Submitted URL: http://theherald.com.au/
Effective URL: https://www.theherald.com.au/
Submission: On May 16 via api from DE

Summary

This website contacted 42 IPs in 8 countries across 31 domains to perform 93 HTTP transactions. The main IP is 2.16.181.224, located in Ascension Island and belongs to AKAMAI-ASN1, US. The main domain is www.theherald.com.au.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 15th 2019. Valid for: 3 months.
This is the only time www.theherald.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.32.222.45 16509 (AMAZON-02)
1 1 2.16.181.216 20940 (AKAMAI-ASN1)
1 2.16.181.224 20940 (AKAMAI-ASN1)
17 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 138.201.44.14 24940 (HETZNER-AS)
1 104.248.100.80 14061 (DIGITALOC...)
3 52.65.63.14 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 138.201.44.8 24940 (HETZNER-AS)
2 136.243.230.112 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 138.201.138.163 24940 (HETZNER-AS)
5 2a00:1450:400... 15169 (GOOGLE)
3 151.101.0.175 54113 (FASTLY)
1 2.18.234.21 16625 (AKAMAI-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 52.51.227.120 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 147.75.33.239 54825 (PACKET)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 172.217.22.34 15169 (GOOGLE)
1 2 107.178.250.234 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 147.75.32.173 54825 (PACKET)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.0.120.255 14618 (AMAZON-AES)
2 54.172.174.181 14618 (AMAZON-AES)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 1 104.18.74.113 13335 (CLOUDFLAR...)
5 104.18.72.113 13335 (CLOUDFLAR...)
1 2600:9000:20b... 16509 (AMAZON-02)
1 176.34.240.242 16509 (AMAZON-02)
1 1 34.248.179.93 16509 (AMAZON-02)
6 2600:9000:20b... 16509 (AMAZON-02)
4 95.216.24.148 24940 (HETZNER-AS)
1 107.23.115.104 14618 (AMAZON-AES)
1 2 2600:9000:20b... 16509 (AMAZON-02)
2 2600:9000:20b... 16509 (AMAZON-02)
3 104.16.52.111 13335 (CLOUDFLAR...)
1 52.211.170.118 16509 (AMAZON-02)
93 42
Apex Domain
Subdomains
Transfer
17 akamaihd.net
nnstatic-a.akamaihd.net
678 KB
10 imrworldwide.com
secure-au.imrworldwide.com
cdn-gl.imrworldwide.com
secure-gl.imrworldwide.com
secure-dcr.imrworldwide.com
66 KB
7 zdassets.com
static.zdassets.com
ekr.zdassets.com
502 KB
5 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
82 KB
5 google-analytics.com
www.google-analytics.com
46 KB
5 fairfaxstatic.com.au
www.fairfaxstatic.com.au
89 KB
5 onthe.io
cdn.onthe.io
tt.onthe.io
16 KB
4 zendesk.com
assets.zendesk.com
newcastleherald.zendesk.com
3 KB
4 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
39 KB
4 krxd.net
cdn.krxd.net
consumer.krxd.net
beacon.krxd.net
86 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
89 KB
3 piano.io
cdn-au.piano.io
buy-au.piano.io
id-au.piano.io
116 KB
3 fairfaxregional.com.au
sochi.fairfaxregional.com.au
cdn.fairfaxregional.com.au
145 KB
3 optimizely.com
cdn.optimizely.com
errors.client.optimizely.com
113 KB
3 theherald.com.au
theherald.com.au
www.theherald.com.au
241 KB
2 google.com
adservice.google.com
www.google.com
364 B
2 google.de
adservice.google.de
www.google.de
282 B
2 gstatic.com
fonts.gstatic.com
18 KB
2 by217.com
by217.com
708 B
1 chartbeat.net
ping.chartbeat.net
168 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 npttech.com
www.npttech.com
3 KB
1 googlesyndication.com
tpc.googlesyndication.com
1 googletagservices.com
www.googletagservices.com
10 KB
1 adsrvr.org
match.adsrvr.org
531 B
1 indexww.com
js-sec.indexww.com
27 KB
1 oriel.io
advertising.oriel.io
348 B
1 hm732.com
hm732.com
348 B
1 googletagmanager.com
www.googletagmanager.com
37 KB
1 googleapis.com
fonts.googleapis.com
713 B
1 b823s.com
b823s.com
10 KB
93 31
Domain Requested by
17 nnstatic-a.akamaihd.net www.theherald.com.au
6 cdn-gl.imrworldwide.com www.theherald.com.au
cdn-gl.imrworldwide.com
5 static.zdassets.com static.zdassets.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.theherald.com.au
5 www.fairfaxstatic.com.au www.theherald.com.au
4 tt.onthe.io cdn.onthe.io
3 newcastleherald.zendesk.com static.zdassets.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 ekr.zdassets.com static.zdassets.com
