRUQlqI3AHzA1QBhd-4ue60jwFA==
age: 2037

GET
H2 200 05fe2ab7ccfbd06970ce25193d83ab83
content.api.news/v3/images/bin/ 9 KB
9 KB 1512ms
1512ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/05fe2ab7ccfbd06970ce25193d83ab83?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9e7f98b52a6b5e91548c668c8b7d00ef34866c1dacfec1250b7eecc01f8a6192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

edge-cache-tag: 05fe2ab7ccfbd06970ce25193d83ab83
date: Mon, 20 Dec 2021 09:24:44 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: fbe65b7632b6c7635d506e6b1cf99b68-05fe2ab7ccfbd06970ce25193d83ab83-320
x-serial: 876
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5162273
last-modified: Mon, 20 Dec 2021 03:24:07 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 9161
expires: Fri, 18 Feb 2022 03:22:37 GMT

GET
H2 200 1037a665
login.newscorpaustralia.com/akam/11/ Frame 4079 20 KB
0 42ms
42ms Script
application/javascript 104.111.230.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/akam/11/1037a665
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=1bGtUvqCZIa-OPzDO05kzRYCLJ2PZnOJ&nonce=850dhtgk0UQvwNYmGqOt5Cb0kTe1.wSl&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-77.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=1bGtUvqCZIa-OPzDO05kzRYCLJ2PZnOJ&nonce=850dhtgk0UQvwNYmGqOt5Cb0kTe1.wSl&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:02:47 GMT
etag: "051a26b4f33f3ee250a01bf25ad295e4f4f42ff7474b6618181884419262aa32"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 10429
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 200 oHfGMB
login.newscorpaustralia.com/LM8f_ldi9H/_Q/PSzE-kQt/D5fu6rJS/JRJeM1UD/XRpsdm/ Frame 4079 77 KB
0 35ms
35ms Script
application/javascript 104.111.230.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/LM8f_ldi9H/_Q/PSzE-kQt/D5fu6rJS/JRJeM1UD/XRpsdm/oHfGMB
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=1bGtUvqCZIa-OPzDO05kzRYCLJ2PZnOJ&nonce=850dhtgk0UQvwNYmGqOt5Cb0kTe1.wSl&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-77.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=1bGtUvqCZIa-OPzDO05kzRYCLJ2PZnOJ&nonce=850dhtgk0UQvwNYmGqOt5Cb0kTe1.wSl&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 16:10:06 GMT
etag: "d1dbb955755ca44a0b872a64f97c471a45b14e941f69d082c19f792576ae34fb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 19642

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
420 B 182ms
44ms XHR
binary/octet-stream 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 5971388
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 19
x-amz-cf-id: OIPIWfekZmPoQZz1oXthbtIsk8htJ2BqBqrlkUYXajO9vC6hgtMjCA==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
420 B 184ms
44ms XHR
binary/octet-stream 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb67.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 5971388
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 19
x-amz-cf-id: jD7GGLvmwTg9nVcK3xHVWR4pL6ugo3XOf5miBEXp8nas50_BHXjN2Q==

GET
H2 200 indies-loader.js Show response
ts2020-indies-client.web.app/ 7 KB
3 KB 517ms
158ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ts2020-indies-client.web.app/indies-loader.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

375eb1402faeaba7978d6f984b0e89473fa190562c591b7097c2b782645123e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Tue, 30 Nov 2021 04:53:19 GMT
x-timer: S1639992284.944154,VS0,VE0
etag: "5ba2861ce9ae9d8b6d1e23b21ee04a45a7bb0716b2c6e39acabd1aa379b57322-br"
x-served-by: cache-del21735-DEL
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Mon, 20 Dec 2021 09:24:43 GMT
accept-ranges: bytes
content-length: 2326
x-cache-hits: 13119

GET
BLOB 200
OK dad41ebd-b983-42b9-ae13-7f6e1ad7df99
https://www.heraldsun.com.au/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/dad41ebd-b983-42b9-ae13-7f6e1ad7df99
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 2E96 4 KB
2 KB 138ms
43ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-96-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 03:54:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 19811
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 bbd2abbdb134a9d53c0a12f6566e69ff.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: 4DkoiJdB-VOtRLyUTzkpSDBAL9c2ghiayX9OnXaTO1Pe_OattCDJxg==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 8AAB 14 KB
6 KB 204ms
25ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000144-IAD, cache-fra19173-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 9B61 5 KB
2 KB 188ms
49ms Script
application/x-javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 09:24:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=37738
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6EA1 97 KB
39 KB 160ms
56ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d246e7b7756e159c05299474a730969fd358bd2499e1c57bf54e3e52022084f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39612
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 7937 4 KB
2 KB 140ms
43ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-96-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 03:54:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 19811
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: jM7YvA2dmS5WVLcuNHw8mMxpL5JCTupcNiY2jjV0xeyVOkJNSvR_6Q==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame E5C8 9 KB
4 KB 59ms
7ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 09:24:43 GMT
Content-Encoding: gzip
Age: 12984
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21981-LGA, cache-fra19165-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1639992284.787777,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 2236

GET
H3

200

activityi;dc_pre=CPvc_KuH8vQCFVqU1QodJOIBmw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7112928836627.219 Show response
8228261.fls.doubleclick.net/ Frame 503C
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7112928836627.219?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPvc_KuH8vQCFVqU1QodJOIBmw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=711292883662...

402 B
355 B

114ms
62ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CPvc_KuH8vQCFVqU1QodJOIBmw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7112928836627.219?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

5fd05db110d59931dbd05c4f06b4bf7de312d7eaf07ca8f375482edfaf7cc971

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Dec 2021 09:24:43 GMT
expires: Mon, 20 Dec 2021 09:24:43 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Dec 2021 09:24:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPvc_KuH8vQCFVqU1QodJOIBmw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7112928836627.219?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CJSN_auH8vQCFS0fBgAd_l8KVA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8369718173801.779 Show response
8228261.fls.doubleclick.net/ Frame F544
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8369718173801.779?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSN_auH8vQCFS0fBgAd_l8KVA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=836971817380...

402 B
355 B

111ms
62ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSN_auH8vQCFS0fBgAd_l8KVA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8369718173801.779?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

3d8a8b824d6a916de90d7128df04d944aa878e4502a510cf2feabc2e79819d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Dec 2021 09:24:43 GMT
expires: Mon, 20 Dec 2021 09:24:43 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Dec 2021 09:24:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSN_auH8vQCFS0fBgAd_l8KVA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8369718173801.779?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5B1F 97 KB
39 KB 46ms
20ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-820018408

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f81d52ffecd274480f02739f237da84180862543d33badf7157cd5415611bcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39608
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 2513 45 KB
17 KB 106ms
53ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3a794323056095d4ae3d4bccb01fdb689b186c5343f70248d41e61e951cf72fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17610
x-xss-protection: 0
server: cafe
etag: 5620577396173936331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame 3CF4 43 B
610 B 307ms
262ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:43 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame B2BE
Redirect Chain

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

43 B
1021 B

14ms
13ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 09:24:43 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3bc8ecad-ff0c-44a9-86ce-a5d3cad63d9a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 09:24:43 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 217cd374-0546-4dda-81e6-455fdddacdb6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

0
1005 B

18ms
18ms

Image
application/javascript

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 09:24:43 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c6b34572-ccb4-4c9b-91e5-5ee18e35c33a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 09:24:43 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 941f5561-d9a7-4e65-af53-bddef17a6c0c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

0
1005 B

33ms
32ms

Image
application/javascript

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 09:24:43 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 235a6114-edf2-4917-9a27-732505ccc09b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 09:24:43 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7b97d889-3f52-46a0-87a2-b2f1a1adee1b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 123ms
26ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 223 KB
22 KB 99ms
98ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2986309183668993&correlator=4319263041626412&output=ldjh&impl=fifs&hxva=1&scor=4113010068131407&eid=44755510&vrg=2021120601&ptt=17&co=1&npa=1&sc=1&sfv=1-0-38&ecs=20211220&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3Daa6cb9f5-6176-11ec-a725-02c390e9b11a%7Cpos%3D1%26id%3Daa6cb9f6-6176-11ec-a725-02c390e9b11a%26vw%3D40%2C50%26vw05%3D40%26grm%3D40%2C50%26pub%3D40%2C50%7Cpos%3D2%26id%3Daa6cb9f7-6176-11ec-a725-02c390e9b11a%7Cpos%3D1%26id%3Daa6cb9f8-6176-11ec-a725-02c390e9b11a%7Cpos%3D2%26id%3Daa6cb9f9-6176-11ec-a725-02c390e9b11a%7Cpos%3D1%26id%3Daa6cb9fa-6176-11ec-a725-02c390e9b11a&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3D0e5a29226c90c064e2cdc92144f8c525%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26abtest%3Da%26pvid%3D0e5a29226c90c064e2cdc92144f8c525-00000000000000000000000000000000-1639992283014-691756%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1639992283&dt=1639992283634&dlt=1639992282302&idt=1078&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=48%2C462%2C9905%2C11080%2C3772%2C11768&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C300x276%7C300x250%7C1600x688%7C1248x0%7C1600x11768&msz=728x93%7C300x276%7C300x250%7C1600x0%7C1248x0%7C1600x0&ga_vid=1664173326.1639992284&ga_sid=1639992284&ga_hid=1562578412&ga_fc=false&fws=512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0a2bc7d88d2a9a0862d462eeef85241981446bd5a2ee27a3ad3b8b0c4676a3c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22804
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234025551,138234092456,138234143368,138234082439,138234092474,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a8cb653677ecb1267e1d5f55ad274e54.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 38CE 6 KB
4 KB 151ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a8cb653677ecb1267e1d5f55ad274e54.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 20 Dec 2021 09:24:43 GMT
expires: Tue, 20 Dec 2022 09:24:43 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 75ms
74ms XHR
application/json 54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=45055863766684201460479186355854917847&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%010e5a29226c90c064e2cdc92144f8c525%011&ts=1639992283647

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cdad757288989b4ecde53c052f7f69e9a04946bee20959a1ee29614545586b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v025-0ea99b6cf.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: hDuEXaMURb0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1540
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 clock Show response
tracking.crazyegg.com/ 27 B
134 B 151ms
41ms XHR
text/plain 34.249.212.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1639992283711
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.212.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-212-247.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: ba04f154e2b74c512b41b55149c79530f5f77342e5141c10c8aed0f33f29a89c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
cache-control: no-store
server: awselb/2.0
content-length: 27
content-type: text/plain

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 2513 2 KB
1 KB 63ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1639992283729&cv=9&fst=1639992283729&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec07c4632ddfe69333f0e8cc4eafeb61df6886b528e264c9c244d4ff74708298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 982
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s15000538771780
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
442 B 19ms
18ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s15000538771780?AQB=1&ndh=1&pf=1&t=20%2F11%2F2021%209%3A24%3A43%201%200&cid.&newsnkidcookie.&id=0e5a29226c90c064e2cdc92144f8c525&as=1&.newsnkidcookie&.cid&vid=0e5a29226c90c064e2cdc92144f8c525&mid=45055863766684201460479186355854917847&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D105&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=8%3A24%20PM%7CMonday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=105&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=de%7Che%7Cfrankfurt%7C50.12%7C8.68%7Cgmt%2B1%7Cunknown&v79=de&v80=0e5a29226c90c064e2cdc92144f8c525-00000000000000000000000000000000-1639992283014-691756&v111=0&v161=8.900001525878906&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
x-content-type-options: nosniff
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 21 Dec 2021 09:24:43 GMT
server: jag
xserver: anedge-675dccd488-6pgrf
etag: 3521856612106403840-4619853209746848088
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 19 Dec 2021 09:24:43 GMT

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 77FC 44 B
563 B 122ms
32ms Image
image/gif 54.72.156.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=8mqtjenkw9fv6tvn7yxl0djtgqlts1639992283&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.615&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.156.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-156-114.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:43 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
8mqtjenkw9fv6tvn7yxl0djtgqlts1639992283.nuid.imrworldwide.com/ Frame 77FC 35 B
350 B 70ms
7ms Image
image/gif 2600:9000:223f:6c00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8mqtjenkw9fv6tvn7yxl0djtgqlts1639992283.nuid.imrworldwide.com/
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6c00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 06:20:00 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 11084
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 35
x-amz-cf-id: IVThH8DXMvLjZvbS0mpkWsBjE3getCxoAwuxDDcP0GoHXftHiAJ1TA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EF77 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM6ehyngKXWMuUclj5b5bTYaTfxVx31w0m-qkR8Om2BK5hxEdAZhnbqbsRUPVa9gqGejZmq6P7RCV-oqkgTTMeblFvqS04fTZdlbOiAXEQytmxOkBY0VsVs7KkuTD2twprP7fJtSRYLe8MPQmxmfULnUBwKL0biPUv6aXiHZ7sGf26-zbpqrjUb-mxXhVia2E8cY0a9F0fgcQF-iMaFSEvyH4h-Ck_lB0IBbURUCbKaNWkdaZhTPzzQ6fGCoGd8lJ3y_hQTm75sW8o56RNqKEveEDzZh6cX6jgZJ6V-tmvemmcigCUMsXm-xBK&sai=AMfl-YQUxWoBrCLoESI21u86x6s_l_nEPEq-CLAnEkS5D-b4Zx-FDzkPFX6lld1_7GE2jPrH-pksMAzXc1fN&sig=Cg0ArKJSzMFpyttrhL3NEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame EF77 19 KB
8 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 09:20:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame EF77 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 09:14:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF77 119 KB
37 KB 22ms
22ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame EF77 68 B
419 B 10ms
10ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 17:01:41 GMT
x-content-type-options: nosniff
age: 490982
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Dec 2022 17:01:41 GMT

GET
H2

429

li_sync
www.linkedin.com/px/ Frame 9B61
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1639992283823&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1639992283823%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...