2 secure-gl.imrworldwide.com 1 redirects
2 errors.client.optimizely.com cdn.optimizely.com
2 www.i.matheranalytics.com www.theherald.com.au
2 js.matheranalytics.com 1 redirects www.theherald.com.au
2 stats.g.doubleclick.net 1 redirects www.theherald.com.au
2 cdn.krxd.net www.theherald.com.au
cdn.krxd.net
2 fonts.gstatic.com b823s.com
www.theherald.com.au
2 by217.com www.theherald.com.au
2 cdn.fairfaxregional.com.au www.theherald.com.au
2 www.theherald.com.au 1 redirects
1 secure-dcr.imrworldwide.com
1 ping.chartbeat.net
1 secure-au.imrworldwide.com 1 redirects
1 beacon.krxd.net cdn.krxd.net
1 static.chartbeat.com www.theherald.com.au
1 assets.zendesk.com 1 redirects
1 www.npttech.com nnstatic-a.akamaihd.net
1 id-au.piano.io cdn-au.piano.io
1 buy-au.piano.io cdn-au.piano.io
1 consumer.krxd.net cdn.krxd.net
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 vars.hotjar.com static.hotjar.com
1 www.google.de www.theherald.com.au
1 www.google.com 1 redirects
1 script.hotjar.com static.hotjar.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 static.hotjar.com www.theherald.com.au
1 cdn-au.piano.io nnstatic-a.akamaihd.net
1 www.googletagservices.com www.theherald.com.au
1 match.adsrvr.org js-sec.indexww.com
1 js-sec.indexww.com www.googletagmanager.com
1 advertising.oriel.io b823s.com
1 hm732.com b823s.com
1 www.googletagmanager.com www.theherald.com.au
1 fonts.googleapis.com www.theherald.com.au
1 sochi.fairfaxregional.com.au www.theherald.com.au
1 cdn.onthe.io www.theherald.com.au
1 b823s.com www.theherald.com.au
1 cdn.optimizely.com www.theherald.com.au
1 theherald.com.au 1 redirects
93 50
Subject Issuer Validity Valid
fairfaxregional.com.au
Let's Encrypt Authority X3
2019-04-15 -
2019-07-14
3 months crt.sh
a248.e.akamai.net
DigiCert ECC Secure Server CA
2018-10-18 -
2019-10-18
a year crt.sh
cdn.optimizely.com
DigiCert ECC Secure Server CA
2018-11-24 -
2020-02-23
a year crt.sh
b823s.com
Let's Encrypt Authority X3
2019-02-20 -
2019-05-21
3 months crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA
2019-03-04 -
2020-05-02
a year crt.sh
*.prod.newsnow.io
Amazon
2018-11-05 -
2019-12-05
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
fairfaxmedia.com.au
DigiCert SHA2 Secure Server CA
2019-02-25 -
2020-02-25
a year crt.sh
hm732.com
Let's Encrypt Authority X3
2019-02-20 -
2019-05-21
3 months crt.sh
by217.com
Let's Encrypt Authority X3
2019-02-20 -
2019-05-21
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
*.oriel.io
RapidSSL RSA CA 2018
2018-08-24 -
2019-10-23
a year crt.sh
*.c.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-03-29 -
2019-09-27
6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2019-05-08 -
2020-03-09
10 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
ssl714310.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-02-19 -
2019-08-28
6 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3
2019-04-09 -
2019-07-08
3 months crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA
2019-04-04 -
2021-04-03
2 years crt.sh
script.hotjar.com
Let's Encrypt Authority X3
2019-04-09 -
2019-07-08
3 months crt.sh
www.google.de
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3
2019-04-09 -
2019-07-08
3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
www.i.matheranalytics.com
COMODO RSA Domain Validation Secure Server CA
2017-12-10 -
2020-02-08
2 years crt.sh
errors.client.optimizely.com
DigiCert SHA2 High Assurance Server CA
2018-09-24 -
2020-09-28
2 years crt.sh
sni101653.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-05-04 -
2019-11-10
6 months crt.sh
*.zdassets.com
COMODO RSA Domain Validation Secure Server CA
2017-09-14 -
2020-09-13
3 years crt.sh
*.chartbeat.com
Gandi Standard SSL CA 2
2019-04-10 -
2020-04-10
a year crt.sh
*.krxd.net
Go Daddy Secure Certificate Authority - G2
2017-06-12 -
2019-07-11
2 years crt.sh
*.imrworldwide.com
DigiCert SHA2 Secure Server CA
2019-02-25 -
2020-02-25
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2018-12-20 -
2020-01-01
a year crt.sh
newcastleherald.zendesk.com
CloudFlare Inc ECC CA-2
2018-09-20 -
2019-09-20
a year crt.sh