0
174 B

102ms
101ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1639992283823%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7DEDC22AED4641109B0B4B12A7993F45 Ref B: FRAEDGE0919 Ref C: 2021-12-20T09:24:44Z
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
cache-control: no-cache, no-store
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXTkHWHntEe3NGEeddwmg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 20 Dec 2021 09:24:44 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7607CFC2B3F246299149CF7AC982E696 Ref B: FRAEDGE0919 Ref C: 2021-12-20T09:24:43Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1639992283823%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXTkHWE7RyrTJfD6+csFg==

GET
H3 200 dc_pre=CPvc_KuH8vQCFVqU1QodJOIBmw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7112928836627.219
adservice.google.com/ddm/fls/z/ Frame 503C 42 B
63 B 60ms
44ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPvc_KuH8vQCFVqU1QodJOIBmw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7112928836627.219

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPvc_KuH8vQCFVqU1QodJOIBmw;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7112928836627.219?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CJSN_auH8vQCFS0fBgAd_l8KVA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8369718173801.779
adservice.google.com/ddm/fls/z/ Frame F544 42 B
63 B 59ms
44ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJSN_auH8vQCFS0fBgAd_l8KVA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8369718173801.779

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJSN_auH8vQCFS0fBgAd_l8KVA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8369718173801.779?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 667A 0
0 44ms
43ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuTeKBWFMGhEz1pJqt9nAQ86kQR-Z0_xJfh0iZ2IO-PAcM6FwT6h5KTLW8vD1zYbkeQZz-V9i9smX1U27hUqzmCcZzKURF0WUqxGc21qjJQoB4Kpc4WbR9_PVc6nHNgdsHqJ1EQ4JLOiIxjpqqOKmlen2XHOgi_wskOBsxPLJYFpsRrXlwUlezlfabeGZ4tKTVR2z8J-YuYpd6F8YOriyZGbsYJhW6R1BPC-keGz6GV4S5xWdVMMVEudwP0WJcxJE1ffR1eGH-ZajT6N3vIGHu4i-hnswZuEtG0h-Ionfq1KXPSHTJVc_SeMFm&sai=AMfl-YQGqmfHp7tpxln4VmGPoy9MVeX-qD2zIuSOKdHbUdxuSPzWOvReshtWwI8U-HFhU2znJtpoRCPqXm-e&sig=Cg0ArKJSzA8Ssgh6bpgnEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 667A 19 KB
8 KB 28ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 09:20:02 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 667A 2 KB
1 KB 32ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 09:19:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 667A 119 KB
36 KB 24ms
21ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H3 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 667A 68 B
95 B 30ms
17ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 04:38:34 GMT
x-content-type-options: nosniff
age: 276369
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Dec 2022 04:38:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B81 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYE4JQ6u9ikBgbF99R7cwtRJlLC42o5N5L07urO4EqrUHDq-wiNmgr5sfYKaOwP6kiF9m-rmiURfsK2CD0l9-CKXR8hBCtW6vfNldnSbufybIWAhy_2fb7Aa-n2UVw1DNBSO_CUzlv36osFnvur2dAZCv35uinZkobFu3Jy2plAQ0MLpSjYR27vgDeDEyhqKx2ihfQi8xD6YWyJ5QESBam-PvZwiZ_e2h3ZUhEszLzpPPjOxCKNXvbRNGJqb-tY9hbttj4lXgj7u1ThtcN9RIVNIwuVt6Zg_1xALl-Tsawek_TmCFU4UMJ6P6l&sai=AMfl-YTZQcdDsePV6W1SHULl8tlJtvk6fbPB4SUXZ_PvgoQmjdKxVL2MrTN0_JOCUkkF9VbeNZvR5onavBaY&sig=Cg0ArKJSzIdeJGZbgpI1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 8B81 68 B
95 B 30ms
17ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 04:38:34 GMT
x-content-type-options: nosniff
age: 276369
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Dec 2022 04:38:34 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 8B81 19 KB
8 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 09:20:02 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8B81 2 KB
1 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 09:19:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B81 119 KB
36 KB 42ms
41ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8B81 0
0 39ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKFTR-SSzAYyCqTB3sM67uqtLc658XmtgIcQQZoUtuI7uaiQ5NifMJww2n0eE9ccXH0qGk
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0F20 0
0 45ms
44ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu721YTykHxrKZtcZ-AIPUXc9UVU54hdW-usvhGyeDReZ4Mizf1ywW6huj4Z_EZkkG6nTc0HWM-TASx3fOmTXFoIqF-ng9tdbXVzCuBHLn-IQrvRMgrFqb47AlPEa9-3hXZPvCObsojzIF-y_NiH9HumuXQy-axW-XElwxeIr6TaCnhUifLAgmftJiSPNLZnR3XvA8XdpNLig5RZVSNBBVSCmPRq6qWtKZ4v7A4CIKtEBGXgLOXfCtvKWedtKO2yn8wLwa2vpQ_yDVdegSaxlsFyU7FP79JrAGwgV4pGJ884slF9X2yqdycWbIR&sai=AMfl-YSqeOmdGH5Qx4hUPksjjQXgllTLM_NCW58LSoJDuVM5J8eOu9-JsqvTbOKjnj1gIO4-rRZUzivYJrGp&sig=Cg0ArKJSzBN0O_jlnznKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 0F20 19 KB
8 KB 18ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 09:20:02 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0F20 2 KB
1 KB 22ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 09:19:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F20 119 KB
36 KB 39ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H3 200 13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 0F20 3 KB
3 KB 23ms
17ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13503232906761715217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 17:22:20 GMT
x-content-type-options: nosniff
age: 489743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3270
x-xss-protection: 0
last-modified: Wed, 23 May 2018 04:43:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Dec 2022 17:22:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E431 0
0 45ms
43ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTo3PXx_TvA-RnELHYbagjifkG1y2kkCwgzkZAsaXLSCZB17P8f8Uq3I1hNOXw2It31tYBs0fMNIpNXTguJfAK4GhXGgINs9qLnU38AHZfNcXQL_nu-t3T7rYRitR5dshD1KTxr5bS3ARG8XPH8AZDl8CDjr0SIDG3jyCRWBqLjPa4Nil2SSV1SHcHcvs-ah21o0lO5ytUKTFTsw1QEdFzSi7fVGn5JzkpG9xw0WvrUpWHUGfnjcQs0XXnyFnAjc5BJwxc7dWV_T_cdyC0FmO8RvdMvsq7Bl9qfq6XorTLWLUZ3yC4hKJpdaMv&sai=AMfl-YQdZJxuenj0f7O0xVEPj43DsdDy85UpupjcCV6SFnBMLsznFSiOTDzve_s997IMelQICKIGDIYTHKu3&sig=Cg0ArKJSzO3Y5PS9c9q8EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0e5a29226c90c064e2cdc92144f8c525-1639992272

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame E431 68 B
95 B 18ms
16ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 17:01:41 GMT
x-content-type-options: nosniff
age: 490982
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Dec 2022 17:01:41 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame E431 19 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 09:20:02 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E431 2 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 09:19:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E431 119 KB
36 KB 37ms
36ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E431 0
0 35ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTG1PzUF1KQLMsVhgh9NB3-SUqk45y7UnhXVtCfI-YVn4tqD2xJxffqpPhFMQg0oSC_3ns6
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=7197960770900258331
dpm.demdex.net/ Frame CC9D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7197960770900258331

42 B
945 B

43ms
42ms

Image
image/gif

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=7197960770900258331

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v025-0d2174af9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: BfYAdO4nR3w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 09:24:43 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 133c25ff-a9f1-447f-b2d7-5a64b87c8992
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=7197960770900258331
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 6EA1 37 KB
14 KB 30ms
27ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame E5C8 42 B
335 B 39ms
13ms Image
image/gif 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1639992283943&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1639992283942&et=1639992283943&if=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 09:24:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 200 adsct
t.co/i/ Frame 8AAB 43 B
471 B 148ms
127ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&event_id=5da81d4a-78c7-4eee-bcd6-df7f44c5dc7e&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Mon, 20 Dec 2021 09:24:44 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: cdafe3a9bdddbb74af76f7017da3ba8ec167bb3a195321c88f1e64419e6a675f
x-transaction: 2c89a75cda887757
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EF77 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d29a9f955441de42dad0f859870c86cdad416f3aefc9f80028351290c81cd4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 376F 48 KB
14 KB 129ms
61ms Script
application/javascript 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=363924643&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f5-6176-11ec-a725-02c390e9b11a
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4049c618f37b01e113e8b73af62e53f6333afca5faf0e4732cc12169960c10b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
content-encoding: gzip
x-server-name: app21.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
BLOB 200
OK 1f7a3ddd-6bee-464d-acbf-d2231a517818
https://www.heraldsun.com.au/ 218 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/1f7a3ddd-6bee-464d-acbf-d2231a517818
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 218
Content-Type: text/javascript

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 5B1F 37 KB
14 KB 27ms
27ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 09:24:44 GMT

POST
H2 204 bulk Show response
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
101 B 20ms
20ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?tvi2=-2&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211219-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639992284.028035,VS0,VE8
x-served-by: cache-fra19183-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=3720652418440280106
dpm.demdex.net/ Frame CC9D
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3720652418440280106

42 B
945 B

36ms
35ms

Image
image/gif

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=3720652418440280106

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v025-0914fad3c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +QRSTMIiTJc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=3720652418440280106
pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame 2513 42 B
64 B 40ms
18ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1639992283729&cv=9&fst=1639990800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=2552932838&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859754747/ Frame 2513 42 B
548 B 60ms
23ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859754747/?random=1639992283729&cv=9&fst=1639990800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=2552932838&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8B81 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73d13712a6f4c6f1890485198758abc308bfe234611d9e0287bd485c1bda5d2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame CDE0 48 KB
13 KB 54ms
53ms Script
application/javascript 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234143368&pubOrder=305536031&cb=1551662581&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f7-6176-11ec-a725-02c390e9b11a
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fe3e4f40d115ee836888c26dcdd1969d57da4757f81f2e5db0050ffb04ba1d56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EF77 0
0 42ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_s5u1XcsMXeW0_QVeW2O8NCuy3kJAbtTE3yiFO54Z9c7HMNfJnQqNgGShSG-K-ngvNiULbms67UtNpPa7Yk1UjWXaBY-o3GuITfS2gN45u3shoOH54LsMLkLyZ8HUI_WPAmjk4lf6FbEv9w6LtZWe8tKp2nrLpM7rcSkIQcy9G32ARx023fYD4-_XXp1QyWWpHQi_jRrDfCdCbFz9-Ib2vz5GzxCsL6KXKatW9R9Tgz7HBK0juwqBC42zAcmYeyWJ5XswXIdre67oTuP0FP3lfG_t4oxNixxCEtQUz9ReqQNF_zRpK2VC2cBPPns&sai=AMfl-YTJMIK4PdVVDcXBlAWRM39kLXQ6xes534tg8C9bA-jeiq_TSUjRzFIYGsCKrH_c5BsTT3_KbdGBVZEo&sig=Cg0ArKJSzNSunzwyDhRhEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 6EA1 2 KB
1 KB 39ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1639992284079&cv=9&fst=1639992284079&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27f9db5ed312af71388375863ce378a5099743b0565e9875fd9f1edad96f4b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1014
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 667A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 054d4bc3e848ec0e854b3d2d5b82e5e6d66386bf0456187720752a4051dd0d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 2090 48 KB
14 KB 50ms
50ms Script
application/javascript 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=448065051&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f6-6176-11ec-a725-02c390e9b11a
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 002cfcdbb659c0d3d05af44fc42541c032670648aaabb506861529d70c320f8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
content-encoding: gzip
x-server-name: app23.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0F20 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGSe2zy81Rv1UfU28nTxXQXW3QO8XUeQOpYlGxcg1uGHmhF9UbLdpSYyMMnklqQkG6OPOX9UjuuMS6npfmOibD3bZxq11YENRk7Au9TTD_t8Te-bJ5Yru5o2R6EHit9o6Qzdr-RftJgh2q6oejlWzfsEnZ4RNQMjdi8VXaSB-UzfZlpj6OlN98RpdAEhKQzZRgs7nqs2yAlVRrj1USn1D78g5qmSS56bMs-eFuat3NodTBgOIzrI11Rj1oL8FAva0ReNBA70gcfeFYSx9nKb869fqXbSwfgBTNzlXd5jPyO8xAgg9M6BN4exNRQo8&sai=AMfl-YS3IMTD3Fbsq17N7yrvO93LnkFjylr-XJ8ynRXD1fUb3xcCHCG5lId3THQKaS2jfNf1tlnFGHAUXFz_&sig=Cg0ArKJSzCYcAWXsR_NnEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 0F20 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef0aa0ff6ad5c4b1104e1ee1d620f5b235009b4335fa7e23f24fb84028318418

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame CB47 48 KB
14 KB 38ms
38ms Script
application/javascript 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1899090152&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f8-6176-11ec-a725-02c390e9b11a
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 422c569e5bb2ab9a5ae1bc2cf007dd43ea2d80b3938e48d7b0e4596a3922e791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
content-encoding: gzip
x-server-name: app15.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame E431 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 025de2fae11fdee13ec91c4a614dd526f786a10ef532b666154bf91d6c7862c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 854F 48 KB
14 KB 36ms
36ms Script
application/javascript 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=2106239756&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f9-6176-11ec-a725-02c390e9b11a
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4bbaf5079174bd73e36caeaac0144be3f2a673f98e6a4be0d1dc2223bb0bffd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
content-encoding: gzip
x-server-name: app04.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E431 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGYs2kAthF35cCrcF9bKgw-_svBFChaIeEQfXWlzLSvwz4ikx5_Rm1slMmxtbnBp8n6SiBkIGInhdiT0__mT1MQW74LhK2YFm45F26F8JLNAlnN3fYeL22vCrwYD3no8NvC4NbhllMxTdZNjNeO2e4ZGm1MVvU5nqfw09uIMv-7i8enn-e1AkgvYVFh7hThTMaP8bzdY6H55HXkTh7hdiuijnEWFz1IHeiVAIKKhbo3_SVGntCZX46dvYoWHnsnnBypzbfJCEnbPDIhkR6__lB-r0abRM3_NyI1VdAHy5t4s4dJ5x55HB9DfS9OLQ&sai=AMfl-YQKUGVWLrhbB26QThJ0kdKFCjU6i-kBP0XwspSoGiuU3D1hSE2dp7dRdt8CLI94B0QpAhO-rObdPWZs&sig=Cg0ArKJSzCUVHLiNunApEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame CC9D 0
214 B 30ms
7ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=45079665630853389200481573138334814669&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 667A 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSGLhgxr6gmcmlBIe-9fJtMatHnJof83AiXZN_LBsZzbi3ZmZeuUoneSn_g80v0XHtJ230ngZGbO3gLIG6eVOtGGtrwy7d7pIc8SCMY30ZMkBUj1RK72p0khQgJO9u4_aDfzNiQf3Qo-i2YVB3AGy_2i2NYfinSGqNhBT9h4dP1m-vAIWHZ5As-stVbqxjdxPlFv5yACcehbbj4nlFNndPpx95p-peN5XSS7G8TRFN-0YxZ-GiLu0-54QbWZfDvPUeV8JhNKLizFgTC2rpgpsl834G94-XU4hZ1hjJOZHoJ71J6m5eX2aEDIW0S_U&sai=AMfl-YTWcRKcPyVrk6erUanIpNtlddZPm-ErhqmrmyFh7sgnHYxxevKiJiG6HwuAlZX4NtrlMp2sc--oaflR&sig=Cg0ArKJSzAftPWg8902uEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B81 0
0 41ms
40ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3pUHQwBc1QByfTTWZIAh_dVXN9TRBE_mt8Iv8gYR5zn3vht05BfOLmVGlyrOuHAFKq1gC4_7bp3N2hyaBzkjAOz0Z-EiIIDxTQ1k1JjB1UpLjkgTrOya0nm43uzrmlbmiBqCkBgz3DeOiDhnud7HFm1p3Eoqo0F9bWTcPvBkgOUdAe3EK1ekSErsXH-0WeGFJHqO6VZY0oaFl5Q85tP04gp7DYMYrzShnH6iYMO6l600t_gnibHRQRVS6feEeZBniVKQN8mI7eOBZsP6nE9R7fGa5lWI8bj_DbA3P6TOAh1VXBN2rMMb8Ckzfn1k&sai=AMfl-YS00iE_gSgkVTl62eRhLexUqHodH1KIlOpLyRzW4JkCC5RcikO5IwkGoQU3NBd7OoEkCQfnLojgg2bc&sig=Cg0ArKJSzL4qntBpHslkEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 5B1F 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1639992284160&cv=9&fst=1639992284160&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cacc8440f11ef99e638e04a58a19579fe65e1990774d88d020db2ae8db58b892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1012
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 campaigns Show response
resourcesssl.newscdn.com.au/indies/ 3 KB
1 KB 43ms
42ms XHR
application/json 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by: Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash: 4233fb95029f6d4ca239244aff2f6d408577d0fbe9eff15769a361f93b63fdd7

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Dec 2021 09:24:44 GMT
content-encoding: gzip
etag: W/"afd-lyyTMmntRT/5H4FFmZ1XNgeBtAk"
x-powered-by: Express
x-cache-hits: 0
content-length: 818
x-served-by: cache-ams21068-AMS
x-fh-no-setcookie-unroll: true
server: Google Frontend
x-timer: S1639551676.406863,VS0,VE211
x-i: true
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 9bb964ba3388996c08abe0d0c17fa2d3
cache-control: private, max-age=164245
function-execution-id: jb8xx2z063lh
accept-ranges: bytes
x-orig-accept-language: en-US,en;q=0.9
x-country-code: DE
expires: Wed, 22 Dec 2021 07:02:09 GMT

OPTIONS
H2 204 campaigns
resourcesssl.newscdn.com.au/indies/ Frame 0
0 263ms
262ms Preflight
text/html 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-type: text/html
function-execution-id: o9g9vccp81iz
server: Google Frontend
x-cloud-trace-context: e66e102bd69b106c12611b931a5d4b05
x-country-code: DE
x-fh-no-setcookie-unroll: true
x-powered-by: Express
accept-ranges: bytes
x-served-by: cache-ams21033-AMS
x-cache-hits: 0
x-timer: S1639992284.194824,VS0,VE153
cache-control: private, max-age=604756
expires: Mon, 27 Dec 2021 09:24:00 GMT
date: Mon, 20 Dec 2021 09:24:44 GMT
x-i: true

GET
H3 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame 6EA1 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1639992284079&cv=9&fst=1639990800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3020665144&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/707564276/ Frame 6EA1 42 B
64 B 37ms
20ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707564276/?random=1639992284079&cv=9&fst=1639990800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3020665144&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.gr.19.8.273.js Show response
static.adsafeprotected.com/ Frame 376F 187 KB
60 KB 30ms
11ms Script
application/javascript 2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.273.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=363924643&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f5-6176-11ec-a725-02c390e9b11a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:46:22 GMT
content-encoding: gzip
age: 833903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Dec 2021 17:31:00 GMT
server: AmazonS3
etag: W/"dbbed9b42f871ade260381ef78b0cd71"
vary: Accept-Encoding
x-amz-version-id: RbTKyuj_rScIKJ79M7NB4z2hCQfzt2bN
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: C2HYphHOBKbIqs20FplJ8KGn_NM4ILW8rD7omG5yqMaVu6W_PSN_Aw==

GET
H2 200 main.gr.19.8.273.js Show response
static.adsafeprotected.com/ Frame CDE0 187 KB
60 KB 37ms
20ms Script
application/javascript 2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.273.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234143368&pubOrder=305536031&cb=1551662581&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f7-6176-11ec-a725-02c390e9b11a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:46:22 GMT
content-encoding: gzip
age: 833903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Dec 2021 17:31:00 GMT
server: AmazonS3
etag: W/"dbbed9b42f871ade260381ef78b0cd71"
vary: Accept-Encoding
x-amz-version-id: RbTKyuj_rScIKJ79M7NB4z2hCQfzt2bN
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: uC27e96aMq0KACd6r1VS6q7RgJxtEKhLt9lrK2buNROq3qnz11LWRg==

GET
H2 200 main.gr.19.8.273.js Show response
static.adsafeprotected.com/ Frame 2090 187 KB
60 KB 41ms
27ms Script
application/javascript 2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.273.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=448065051&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f6-6176-11ec-a725-02c390e9b11a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:46:22 GMT
content-encoding: gzip
age: 833903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Dec 2021 17:31:00 GMT
server: AmazonS3
etag: W/"dbbed9b42f871ade260381ef78b0cd71"
vary: Accept-Encoding
x-amz-version-id: RbTKyuj_rScIKJ79M7NB4z2hCQfzt2bN
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: eobgLuQlEM9ulLzTZj6-Xf_rJysYC1v7FOqGrPt640EVk4k2__rtcw==

GET
H2 200 main.gr.19.8.273.js Show response
static.adsafeprotected.com/ Frame CB47 187 KB
60 KB 45ms
32ms Script
application/javascript 2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.273.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1899090152&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f8-6176-11ec-a725-02c390e9b11a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:46:22 GMT
content-encoding: gzip
age: 833903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Dec 2021 17:31:00 GMT
server: AmazonS3
etag: W/"dbbed9b42f871ade260381ef78b0cd71"
vary: Accept-Encoding
x-amz-version-id: RbTKyuj_rScIKJ79M7NB4z2hCQfzt2bN
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: Uz8zKxWl5OFPyrkMaVA2MT4rCX7USIJFoLmwyLuOR8bOdHGhgNzjgQ==

GET
H2 200 main.gr.19.8.273.js Show response
static.adsafeprotected.com/ Frame 854F 187 KB
60 KB 47ms
38ms Script
application/javascript 2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.273.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=2106239756&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f9-6176-11ec-a725-02c390e9b11a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:46:22 GMT
content-encoding: gzip
age: 833903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Dec 2021 17:31:00 GMT
server: AmazonS3
etag: W/"dbbed9b42f871ade260381ef78b0cd71"
vary: Accept-Encoding
x-amz-version-id: RbTKyuj_rScIKJ79M7NB4z2hCQfzt2bN
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: hEigqcQzjx9bD_CTJHWS7Qa2wFMey4UQrgO3asxozI0rm6kAEFwLjQ==