This page contains 5 frames:

Primary Page: https://www.theherald.com.au/
Frame ID: BD8C9F6750E81F4B7607FC802C1470A7
Requests: 96 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 7A4B6020C631A1D243E343F18D2ADE5F
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: F5D41BC205FFBF2D6B63C2F2C0476081
Requests: 3 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 34AFA7EAAD72CE8C6B76CEFD8049FC4C
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/runtime.fa28037f158c4c49acea.js
Frame ID: C0EFCA3D249825D325AE7E01A389864C
Requests: 7 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://theherald.com.au/ HTTP 301
    http://www.theherald.com.au/ HTTP 301
    https://www.theherald.com.au/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • env /^Handlebars$/i

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • env /^_sf_(?:endpt|async_config)$/i

Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • env /^Modernizr$/i

Overall confidence: 100%
Detected patterns
  • env /^moment$/i

Overall confidence: 100%
Detected patterns
  • env /^titan$/i
  • env /^titanEnabled$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

93
Requests

100 %
HTTPS

43 %
IPv6

31
Domains

50
Subdomains

42
IPs

8
Countries

2519 kB
Transfer

7822 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://theherald.com.au/ HTTP 301
    http://www.theherald.com.au/ HTTP 301
    https://www.theherald.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://js.matheranalytics.com/s/ma30461/481249905/all/ml.js?cb=1503 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma30461/all/7/ml.br.js
Request Chain 69
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-61683903-1&cid=1614052842.1558019077&jid=1668571753&gjid=1787211309&_gid=2034960288.1558019077&_u=aGDAgEAjQ~&z=903338360 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=1614052842.1558019077&jid=1668571753&_v=j75&z=903338360 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=1614052842.1558019077&jid=1668571753&_v=j75&z=903338360&slf_rd=1&random=833012132
Request Chain 80
  • https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 83
  • https://secure-au.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 93
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019081253&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200 HTTP 302
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019081253&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200&ja=1

93 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.theherald.com.au/
Redirect Chain
  • http://theherald.com.au/
  • http://www.theherald.com.au/
  • https://www.theherald.com.au/
965 KB
241 KB
Document
General
Full URL
https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.181.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-181-224.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.0 /
Resource Hash
77cf8357faefe30b0b2618225247f9c46018a2364a5208c8deb04cf0fb8ad606
Security Headers
Name Value
Content-Security-Policy child-src * blob:

Request headers

:method
GET
:authority
www.theherald.com.au
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
245588
content-security-policy
child-src * blob:
content-encoding
gzip
server
Microsoft-IIS/8.0
accept-ranges
bytes
date
Thu, 16 May 2019 15:04:34 GMT
vary
Accept-Encoding