GET
H3 200 /
www.google.com/pagead/1p-user-list/820018408/ Frame 5B1F 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/820018408/?random=1639992284160&cv=9&fst=1639990800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=1392007750&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/820018408/ Frame 5B1F 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/820018408/?random=1639992284160&cv=9&fst=1639990800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=1392007750&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame AA8C 80 KB
21 KB 9ms
9ms Script
application/javascript 2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:55:08 GMT
content-encoding: gzip
age: 10592977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: OXstlcYk1jbwoOcZeazE5eBxMKeaDIl3FcI4Ty_L3-hrYM-64OTW2w==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 33ms
33ms Image
image/gif 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=363924643&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f5-6176-11ec-a725-02c390e9b11a&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:6c28da49-9135-e020-9e22-9ede3a3d91c9,c:xklI0z,sl:outOfView,em:true,fr:true,thd:1,mn:app21ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1.KBsRy1,nbld:0,mtim:53,fm:sS7Kuyh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h1%7C1i1%7C1j1%7C1k1,idMap:1g*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:70,oid:aac539a3-6176-11ec-ae57-0aeb40f66fa8,v:19.8.273,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: app28.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame A49F 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:55:08 GMT
content-encoding: gzip
age: 10592977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: g2n4XA-H27zDxLYTn8kpKDj23b2fvEdYiVFOM1PKTpARAXGcMzAUpA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 33ms
33ms Image
image/gif 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234143368&pubOrder=305536031&cb=1551662581&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f7-6176-11ec-a725-02c390e9b11a&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:388f6b1a-ef66-6ca2-2702-dd0d321ae1dc,c:xklI13,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-c56d6bcdd-6qpjf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.9941.1.1,am:i,cc:1274.9941.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1.KBsRy1,nbld:0,mtim:93,fm:sS7Kuyi+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1i*.10507%7C1i1%7C1j1%7C1k1,idMap:1i*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:99,oid:aac69989-6176-11ec-8092-e697ee171823,v:19.8.273,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 pixel_1d572b4c Show response
www.heraldsun.com.au/akam/11/ 0
2 KB 329ms
329ms XHR
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/akam/11/pixel_1d572b4c

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/11/1d572b4c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath: OLD
blaizehappened: true
date: Mon, 20 Dec 2021 09:24:44 GMT
vary: User-Agent
content-type: text/html
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg5: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f11%2fpixel_1d572b4c&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_1d572b4c&session=0e5a29226c90c064e2cdc92144f8c525
x-arrrg4: https://www.heraldsun.com.au/
x-opw: 4
content-length: 0
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEG9sAxXN1B0myjThF8pDbDE&google_cver=1
dpm.demdex.net/ Frame CC9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDUwNzk2NjU2MzA4NTMzODkyMDA0ODE1NzMxMzgzMzQ4MTQ2Njk=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEG9sAxXN1B0myjThF8pDbDE&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

37ms
36ms

Image
image/gif

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEG9sAxXN1B0myjThF8pDbDE&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-0effe6658.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9VDWODs6Qek=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEG9sAxXN1B0myjThF8pDbDE&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 483ms
164ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6c28da49-9135-e020-9e22-9ede3a3d91c9&tv=%7Bc:xklI31,pingTime:-2,time:222,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:178,beZ:179,mfA:231,cmA:233,inA:233,inZ:239,prA:239,prZ:243,si:248,poA:249,poZ:263,cmZ:263,mfZ:263,loA:287,loZ:288,ltA:400,ltZ:400%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:69%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:222,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:69,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B165~0%5D,as:%5B165~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sS7Kuyh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h1%7C1i.10507%7C1i1%7C1j1%7C1k1,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:151,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame B17D 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:55:08 GMT
content-encoding: gzip
age: 10592977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: -p2sQjzyCAE2N2yLVVv298KflGPHUjZ8HZT41s--ZADafi9HxxKhdg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 34ms
34ms Image
image/gif 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=448065051&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f6-6176-11ec-a725-02c390e9b11a&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:6e136bb9-d080-801a-d176-5f86ff89994a,c:xklI3c,sl:outOfView,em:true,fr:true,thd:1,mn:app23ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1.KBsRy1,nbld:0,mtim:222,fm:sS7Kuyl+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1j1%7C1k1,idMap:1h*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:229,oid:aacab820-6176-11ec-a7dd-0ad2739237b2,v:19.8.273,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: app20.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 596ms
302ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=388f6b1a-ef66-6ca2-2702-dd0d321ae1dc&tv=%7Bc:xklI3r,pingTime:-2,time:247,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:104,beZ:105,mfA:196,cmA:197,inA:197,inZ:198,prA:198,prZ:200,si:203,poA:203,poZ:209,cmZ:209,mfZ:209,loA:321,loZ:322,ltA:350,ltZ:350%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:99%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:247,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:99,wc:0.0.1600.1200,ac:1274.9941.1.1,am:i,cc:1274.9941.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B153~0%5D,as:%5B153~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sS7Kuyi+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1i*.10507%7C1i1%7C1j1%7C1k1,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22%5D,sinceFw:146,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 439ms
168ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6e136bb9-d080-801a-d176-5f86ff89994a&tv=%7Bc:xklI3O,pingTime:-2,time:267,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:77,beZ:78,mfA:299,cmA:299,inA:299,inZ:300,prA:300,prZ:303,si:306,poA:306,poZ:315,cmZ:315,mfZ:315,loA:330,loZ:331,ltA:343,ltZ:343%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:229%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:267,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:229,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sS7Kuyl+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1j1%7C1k1,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:36,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame FEA8 80 KB
21 KB 9ms
8ms Script
application/javascript 2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:55:08 GMT
content-encoding: gzip
age: 10592977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: Xn9DR8TQhdfvDeDcJB34RrnUW4qtvxaBvnJNaWTMWq-Lso4Eh2r4GQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 34ms
34ms Image
image/gif 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1899090152&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f8-6176-11ec-a725-02c390e9b11a&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:413a6309-c168-0c1c-d452-5424bd15e579,c:xklI45,sl:outOfView,em:true,fr:true,thd:1,mn:app15ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.11107.10.10,am:i,cc:0.11107.10.10,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1.KBsRy1,nbld:0,mtim:273,fm:sS7Kuyn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k1,idMap:1j*,pl:,rmeas:1,rend:1,renddet:A.qs.tn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:282,oid:aacd5036-6176-11ec-ae0a-0a320acf4edc,v:19.8.273,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: app21.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 034D 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:223f:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:55:08 GMT
content-encoding: gzip
age: 10592977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: oUVEi2mD8AsJs6WSOqfy0vinkJrI2MsRTS5FCGPSgmN4JltWJkSk_Q==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 34ms
34ms Image
image/gif 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=2106239756&custom=homepage&custom3=168400391&adsafe_par&impId=aa6cb9f9-6176-11ec-a725-02c390e9b11a&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:3ce68087-bc19-e341-4d52-9de941caa55c,c:xklI4o,sl:outOfView,em:true,fr:true,thd:1,mn:app04ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.3789.1.1,am:i,cc:800.3789.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1.KBsRy1,nbld:0,mtim:291,fm:sS7Kuyq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j1%7C1j2%7C1k*.10507%7C1k1,idMap:1k*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:298,oid:aacf4c21-6176-11ec-8723-061b2abdf756,v:19.8.273,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: app23.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/interactive-loader/assets/ 1 B
310 B 60ms
59ms Stylesheet
text/css 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/interactive-loader/assets/style.css

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
etag: "34d5848c995803cfd00c2f7f02d807e2069b51ffca60a40f05d2d7229ef13b69"
last-modified: Mon, 13 Dec 2021 06:29:27 GMT
x-timer: S1639377115.123657,VS0,VE1
x-i: true
x-served-by: cache-ams21021-AMS
content-type: text/css; charset=utf-8
cache-control: max-age=189
date: Mon, 20 Dec 2021 09:24:44 GMT
x-cache-hits: 1
accept-ranges: bytes
content-length: 1
expires: Mon, 20 Dec 2021 09:27:53 GMT

GET
H2 200 main.js Show response
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/interactive-loader/assets/ 1 KB
934 B 73ms
73ms Script
text/javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/interactive-loader/assets/main.js

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

1b96347a6b03b970c88f9d66026d7b39f51a1272f8d017254319c84900ab1431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "8ef7556de4b64a5a02d891d51367455f564615465c3272d4ca2fbe6f52ed2c41"
last-modified: Mon, 13 Dec 2021 06:29:27 GMT
x-timer: S1639377115.112912,VS0,VE0
x-i: true
x-served-by: cache-ams21067-AMS
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=762
date: Mon, 20 Dec 2021 09:24:44 GMT
x-cache-hits: 1
accept-ranges: bytes
content-length: 598
expires: Mon, 20 Dec 2021 09:37:26 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=066f7b0a-b8d1-45ae-a60d-520db3c3de29
dpm.demdex.net/ Frame CC9D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=066f7b0a-b8d1-45ae-a60d-520db3c3de29

42 B
945 B

33ms
32ms

Image
image/gif

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=066f7b0a-b8d1-45ae-a60d-520db3c3de29

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-079581838.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Cdlqy4dXQFA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=066f7b0a-b8d1-45ae-a60d-520db3c3de29
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 499ms
301ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=413a6309-c168-0c1c-d452-5424bd15e579&tv=%7Bc:xklI4Y,pingTime:-2,time:338,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:63,beZ:63,mfA:336,cmA:336,inA:336,inZ:337,prA:337,prZ:340,si:345,poA:345,poZ:357,cmZ:357,mfZ:357,loA:379,loZ:380,ltA:400,ltZ:400%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:10,h:10,t:282%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:338,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:282,wc:0.0.1600.1200,ac:0.11107.10.10,am:i,cc:0.11107.10.10,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sS7Kuyn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k.10507%7C1k1,idMap:1j*,rmeas:1,rend:1,renddet:A.qs.tn,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1%5D,sinceFw:55,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 361ms
168ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3ce68087-bc19-e341-4d52-9de941caa55c&tv=%7Bc:xklI53,pingTime:-2,time:339,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:52,beZ:53,mfA:343,cmA:344,inA:344,inZ:345,prA:345,prZ:347,si:350,poA:350,poZ:359,cmZ:359,mfZ:359,loA:382,loZ:384,ltA:391,ltZ:391%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:298%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:339,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:298,wc:0.0.1600.1200,ac:800.3789.1.1,am:i,cc:800.3789.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sS7Kuyn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168%5D,sinceFw:40,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H/1.1 200
OK validate
a.vidora.com/v1/ 0
257 B 330ms
100ms Ping
application/octet-stream 3.219.19.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidora.com/v1/validate?api_key=vidora_client_reports.A8E73214DD4B0739B34885EA8DA2C229
Requested by: Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.219.19.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-19-177.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 20 Dec 2021 09:24:44 GMT
Cache-Control: no-cache
Server: nginx/1.14.0 (Ubuntu)
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Expires: Mon, 20 Dec 2021 09:24:43 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 4487 0
181 B 117ms
41ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

date: Mon, 20 Dec 2021 09:24:44 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 8AAB 31 B
674 B 159ms
121ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&event_id=5da81d4a-78c7-4eee-bcd6-df7f44c5dc7e&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Mon, 20 Dec 2021 09:24:44 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 4e781f9a3b9cab42827b7e702ded65105841aad5dcbdda54b84a61cd765ce63d
x-transaction: ec92c6e3a7ad28ca
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 321ms
168ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6c28da49-9135-e020-9e22-9ede3a3d91c9&tv=%7Bc:xklI5I,time:389,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:389,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:69,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B332~0%5D,as:%5B332~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sS7Kuyh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame DD04 0
182 B 92ms
41ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

date: Mon, 20 Dec 2021 09:24:44 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 289ms
288ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=388f6b1a-ef66-6ca2-2702-dd0d321ae1dc&tv=%7Bc:xklI5N,time:393,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:393,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:99,wc:0.0.1600.1200,ac:1274.9941.1.1,am:i,cc:1274.9941.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B299~0%5D,as:%5B299~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sS7Kuyi+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 288ms
288ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6e136bb9-d080-801a-d176-5f86ff89994a&tv=%7Bc:xklI5O,time:391,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:391,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:229,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B169~0%5D,as:%5B169~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sS7Kuyl+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1k.10507%7C1k1,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 288ms
288ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=413a6309-c168-0c1c-d452-5424bd15e579&tv=%7Bc:xklI5R,time:392,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:392,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:282,wc:0.0.1600.1200,ac:0.11107.10.10,am:i,cc:0.11107.10.10,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B119~0%5D,as:%5B119~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sS7Kuyn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k.10507%7C1k1,idMap:1j*,rmeas:1,rend:1,renddet:A.qs.tn%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 289ms
289ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3ce68087-bc19-e341-4d52-9de941caa55c&tv=%7Bc:xklI5S,time:390,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:390,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:298,wc:0.0.1600.1200,ac:800.3789.1.1,am:i,cc:800.3789.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sS7Kuyn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK lazy-load-index.js Show response
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/adelaidenow/2021/covid-vaccination-status/ 2 KB
2 KB 281ms
280ms Script
application/javascript 52.95.128.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/adelaidenow/2021/covid-vaccination-status/lazy-load-index.js
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/interactive-loader/assets/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.128.174 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 998985503aae3f1f2623359d559b99d7a799af6d593ea91600de6a5d3e93dab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 09:24:45 GMT
Last-Modified: Mon, 13 Dec 2021 05:13:31 GMT
Server: AmazonS3
x-amz-request-id: 3VMDYT5FKCFYGREZ
ETag: "1111ac12505ac228331a4b36e071556d"
Content-Type: application/javascript
x-amz-version-id: fFXw.ZtST7Aw95dV1iU13FcBv1A0B7mr
Accept-Ranges: bytes
Content-Length: 2002
x-amz-id-2: VWO4oiv0+TbrlJzoM4uF8cdmdo2uzdJ7wJI8spGqBgyLAJ1xUEqHITCGSqDizuC3MNWSwMqvf04=

GET
H/1.1

200
OK

ibs:dpid=19566&dpuuid=%s
dpm.demdex.net/ Frame CC9D
Redirect Chain

https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s

42 B
963 B

31ms
31ms

Image
image/gif

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-0f6b030fc.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,303
X-TID: ONosjlsfQ1g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
server: nginx
etag: "60b842b3-cde"
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location: https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
cache-control: max-age=0, no-cache, no-store
content-type: text/html
content-length: 154
expires: Mon, 20 Dec 2021 09:24:44 GMT

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=YcBL3Ikuic8RzQgylPdwlQAA%261203
dpm.demdex.net/ Frame CC9D
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YcBL3Ikuic8RzQgylPdwlQAA%261203

42 B
945 B

33ms
33ms

Image
image/gif

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YcBL3Ikuic8RzQgylPdwlQAA%261203

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v025-0f79a8a00.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: J23ppcTeSJ8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 09:24:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YcBL3Ikuic8RzQgylPdwlQAA%261203
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 264
Expires: Mon, 20 Dec 2021 09:24:44 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 265ms
264ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6c28da49-9135-e020-9e22-9ede3a3d91c9&tv=%7Bc:xklI8M,pingTime:-10,time:579,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639992284743%7C%7Cd5165ff19b45c7e6a7666872c9a8a844%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7Cbc320400ba2812aa9a24f67cd8f45801%7C%7Cc4c6285e77697082cda96820bfced98b%7C%7C39e89cc381d3473e379e0aeffbf14e0c%7C%7C7807cc110531fd76fd49d0895251c71e%7C%7C4b70a5e3251eed9eb5801d683dce0290%7C%7C1629390669%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-efd39f36c7da881d1b96ead858fdc4e5
dpm.demdex.net/ Frame CC9D
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=45079665630853389200481573138334814669&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-efd39f36c7da881d1b96ead858fdc4e5

42 B
945 B

33ms
32ms

Image
image/gif

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-efd39f36c7da881d1b96ead858fdc4e5

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v025-029f80cff.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xYpOxYROTKA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-efd39f36c7da881d1b96ead858fdc4e5
Date: Mon, 20 Dec 2021 09:24:45 GMT
useSecure: true
Server: openresty/1.19.9.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 155ms
155ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=388f6b1a-ef66-6ca2-2702-dd0d321ae1dc&tv=%7Bc:xklIb2,pingTime:-10,time:718,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639992284743%7C%7Cd5165ff19b45c7e6a7666872c9a8a844%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7Cbc320400ba2812aa9a24f67cd8f45801%7C%7Cc4c6285e77697082cda96820bfced98b%7C%7C39e89cc381d3473e379e0aeffbf14e0c%7C%7C7807cc110531fd76fd49d0895251c71e%7C%7C4b70a5e3251eed9eb5801d683dce0290%7C%7C1629390669,sca:%7Bspg:6c28da49-9135-e020-9e22-9ede3a3d91c9%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:44 GMT
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 7ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211219-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 627
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: UVmmKgrr59RLDNkWc9ljQhUFzf/0XaQHRaC5dokKQDMiPs1zGp86+/SIrSiyVtam3fMLXn9IoGU=
x-served-by: cache-fra19183-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1639992285.936266,VS0,VE0
date: Mon, 20 Dec 2021 09:24:44 GMT
vary: Accept-Encoding
x-amz-request-id: DM4HV04AKP3AJ8JZ
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 22
x-cache-hits: 4103

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame CC9D
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=45079665630853389200481573138334814669&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
963 B

31ms
31ms

Image
image/gif

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v025-0d887213d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,303
X-TID: Ca2PM8gQTyA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Mon, 20 Dec 2021 09:24:44 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 / Show response
pips.taboola.com/ 64 B
244 B 30ms
6ms XHR
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: b424bd04b0668764c8f2ad8c34f9ff057625fad945e13c16de0f6af48bceb8c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:44 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19167-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 288ms
93ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=54b570e8-a5c3-43c3-8e8b-8c2a4348349a-tuct8b9d15a&uad=802eec66f2c01a4525463ec59dd2c5aaf95d83470cc395ba3144ad0936ef0d79
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 20 Dec 2021 09:24:45 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 155ms
155ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=413a6309-c168-0c1c-d452-5424bd15e579&tv=%7Bc:xklId4,pingTime:-10,time:839,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639992284743%7C%7Cd5165ff19b45c7e6a7666872c9a8a844%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7Cbc320400ba2812aa9a24f67cd8f45801%7C%7Cc4c6285e77697082cda96820bfced98b%7C%7C39e89cc381d3473e379e0aeffbf14e0c%7C%7C7807cc110531fd76fd49d0895251c71e%7C%7C4b70a5e3251eed9eb5801d683dce0290%7C%7C1629390669,sca:%7Bspg:6c28da49-9135-e020-9e22-9ede3a3d91c9%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 validate
assets.vidora.com/v1/ 0
313 B 276ms
276ms Ping
application/octet-stream 2600:9000:2251:f000:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by: Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f000:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Dec 2021 09:24:45 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: xQgQQMOYsav07mQLUlHg3CS7C_9Z1F6x2C70pr8Q-Z78Tlx5xJ6-gQ==
expires: Mon, 20 Dec 2021 09:24:44 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame CC9D
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=45079665630853389200481573138334814669
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=45079665630853389200481573138334814669

0
338 B

102ms
31ms

Image
text/plain

34.249.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=45079665630853389200481573138334814669
Protocol: H2
Server: 34.249.77.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-77-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=24 t=1639992285
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=45079665630853389200481573138334814669
date: Mon, 20 Dec 2021 09:24:45 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a005-ash-prod.krxd.net

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame CC9D
Redirect Chain

https://tags.bluekai.com/site/43981?id=45079665630853389200481573138334814669&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

42 B
963 B

32ms
32ms

Image
image/gif

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-0d7ff099d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: CZO8GqM/SJ8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Date: Mon, 20 Dec 2021 09:24:45 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 generic1639627219043.js Show response
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 465 KB
86 KB 11ms
10ms Script
application/javascript 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1639627219043.js
Requested by: Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1dd74e4530b1238816cf4bd202ab6cd9cd588e036ed9e679ed04d1e3d02bd241

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: pEjwh7gADm8w037skrBg2q4XvU..RlGs
content-encoding: gzip
etag: "df7ee0b8892d38a5747f50506d535757"
age: 365062
via: 1.1 varnish
x-cache: HIT
content-length: 88104
x-amz-id-2: soj+zfa/iWYlnAvw1WrdQBRRVZTm1Facpqt1mmTzEBqyoyaf2aHVrunzaggEkFpKDAzI8PclYfE=
x-served-by: cache-fra19144-FRA
last-modified: Thu, 16 Dec 2021 04:00:20 GMT
server: AmazonS3
x-timer: S1639992285.179135,VS0,VE0
date: Mon, 20 Dec 2021 09:24:45 GMT
vary: Accept-Encoding
x-amz-request-id: DCQ875VWKS74FRN2
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 24

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 34ms
19ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18adc3f1c8f1d69c87a0710084e2cc598135cfebf8131d43114033c6d9372d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 09:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8561
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 154ms
154ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3ce68087-bc19-e341-4d52-9de941caa55c&tv=%7Bc:xklIfM,pingTime:-10,time:1004,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639992284743%7C%7Cd5165ff19b45c7e6a7666872c9a8a844%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7Cbc320400ba2812aa9a24f67cd8f45801%7C%7Cc4c6285e77697082cda96820bfced98b%7C%7C39e89cc381d3473e379e0aeffbf14e0c%7C%7C7807cc110531fd76fd49d0895251c71e%7C%7C4b70a5e3251eed9eb5801d683dce0290%7C%7C1629390669,sca:%7Bspg:6c28da49-9135-e020-9e22-9ede3a3d91c9%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 ajax-loader.gif
d2n6ofw4o746cn.cloudfront.net/adelaidenow/2020/covid-19/img/ 3 KB
3 KB 49ms
12ms Image
image/gif 2600:9000:223e:f600:1e:9240:9c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n6ofw4o746cn.cloudfront.net/adelaidenow/2020/covid-19/img/ajax-loader.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:f600:1e:9240:9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: vSj6P36RhAthsyW.1bNmHzxUuW8abVDf
via: 1.1 a823be133adad65df6d3bf471a742793.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 00:57:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: "a51c5608d01acf32df728f299767f82b"
x-cache: Hit from cloudfront
content-type: image/gif
date: Mon, 20 Dec 2021 09:24:45 GMT
accept-ranges: bytes
content-length: 3208
x-amz-cf-id: iuDwA7Umt4PZZShzAlcVUNzNBF0F-Lz9D1X4Cxdh7rsBL9vm-vpltg==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 20 Dec 2021 09:24:45 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
317 B 121ms
99ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC45MyBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJwYWdlX3RpdGxlIjogIkhlcmFsZCBTdW4gfCBCcmVha2luZyBOZXdzIGFuZCBIZWFkbGluZXMgZnJvbSBNZWxib3VybmUgYW5kIFZpY3RvcmlhIHwgSGVyYWxkIFN1biIsInBhZ2VfdXJsIjogImh0dHBzOi8vd3d3LmhlcmFsZHN1bi5jb20uYXUvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIwIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2Mzk5OTIyODUyMzYiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE3ZGQ3Mjg1ODJjZGQzLTA3NWVmMDk5ZjZhYTQtOTc4MTUzYy0xZDRjMDAtMTdkZDcyODU4MmQxMmVmIiwiZW52aXJvbWVudCI6ICJwcm9kQXVTeWRuZXkiLCJhY2NvdW50SWQiOiAxMzIyMjIsInVybCI6ICJodHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1LyIsIndlYnNpdGVJZCI6IDEzMjIyNCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZTM4Yy02ZTViLWY1MjktOGUyMi03YmIzLWVmZjctOWU0Zi0yNDE1Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2Mzk5OTIyODUyMzQiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMjE0MCwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDIuMSIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDIuMSIsImhpc3RvcnlfbGVuZ3RoIjogMiwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTYzOTk5MjI4NTIzNiwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2V9Cl19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-blue-kmhw
date: Mon, 20 Dec 2021 09:24:45 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-application-context: application:9090