Redirect headers

Content-Length
0
Server
Varnish
X-Varnish
745226557
Location
https://www.theherald.com.au/
Date
Thu, 16 May 2019 15:04:34 GMT
Connection
keep-alive
base.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/
162 KB
32 KB
Stylesheet
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/base.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
82f4eba71f16faf1d7c280a2b8c9138c2e465902deceb9e8a1590df6acce0a40

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-287c7"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
32906
Expires
Sat, 15 Jun 2019 15:04:34 GMT
desktop.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/
62 KB
12 KB
Stylesheet
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/desktop.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
8a9fc6b7cc97c329b87a2c7ca7ec0b30ef584276333ff82b52dcb6c2b5a40bfd

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-f9ea"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
12327
Expires
Sat, 15 Jun 2019 15:04:34 GMT
masthead-tablet.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/
215 KB
46 KB
Stylesheet
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/masthead-tablet.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
52edbe109ac49d0b2065a86d9b66f47bfa49d6ae157eb077a330b6e6468b2b29

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-35a0c"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
46608
Expires
Sat, 15 Jun 2019 15:04:34 GMT
icons.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/masthead/
248 KB
54 KB
Stylesheet
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/masthead/icons.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
30121367e1b2323392e95380e8df04d38c4c00126946e99b9d2597abdcfd2ac1

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-3deff"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
55049
Expires
Sat, 15 Jun 2019 15:04:34 GMT
masthead-skin-canberratimes.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/
2 KB
854 B
Stylesheet
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/masthead-skin-canberratimes.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
80f16f6cc6ad09222b82ead9d638ce890ccebcf88a91984d9527b0537b48d524

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-708"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
532
Expires
Sat, 15 Jun 2019 15:04:34 GMT
legolite.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/
44 KB
11 KB
Stylesheet
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/legolite.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
ebcc5baa538ee8a13582cdc2decb26237567d4dae58350f8edb6da148c200bfb

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-affc"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
10658
Expires
Sat, 15 Jun 2019 15:04:34 GMT
6938472286.js
cdn.optimizely.com/js/
353 KB
113 KB
Script
General
Full URL
https://cdn.optimizely.com/js/6938472286.js
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bacda126d4318418c593800f3ed310cdc4e9d0f0b4e5e7485f268d3e8ceb12d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
bfP10mg3XSXAHvyWzgcW1yhbZSls9cf5
content-encoding
gzip
x-amz-request-id
C417AD090BA08D92
status
200
access-control-max-age
86400
date
Thu, 16 May 2019 15:04:34 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
content-length
114544
x-amz-id-2
fWc2Gx4dLGBnAiuVsLlw9grZQeO+45bwsyzWtHHp0zYZJkfxouIMmvCixGUDX7VWFVRGj+Rlp8g=
last-modified
Tue, 15 Jan 2019 02:37:10 GMT
server
AmazonS3
etag
"b67c5880d20cd3b34aa3c45a6dbb05dd"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
47
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
mobile.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/
76 KB
14 KB
Stylesheet
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/mobile.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
5024d862c9d18b5393a95464d736ee00d88bba8ce166774db11b131682425e95

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-131e8"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
14445
Expires
Sat, 15 Jun 2019 15:04:34 GMT
tablet.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/
71 KB
14 KB
Stylesheet
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/tablet.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
af3493b3a347f14e1b8da7c7e2808274606ae5ff13d559c2525cdd477e3e5a21

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-11bc6"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
13716
Expires
Sat, 15 Jun 2019 15:04:34 GMT
tablet-landscape.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/
65 KB
13 KB
Stylesheet
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/tablet-landscape.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
ec2c5c23282a69a44cf751f989077cb6f74a2606c555fd24a2b551fb59bfb1d0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-10299"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
12745
Expires
Sat, 15 Jun 2019 15:04:35 GMT
masthead-mobile.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/
186 KB
40 KB
Stylesheet
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/masthead-mobile.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
b85d2c05bbb35dde5f7ceff8bd5e46d9e4381559565a795748b6a31a59a049a8