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3609 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 20 Dec 2021 07:18:14 GMT
expires: Tue, 20 Dec 2022 07:18:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EFDF 783 B
535 B 16ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7540f63899659c27ad2298ff31425ccdd926fc1391b5f7af3b0e26d185a65ed2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ns4N2I2FQKrqDy+XxWDc+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 20 Dec 2021 09:24:45 GMT
date: Mon, 20 Dec 2021 09:24:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ns4N2I2FQKrqDy+XxWDc+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 155ms
154ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6e136bb9-d080-801a-d176-5f86ff89994a&tv=%7Bc:xklIhz,pingTime:-10,time:1120,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639992284743%7C%7Cd5165ff19b45c7e6a7666872c9a8a844%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7Cbc320400ba2812aa9a24f67cd8f45801%7C%7Cc4c6285e77697082cda96820bfced98b%7C%7C39e89cc381d3473e379e0aeffbf14e0c%7C%7C7807cc110531fd76fd49d0895251c71e%7C%7C4b70a5e3251eed9eb5801d683dce0290%7C%7C1629390669,sca:%7Bspg:6c28da49-9135-e020-9e22-9ede3a3d91c9%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC9D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWNCTDJ3QUFBS2ZILVFQNw==

170 B
188 B

31ms
16ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWNCTDJ3QUFBS2ZILVFQNw==

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639992285.322548,VS0,VE0
x-served-by: cache-fra19170-FRA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWNCTDJ3QUFBS2ZILVFQNw==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EFDF 0
0 62ms
47ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2986309183668993&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 3609 35 KB
13 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 13:49:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 13:49:33 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CC9D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YcBL2wAAAKfH-QP7&expires=90

0
239 B

39ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YcBL2wAAAKfH-QP7&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639992285.398957,VS0,VE0
x-served-by: cache-fra19170-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YcBL2wAAAKfH-QP7&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 jsdiagnostic
pixel.adsafeprotected.com/ 43 B
216 B 36ms
34ms Image
image/gif 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:10507&sessionId:e333eb12-61e7-cbd4-ae12-00817394de95&err:responsetime%3A217%26probability%3A10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ 44 B
369 B 33ms
33ms Image
image/gif 54.72.156.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=8mqtjenkw9fv6tvn7yxl0djtgqlts1639992283&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,s8lo04aw7da4i92bm5ofvmunrgzd51639992283&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16399922834347138&c30=bldv,6.0.0.615&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1639992283030&c3=st,c&c64=starttm,1639992284&adid=1639992283030&c58=isLive,false&c59=sesid,&c61=createtm,1639992284&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&c62=sendTime,1639992284&rnd=51027
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.156.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-156-114.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2986309183668993&bg=!vb6lvvrNAAZKWFskSlg7ACkAdvg8WgU9HUBWtpdORBZ_9XpTtSea-SMNVq3y2SlkM93M9aflb5mzRAIAAABeUgAAAApoAQcKAHoPTIoXRd0USYNW06JUGyJhYoRwBZcVSGGkBqkYccpmW5uOoeoiXTb9j9B3IvXW2PGulF4vN3l1AMBAwTARe6HOJReBt_lbmgLA74PyfqsS7E1bt-TAbSNORPT7H0hlt7-sQ30FqRJ7jEJzH_5FAt29WkuJvvFtWJltcZkC_iqRTve1rNS4XGGxQW_bau_49hj4XdiKE_56Jk6dGrSxHEnlKjhhMYn5d-V5suy9JpS1PL55G8xb1Pcz29HHhr9Onv-MFY7xsAOxEF-Q8HJUdDR9Aju4VW03QRl2N5kAIIbShvEv13ri5n25kl83uwSdFClskWSs_rpX6CPFfG4AOp2TweQI8MKR2i-yfAmPE_Y8bz-XPjT3iiH-n5IS8Pf0N9ym9JP-S4sALyLA4CwT2JB0F1o7ScMJjW7YGYeW1U7fh0vhKdWCT5uoBoKjpcKVG_eWdZsnjd-5-zMVEv-swOZGv1tAF-Zd05KE27Ytkh_k0557DB-9lktWcfndUkXf98bBf1VQy7y1BEYlJfG7r_Cv0v6xQmbgGWfr27_OY9Je642G5JFmowAxwJABqabudYGcommNyHzs8sYdPc00YTEFOG-TxmK8DvZL2BRXEcJd-zisdDzPM5MbHGeKK5qhjkVTi_z1SQJNDl7rJvV5ktK48cV8NLUQhjS7Bw9N_YlRpNqwZgnh2bRx0WFiXRx5QGjEim0nf4ONB7R4pLcngUbKrET43WSsw8TxIAx8NfE3wkeKAFqvapwnRdc5PQbcvRY6faW-8iyQi3C7aOlwNEkTPSFnwWMZKC3bnIeGsVVC8hmaDTlH2b7Yrw_Izd7IFrwXFrzx-Vnl9gvsObBm0NNyAFp9JTz262y2U48GAVc3rBsDElhQQXnjURHMMwDMGDFq99aU3DrmysfTU6f96pHBWEiEsK22uhTci11iQ-6OH9KYhN8Hq8mPh6EVmTOP4ANCgEpNUavA44jBy1wGtGXNez_ccCrKh7mFYjJcq0xFNTbL0q8qh-sRBtSNr6Ra3sp_0sk2iN_hDW1XHcTWLZY---FtcX9b3afHprxl3KAs0n2ovA9pPpa4ca-GQZmYwhHL2VeuIiGImoFgmHoA07hiQmVlqi61cW0iOkfZKqvV7Ee_ZS4bJkjLMgonNb_4KjiXEynhMRaQ6nWnxj_UjSVcALQIr2sSwGDaQN4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 154ms
154ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6c28da49-9135-e020-9e22-9ede3a3d91c9&tv=%7Bc:xklIkt,time:1304,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1304,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:69,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1247~0%5D,as:%5B1247~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:271,fm:sS7Kuyh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CC9D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YcBL2wAAAKfH-QP7

43 B
1003 B

33ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YcBL2wAAAKfH-QP7
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 09:24:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 20 Dec 2021 09:24:45 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639992285.499015,VS0,VE0
x-served-by: cache-fra19170-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YcBL2wAAAKfH-QP7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 155ms
154ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6e136bb9-d080-801a-d176-5f86ff89994a&tv=%7Bc:xklIm6,time:1401,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1401,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:229,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1179~0%5D,as:%5B1179~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:160,fm:sS7Kuyl+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1k.10507%7C1k1,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CC9D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YcBL2wAAAKfH-QP7

43 B
1014 B

16ms
16ms

Image
image/gif

185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YcBL2wAAAKfH-QP7

Protocol

HTTP/1.1

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 09:24:45 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dd797ad5-89ee-45c6-9139-d17ee4c9b55c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639992286.601160,VS0,VE0
x-served-by: cache-fra19170-FRA
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YcBL2wAAAKfH-QP7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CC9D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YcBL2wAAAKfH-QP7

43 B
274 B

47ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YcBL2wAAAKfH-QP7
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639992286.700543,VS0,VE0
x-served-by: cache-fra19170-FRA
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YcBL2wAAAKfH-QP7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CC9D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcBL2wAAAKfH-QP7

1 B
546 B

68ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcBL2wAAAKfH-QP7
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 09:24:45 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:574
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639992286.801234,VS0,VE0
x-served-by: cache-fra19170-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcBL2wAAAKfH-QP7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame CC9D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YcBL2wAAAKfH-QP7&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YcBL2wAAAKfH-QP7&img=1&__user_check__=1&sync_id=abe858d5-6176-11ec-820e-1348667f0206

43 B
548 B

18ms
18ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YcBL2wAAAKfH-QP7&img=1&__user_check__=1&sync_id=abe858d5-6176-11ec-820e-1348667f0206
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 09:24:45 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 98
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 20 Dec 2021 09:24:45 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YcBL2wAAAKfH-QP7&img=1&__user_check__=1&sync_id=abe858d5-6176-11ec-820e-1348667f0206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 141
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame CC9D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YcBL2wAAAKfH-QP7&t=2592000&o=0

43 B
1 KB

65ms
46ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YcBL2wAAAKfH-QP7&t=2592000&o=0

Protocol

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 01:24:46 PST
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: ohu7XrXii/kTBMKL7Mgg6qO6YNnWy+cq0/o+7jJlsGwP5qloC0pqFx6np2kTywCreQvA6wuhc+mgch8RaTz7Rg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Mon, 20 Dec 2021 01:24:46 PST

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639992286.002879,VS0,VE0
x-served-by: cache-fra19170-FRA
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YcBL2wAAAKfH-QP7&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame CC9D 43 B
149 B 15ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 20 Dec 2021 09:24:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639992286.103529,VS0,VE9
x-served-by: cache-fra19183-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=461447&dpuuid=RX-fe6e3ae6-e44c-4eca-8ded-b15548a64569-003
dpm.demdex.net/ Frame CC9D
Redirect Chain

https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1639992286249
https://sync.targeting.unrulymedia.com/csync/RX-fe6e3ae6-e44c-4eca-8ded-b15548a64569-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-fe6e3ae6-e44c-4eca-8ded-b15548a64569-003
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-fe6e3ae6-e44c-4eca-8ded-b15548a64569-003

42 B
945 B

34ms
34ms

Image
image/gif

54.194.45.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-fe6e3ae6-e44c-4eca-8ded-b15548a64569-003

Protocol

HTTP/1.1

Server

54.194.45.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-45-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v025-018e0601d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: NFGHN1wQSh0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-fe6e3ae6-e44c-4eca-8ded-b15548a64569-003
date: Mon, 20 Dec 2021 09:24:46 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXfe6e3ae6e44c4eca8dedb15548a64569003
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 155ms
155ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6c28da49-9135-e020-9e22-9ede3a3d91c9&tv=%7Bc:xklJmJ,time:5288,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:69,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5231~0%5D,as:%5B5231~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:157,fm:sS7Kuyh+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:49 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 154ms
154ms Image
image/gif 35.163.200.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6e136bb9-d080-801a-d176-5f86ff89994a&tv=%7Bc:xklJoF,time:5404,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5404,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:229,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5182~0%5D,as:%5B5182~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:157,fm:sS7Kuyl+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1k.10507%7C1k1,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.200.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-200-178.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 09:24:49 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Verdicts & Comments Add Verdict or Comment

293 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heraldsun.com.au/	1969-12-31 23:59:59	Name: n_regis Value: 123456789
.news.com.au/	1970-01-21 01:50:00	Name: nk Value: 0e5a29226c90c064e2cdc92144f8c525
.heraldsun.com.au/	1970-01-21 01:50:00	Name: nk Value: 0e5a29226c90c064e2cdc92144f8c525
www.heraldsun.com.au/	1970-01-19 23:33:14	Name: lux_uid Value: 163999228250750225
.scorecardresearch.com/	1970-01-20 16:50:00	Name: UID Value: 19HEP9CLMIBORBJF4034WWg1639992283
www.heraldsun.com.au/	1970-01-20 08:18:48	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D54b570e8-a5c3-43c3-8e8b-8c2a4348349a-tuct8b9d15a
www.heraldsun.com.au/	1970-01-19 23:33:14	Name: _tb_sess_r Value:
www.heraldsun.com.au/	1970-01-19 23:33:14	Name: _tb_t_ppg Value: https%3A//www.heraldsun.com.au/
.heraldsun.com.au/	1970-01-20 08:18:48	Name: utag_main Value: v_id:017dd7284f6b0078cb9fddb185a403072001d06a00b08$_sn:1$_se:1$_ss:1$_st:1639994082989$ses_id:1639992282989%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/	1970-01-20 08:18:48	Name: nc_eu Value: y
.heraldsun.com.au/	1970-01-19 23:33:14	Name: _ncg_sp_ses.ff50 Value: *
.heraldsun.com.au/	1970-01-20 17:04:24	Name: _ncg_sp_id.ff50 Value: 622d2bf6-abbf-4dfc-9c8c-122b63c84978.1639992283.1.1639992283.1639992283.19bcd6d2-cf82-41ac-96db-e49c473ad9ec
www.heraldsun.com.au/	1970-01-20 09:02:00	Name: _cb_ls Value: 1
www.heraldsun.com.au/	1970-01-20 09:02:00	Name: _cb Value: Doxi92pPZiYD7Ur1Q
www.heraldsun.com.au/	1970-01-20 09:02:00	Name: _chartbeat2 Value: .1639992283163.1639992283163.1.x-v3j4HKrZCXjSL7BqsdHNxogKA.1
www.heraldsun.com.au/	1970-01-19 23:33:14	Name: _cb_svref Value: null
.demdex.net/	1970-01-20 03:52:24	Name: demdex Value: 45079665630853389200481573138334814669
login.newscorpaustralia.com/	1970-01-20 08:19:09	Name: did Value: s%3Av0%3Aaa3e2f40-6176-11ec-81ad-711299c409a6.YcxlQzPQPaagTJ%2BNjmTg8NJFVs7z9CZhbamI%2FxJMgYE
.heraldsun.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
bs.serving-sys.com/	1969-12-31 23:59:59	Name: OT_6630 Value: 1
.serving-sys.com/	1970-01-20 01:42:30	Name: ActivityInfo2 Value: 005amuApC0_004c3mApC0_
.serving-sys.com/	1970-01-20 01:42:30	Name: G4 Value: 0009fM00DN_
.serving-sys.com/	1970-01-20 01:42:30	Name: OT2 Value: 0001DC1pDc
.serving-sys.com/	1970-01-20 01:42:30	Name: u2 Value: aebcaa36-d60c-465f-8507-76bce77815f24EB060
.heraldsun.com.au/	1970-01-20 17:04:24	Name: s_ecid Value: MCMID%7C45055863766684201460479186355854917847
.everesttech.net/	1970-01-20 08:18:48	Name: everest_g_v2 Value: g_surferid~YcBL2wAAAKfH-QP7
.heraldsun.com.au/	1970-01-20 00:16:24	Name: s_nr Value: 1639992283738-New
.doubleclick.net/	1970-01-20 08:54:48	Name: IDE Value: AHWqTUkNLmPK8eCk5z43VhW_nqMwP4UNCrDnmlkXVCb150yRkxwPic_0n_H9hA4ayyQ
.heraldsun.com.au/	1970-01-21 01:50:00	Name: s_gdslv Value: 1639992283739
.heraldsun.com.au/	1970-01-19 23:33:14	Name: s_gdslv_s Value: First%20Visit
.heraldsun.com.au/	1970-01-19 23:33:14	Name: s_ppn Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-20 03:52:24	Name: dpm Value: 45079665630853389200481573138334814669
.heraldsun.com.au/	1970-01-20 17:04:24	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: -637568504%7CMCIDTS%7C18982%7CMCMID%7C45055863766684201460479186355854917847%7CMCAAMLH-1640597083%7C6%7CMCAAMB-1640597083%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-1261913693%7CMCOPTOUT-1639999483s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18989%7CvVersion%7C5.1.1
.adnxs.com/	1970-01-20 01:42:48	Name: uuid2 Value: 7197960770900258331
.heraldsun.com.au/	1970-01-20 01:42:48	Name: _gcl_au Value: 1.1.605102131.1639992284
.imrworldwide.com/	1970-01-20 08:54:48	Name: SSCVER Value: v1
.imrworldwide.com/	1970-01-20 08:54:48	Name: IMRID Value: aaa79f70-6176-11ec-83b4-9f2700ab0497
.linkedin.com/	1970-01-20 00:16:24	Name: UserMatchHistory Value: AQKvJrVUzpwHngAAAX3XKFM46BikdsXAQ6FgsUAo7antdZmHbcHLy_S-4aO-grwkxLkffhCYLiZFRw
.linkedin.com/	1970-01-20 00:16:24	Name: AnalyticsSyncHistory Value: AQIGQYfaCSS6sgAAAX3XKFM4nPb5W_D-2JGoj2115vPnA1E9u0yJaCxGAwt-ddk_NYbr0ilTujuCcphOc2j6Cg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:05:06	Name: bcookie Value: "v=2&f265b495-993e-455c-8d30-4622476eb89b"
.linkedin.com/	1970-01-19 23:34:38	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2597:u=1:x=1:i=1639992283:t=1640078683:v=2:sig=AQFmTR_n_nJV7pAcUz_TlcoHZZZJXXGn"
.mookie1.com/	1970-01-20 09:02:00	Name: id Value: 10527586342466681425
.mookie1.com/	1970-01-20 09:02:00	Name: mdata Value: 1\|10527586342466681425\|1639992283921
.mookie1.com/	1970-01-20 09:02:00	Name: ov Value: fff1d7f7f1806ba18448b827f91242eb
www.heraldsun.com.au/	1970-01-20 01:00:48	Name: vidoraUserId Value: 98jbi6poe3r951j7vlu0rjoqbpv7p8
.adsrvr.org/	1970-01-20 08:18:48	Name: TDID Value: 066f7b0a-b8d1-45ae-a60d-520db3c3de29
.turn.com/	1970-01-20 03:52:24	Name: uid Value: 3720652418440280106
.adsrvr.org/	1970-01-20 08:18:48	Name: TDCPM Value: CAESEgoDYWFtEgsI-J_F-ZLpoToQBRgFIAEoAjILCMTplKap6aE6EAU4AQ..
www.heraldsun.com.au/	1970-01-19 23:43:17	Name: AWSALB Value: LmPWfSRS3t3AJNEf1NLdGc+ed2/+Umm2gn82v/bMa52RxAyr8F73Nxjgbjvo5x0G8cSQBnlfe9PFEyy4gu9j6kLf1OwH0l6p7TQ4aTnlPVI3uQ60FbjfFT62VJCh
.heraldsun.com.au/	1970-01-19 23:33:19	Name: ak_bmsc Value: 4DB3C3B811CEF32488B533BE08E875F8~000000000000000000000000000000~YAAQd7oQAvv/zs59AQAACFYo1w7tBxiVtWdbzwgdf7avBoOX/rnvK/MKFLP39jxyyfHNmx7p2p8WQOTVaplSOEHopp02mnvW9252ZHveATqd56IAHcM0InJTC4mOZVreNVd8n2GK0WI1ECah8X8KyxIB+OISl4Q+9vjqboBmnLQwSzWU4qTuhQXRLepRSpedXMVxAk7yF/9v2OT5KQTZ8kXM7hmyogYdsrZ9Fe+9uPRe4P1eccswjbWHGIdqEUO7odAohk75HJCXDX79C+uFAowcWkFi+WwQoSdN2GtaDerQ+LSpDDX0xMoarpMtE9IjrQgTU7co55c1R44StaGThc58Deh6QbvYP/JkVslstqJzw9vANQpu/Mt58QzzrVAd4DDH/3O+quiNm9zxTQ3PcTxoXMFbnjYP6G4zcPd1X26zlHM6dKCiD4YVssohkRLsiHS6nTu668JaRvB7/cDPO2L8EvL6kVmgt/3STcSnPanGz9uPq6kX2nPzgGwNO4sR
www.heraldsun.com.au/	1970-01-19 23:43:17	Name: AWSALBCORS Value: LmPWfSRS3t3AJNEf1NLdGc+ed2/+Umm2gn82v/bMa52RxAyr8F73Nxjgbjvo5x0G8cSQBnlfe9PFEyy4gu9j6kLf1OwH0l6p7TQ4aTnlPVI3uQ60FbjfFT62VJCh
.twitter.com/	1970-01-20 17:04:24	Name: personalization_id Value: "v1_BE2LKQtvKz/d67rpfaSA+Q=="
.casalemedia.com/	1970-01-20 08:18:48	Name: CMID Value: YcBL3Ikuic8RzQgylPdwlQAA
.casalemedia.com/	1970-01-20 01:42:48	Name: CMPS Value: 5229
.casalemedia.com/	1970-01-20 01:42:48	Name: CMPRO Value: 1203
.eyeota.net/	1970-01-19 23:33:12	Name: SERVERID Value: 17558~DM
.scanscout.com/	1970-01-20 08:18:48	Name: uid Value: CI-efd39f36c7da881d1b96ead858fdc4e5
.scanscout.com/	1970-01-20 08:18:48	Name: UIAA Value: 45079665630853389200481573138334814669
.scanscout.com/	1970-01-20 08:18:48	Name: UIXX_UPDT Value: "UIAA=1639992285087"
.heraldsun.com.au/	1969-12-31 23:59:59	Name: tp Value: 11805
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: hs%257Chome%257Chomepage%257Chomepage%2C10%2C10%2C1200
www.heraldsun.com.au/	1970-01-20 08:18:48	Name: mdLogger Value: false
www.heraldsun.com.au/	1970-01-20 08:18:48	Name: kampyle_userid Value: e38c-6e5b-f529-8e22-7bb3-eff7-9e4f-2415
www.heraldsun.com.au/	1970-01-20 08:18:48	Name: kampyleUserSession Value: 1639992285234
www.heraldsun.com.au/	1970-01-20 08:18:48	Name: kampyleUserSessionsCount Value: 1
www.heraldsun.com.au/	1970-01-20 08:18:48	Name: kampyleSessionPageCounter Value: 1
www.heraldsun.com.au/	1970-01-20 08:18:48	Name: kampyleUserPercentile Value: 57.07727390765478
.krxd.net/	1970-01-20 03:52:24	Name: _kuid_ Value: OjT7SIhB
.casalemedia.com/	1970-01-20 08:18:48	Name: CMRUM3 Value: 5861c04bdd2760YcBL2wAAAKfH-QP7
.casalemedia.com/	1970-01-19 23:34:38	Name: CMST Value: YcBL3GHAS90A
.adnxs.com/	1970-01-20 01:42:48	Name: anj Value: dTM7k!M4.FErk#WF']wIg2GU'MJF2[!A#Fi.TOK_Dm7hk)YQ)v_FPBLa^KuuKJJ?+D#Bk)m@FtMGdD0[%p[s>9@q*s6whQr_+kv@.]T.OX_#tNd$SMpo?$R6
.pubmatic.com/	1970-01-20 01:42:48	Name: KRTBCOOKIE_218 Value: 4056-YcBL2wAAAKfH-QP7&KRTB&22978-YcBL2wAAAKfH-QP7&KRTB&23194-YcBL2wAAAKfH-QP7&KRTB&23209-YcBL2wAAAKfH-QP7
.pubmatic.com/	1970-01-20 00:16:24	Name: PugT Value: 1639992285
.pubmatic.com/	1970-01-20 01:42:48	Name: PUBMDCID Value: 3
.spotxchange.com/	1970-01-20 08:18:52	Name: audience Value: abe858a1-6176-11ec-820e-1348667f0206
.demdex.net/	1970-01-20 03:52:24	Name: dextp Value: 358-1-1639992283878\|470-1-1639992284029\|481-1-1639992284147\|771-1-1639992284371\|903-1-1639992284506\|19566-1-1639992284609\|23728-1-1639992284735\|30432-1-1639992284837\|30064-1-1639992284938\|66757-1-1639992285039\|134096-1-1639992285140\|144230-1-1639992285291\|144231-1-1639992285394\|144232-1-1639992285495\|144233-1-1639992285596\|144234-1-1639992285696\|144235-1-1639992285797\|144236-1-1639992285898\|144237-1-1639992285999\|147592-1-1639992286099\|461447-1-1639992286200
.1rx.io/	1970-01-20 08:18:48	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fe6e3ae6-e44c-4eca-8ded-b15548a64569-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 08:18:48	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fe6e3ae6-e44c-4eca-8ded-b15548a64569-003%22%7D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=93516864411.30913? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=93516864411.30913?(Line 145) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=93516864411.30913?(Line 145) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1639992283823%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue Message: Failed to load resource: the server responded with a status of 429 ()
javascript	warning	URL: https://www.heraldsun.com.au/ Message: The resource https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
8mqtjenkw9fv6tvn7yxl0djtgqlts1639992283.nuid.imrworldwide.com
a.vidora.com
a8cb653677ecb1267e1d5f55ad274e54.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
am-trc-events.taboola.com
analytics.twitter.com
assets-tracking.crazyegg.com
assets.vidora.com
ats.rlcdn.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
beacon.krxd.net
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
d.turn.com
d2n6ofw4o746cn.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
edition.pagesuite.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
match.adsrvr.org
metrics.heraldsun.com.au
mhr.talk.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
ping.chartbeat.net
pips.taboola.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
resourcesssl.newscdn.com.au
sb.scorecardresearch.com
script.crazyegg.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
t.co
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
tracking.crazyegg.com
trc.taboola.com
ts2020-indies-client.web.app
udc-neb.kampyle.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.linkedin.com
104.111.215.191
104.111.230.77
104.244.42.67
104.244.42.69
104.75.88.194
104.75.88.206
13.32.99.23
13.32.99.34
13.32.99.93
141.226.224.32
141.226.228.48
142.250.184.230
142.250.185.130
142.250.186.34
142.250.186.98
15.236.176.210
151.101.1.181
151.101.12.157
151.101.129.175
151.101.2.217
151.101.65.108
151.101.65.44
151.101.66.49
18.66.122.57
18.66.96.113
185.33.220.216
185.33.221.87
185.64.189.110
185.94.180.126
199.127.207.191
2.18.233.169
2.18.233.180
2.18.233.28
2.18.234.21
213.19.147.45
23.55.161.180
2600:9000:223c:4200:18:1fcd:34f:cdc1
2600:9000:223e:d400:1f:1414:da40:93a1
2600:9000:223e:f600:1e:9240:9c0:21
2600:9000:223f:3200:8:48e:53c0:93a1
2600:9000:223f:6c00:1d:667e:2a40:93a1
2600:9000:2251:f000:4:77d:a0c0:93a1
2600:9000:236e:800:2:42d9:3100:93a1
2606:4700:3037::6815:4e07
2606:4700::6813:9408
2620:0:890::100
2620:112:f006:bbbb::16
2620:1ec:21::14
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2004
2a02:26f0:6c00::210:ba20
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::300
2a04:fa87:fffd::c000:42d0
3.122.214.165
3.219.19.177
3.33.220.150
34.232.240.103
34.248.191.66
34.249.212.247
34.249.77.25
34.250.155.46
34.98.64.218
35.163.200.178
35.227.202.26
35.241.45.82
35.71.131.137
52.21.188.91
52.222.214.55
52.222.236.129
52.28.248.40
52.95.128.174
54.194.45.85
54.72.156.114
69.173.144.139
69.173.144.165
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
002cfcdbb659c0d3d05af44fc42541c032670648aaabb506861529d70c320f8a
00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f
01b7c7a8df5b11bf567f89ec0f2efecc702ecfba83cc34a223f3d3ec12affee6
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0225664895447c49efce36499596557cddfad2a80913acc5f648b8c54cafeeca
025de2fae11fdee13ec91c4a614dd526f786a10ef532b666154bf91d6c7862c6
037c6ba68e340c8f9bc7ce2f2070da3ed3f01a0dc3c426fb105a3c73b13b28b1
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
054d4bc3e848ec0e854b3d2d5b82e5e6d66386bf0456187720752a4051dd0d79
061fc4b950f18d9655cb0cf4f2eb727bb779cd5ab9c250240694faa43fe1d464
07d41c1631de9e00ae154319eaa44dfcff558e41f32dbf2191c76248b558d589
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
09fa098c324e40c3bca3be65863d5768aba847b029e3bc1711b8b391c74b72c3
0a2bc7d88d2a9a0862d462eeef85241981446bd5a2ee27a3ad3b8b0c4676a3c8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
13fe4a7b374c4d71d3455837d0a4d496b2f02c7447200dc4250ef8aa6c827e36
18adc3f1c8f1d69c87a0710084e2cc598135cfebf8131d43114033c6d9372d40
18ce848868d27ccd09f0701a569852b17a05608a24acde0f4883c82f3405ff74
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1b96347a6b03b970c88f9d66026d7b39f51a1272f8d017254319c84900ab1431
1d09498d082b381c57dda251260cef7705d68b9321e4e5c5a8eee6bc98d58799
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1d91e1f1004c910402c81c62dc28a79609f7381f6f8e5fd5118c0a08ff40a96a
1dd74e4530b1238816cf4bd202ab6cd9cd588e036ed9e679ed04d1e3d02bd241
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
244501c614c821bb9cf25b63449f508ae760c4da91e9a2bf3a7992e89f69ebad
27f9db5ed312af71388375863ce378a5099743b0565e9875fd9f1edad96f4b16
28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
3357e0ff5e267f686f3a3f12c8fba0423d0792bb86884520c6eaecf9adeca534
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
375eb1402faeaba7978d6f984b0e89473fa190562c591b7097c2b782645123e6
3a4dee8e2cad1c820f3b4b97f62dddc491ea2274483947b4878b33354334a4b6
3a794323056095d4ae3d4bccb01fdb689b186c5343f70248d41e61e951cf72fb
3ae479c769d63000346f80d17ae8c80858a21d1c1df616be9407527ad0bebcce
3cbf419fa8bfbec8332afd3d2878b3223ece9fcb468cdeaaa19c339ab84c50d9
3d8a8b824d6a916de90d7128df04d944aa878e4502a510cf2feabc2e79819d80
4049c618f37b01e113e8b73af62e53f6333afca5faf0e4732cc12169960c10b3
40a787b8c9f633d795ab50c5a4c23c8847f80c1994d99893cfacc49da7215932
422c569e5bb2ab9a5ae1bc2cf007dd43ea2d80b3938e48d7b0e4596a3922e791
4233fb95029f6d4ca239244aff2f6d408577d0fbe9eff15769a361f93b63fdd7
4768c9c09426579117c9cc397f7bffc83c22b7ebe652b2fa492496ae8b680ab2
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbaf5079174bd73e36caeaac0144be3f2a673f98e6a4be0d1dc2223bb0bffd1
4d29a9f955441de42dad0f859870c86cdad416f3aefc9f80028351290c81cd4c
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52e0417217c73b5bc0bd83ddc5767018e44361f8ee994d3c0e5ddd5c7f1e404a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a762e207c9f21df44f682fd4d5eb327561cdd40354836398ced15a2b2d2c04e
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fd05db110d59931dbd05c4f06b4bf7de312d7eaf07ca8f375482edfaf7cc971
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
6196d0db71e13bd6083b233f37f748c37466389cc9937b404cb0036d0496977d
619b9a80dc03dd254a74bdbe5088341a6c02a3e80106d4fa96bdbc1595d94ca2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
648ec2b396a0c4da175310adbc6dad147e4db4b7f529baed78d130e2185eff55
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
69965a279d0d284d914bc0d5575afe131f6e157af594761e2eb71eef648a73e4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
70724231c97d52c5ad88dc4507160dc721c1550b42f9318f6c6f4e4d4477c942
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
73d13712a6f4c6f1890485198758abc308bfe234611d9e0287bd485c1bda5d2c
7540f63899659c27ad2298ff31425ccdd926fc1391b5f7af3b0e26d185a65ed2
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
75c458b79f1e763ecf2d91662b17d71ec65552f8086e8f5760494c9382000592
77b3d451d95d7e97f94f7a951b865a75829d24836c9a75294791abf22b7e37dd
78f88f00250817df6b8978aefad7d488d48ce650af676a88a2a0db6dedde43ee
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7da316d874739aaca53d683fcc932e92090aff6e5925bd17f7e1e345be18a25c
7f27629c3d695f6e831f2e2a1fd845c27e4e14dda7f18968f41d11b7cc9e4e79
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82d8f9e43991ed1ad3e24a47253db1aee093d6fb43c185f1f4e19a5d00fb423c
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
851688d85f7a4451cc946d3ee4834e88291612d91f3b483ee816224ca11d0c5f
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8d549964452d445140f42ab9eb3e8b73fab8ea6d9d0419d708ef32e289a16153
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
91c7d0e8937476b94df3a31a54c2a569f950fa68bff2739c692407229655d484
960af9323fa76650d46b804fbfa88e43aeaf48ed334722a730ec3ba69121535c
96f69f9e35360e8ab43d62ab58c2b7ead48720d94ef4a7dea4af80a64a6b1535
998985503aae3f1f2623359d559b99d7a799af6d593ea91600de6a5d3e93dab2
9d246e7b7756e159c05299474a730969fd358bd2499e1c57bf54e3e52022084f
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e189d148233b54987426726b6131b672fe63811a8eb9e09e584bfb4cd741469
9e7f98b52a6b5e91548c668c8b7d00ef34866c1dacfec1250b7eecc01f8a6192
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a1f40a2fd70e16fac6728f64fd507a59b25ce6249a744ba90bf739843ce8c64e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9788e6d2c4b88ebf92572a8cae613d13ca16b49b720b210e755fee3ce245db0
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aaef88c5ef277089f0e2f4c035e84128f736d1fb569f2dbd420404c268e56625
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027
b424bd04b0668764c8f2ad8c34f9ff057625fad945e13c16de0f6af48bceb8c4
b51682aed5b828e21c44f642b6e16ee4484e645a35a3400e7ce2dab44d25b993
b6610df5e9c8e4008b9bec141a2c24f11d1d52052afe5a9196f1fbf6bb3bced5
ba04f154e2b74c512b41b55149c79530f5f77342e5141c10c8aed0f33f29a89c
beeda9a17b4eee343f7ec43d45f3046b4133b8eea4b23ea0667d206c1d5f7d36
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637
c0c37303cd0b175182eb856313a052865f06393a3d9659147af641c628d03dfb
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c
c2ab5ebff680dd94f0f5a854ea4c37e42d220eed57e18bea51b7f10a764b3ea7
c33d204609950d7776b0cf914918e1639cda7484e9b4d30cc0f36552dd2a797c
c5d28eb33550c89561373b8883dbb7c74fa10be117cc0d8addfcc9e5fb882da3
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
cacc8440f11ef99e638e04a58a19579fe65e1990774d88d020db2ae8db58b892
cdad757288989b4ecde53c052f7f69e9a04946bee20959a1ee29614545586b99
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03c884b8d4766d0b2639feef65acf36b86e32451fa9406130eb5ee961708307
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
de76627742edb6cb84a5f297d60d8d6576b8f1721e9402f6073dd367bb5b4eb1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e6aa24d28e49875e742ba7ed22eab98f6d2281073b9ba23fc58bacabb2d01a65
e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772
e9a62338d47a1f9091f10180ed4905ac0a0098e808e762e781637c9c01d7097e
eba5c91114f8eacd1a3fed038c00d5ba52a5618ef99e9cd8b266d4b986a2b8b5
ec07c4632ddfe69333f0e8cc4eafeb61df6886b528e264c9c244d4ff74708298
ed6941cd34f5d592588be86a3cfbe71efbae34586496f4641406d909817a1934
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef0aa0ff6ad5c4b1104e1ee1d620f5b235009b4335fa7e23f24fb84028318418
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9fbe28596f2f02eb9519f8ade33d34ea892eff75b22cb2df3cec7621abf4eb
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f11311a0c8bd8b60421e3278c2af6945e5259b36306a04f20dd638de12225cb6
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f81d52ffecd274480f02739f237da84180862543d33badf7157cd5415611bcd0
fe3e4f40d115ee836888c26dcdd1969d57da4757f81f2e5db0050ffb04ba1d56
fe45023a36895237f316ca35fe8421859224dd3a75f070aab4c01b7ec5407c57
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.heraldsun.com.au Open in urlscan Pro 2.18.233.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

269 Requests

90 %HTTPS

31 %IPv6

56 Domains

95 Subdomains

75 IPs

7 Countries

3032 kBTransfer

8493 kBSize

80 Cookies

60 Outgoing links

Page URL History

Redirected requests

269 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Screenshot
Live screenshot

Full Image

269
Requests

90 %
HTTPS

31 %
IPv6

56
Domains

95
Subdomains

75
IPs

7
Countries

3032 kB
Transfer

8493 kB
Size

80
Cookies

269 HTTP transactions
7 data transactions