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-2e71e"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
41102
Expires
Sat, 15 Jun 2019 15:04:35 GMT
jdkog4d33gm6tm5h7eq67854maaz.js
b823s.com/
25 KB
10 KB
Script
General
Full URL
https://b823s.com/jdkog4d33gm6tm5h7eq67854maaz.js
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.44.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.44.201.138.clients.your-server.de
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
2de6c03c57fa6f56315d0a90e9f188bf61ba1de455f0ceb50cd14902eba3d78a

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

PRAGMA
no-cache
Date
Thu, 16 May 2019 15:04:35 GMT
CONTENT-ENCODING
gzip
Server
nginx/1.10.0 (Ubuntu)
Content-Type
application/javascript
Access-Control-Allow-Origin
*
CACHE-CONTROL
no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
10035
EXPIRES
0
a8v9omjCclKc
cdn.onthe.io/io.js/
44 KB
15 KB
Script
General
Full URL
https://cdn.onthe.io/io.js/a8v9omjCclKc
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.248.100.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
960381cdbe4eddade3c3b0c4d8bf5513cf9768c26c43db27e53df742f4f7b535

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 May 2018 15:26:07 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5afd9f0f-b1e8"
Transfer-Encoding
chunked
X-Hostname
cdn-eu-17
Content-Type
text/javascript
Cache-Control
max-age=86400, public
Connection
keep-alive
Expires
Fri, 17 May 2019 05:21:14 GMT
puzzles.png
nnstatic-a.akamaihd.net/s/1557985731/images/
10 KB
10 KB
Image
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/images/puzzles.png
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
cd257d196733acfdafab94b36a074f6de01c2d21ccfcf28215c443a7998ae340

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:35 GMT
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
"5cdcf9c3-2658"
Content-Type
image/png
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9816
Expires
Sat, 15 Jun 2019 15:04:35 GMT
puzzles_mobile.png
nnstatic-a.akamaihd.net/s/1557985731/images/
3 KB
3 KB
Image
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/images/puzzles_mobile.png
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e32d18ce4816c4bf5847e24fcafc650ea566be289229347f1c85fa59f35d728a

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:35 GMT
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
"5cdcf9c3-b45"
Content-Type
image/png
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2885
Expires
Sat, 15 Jun 2019 15:04:35 GMT
masthead-main.png
nnstatic-a.akamaihd.net/s/1557985731/sites/newcastle-herald/images/masthead/
217 KB
217 KB
Image
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/sites/newcastle-herald/images/masthead/masthead-main.png
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
90493b7d09262ca31da85504d3fb39ec95a204e2cd8614ffd75a86b167ad2d79

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:35 GMT
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
"5cdcf9c3-36209"
Content-Type
image/png
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
221705
Expires
Sat, 15 Jun 2019 15:04:35 GMT
spinner.gif
nnstatic-a.akamaihd.net/s/1523247119/images/
0
0
Image
General
Full URL
https://nnstatic-a.akamaihd.net/s/1523247119/images/spinner.gif
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

1.jpg
sochi.fairfaxregional.com.au/proxy/dpe/DPE/NCH/2019/05/16/3dissue/files/pages/smartphone/
134 KB
135 KB
Image
General
Full URL
https://sochi.fairfaxregional.com.au/proxy/dpe/DPE/NCH/2019/05/16/3dissue/files/pages/smartphone/1.jpg
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.65.63.14 Sydney, Australia, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-65-63-14.ap-southeast-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
ff865fd3ebf65b46f940231a357eb502b869a705b5354526997f4edc1c6e3dbc
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:36 GMT
etag
"99ea7467fbd51:0"
last-modified
Wed, 15 May 2019 11:14:46 GMT
server
nginx
x-frame-options
DENY
x-powered-by
ASP.NET
vary
Cookie
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
137700
89270c71-0f2e-4955-b35d-8649ceffc313.png
cdn.fairfaxregional.com.au/XWwqerAXUUiAT4pUPaZjTV/
2 KB
2 KB
Image
General
Full URL
https://cdn.fairfaxregional.com.au/XWwqerAXUUiAT4pUPaZjTV/89270c71-0f2e-4955-b35d-8649ceffc313.png
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.65.63.14 Sydney, Australia, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-65-63-14.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2b141c19916841d85deef62c5e829492f3f92784be3f85b65beb3ad4f3f48658

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:36 GMT
last-modified
Thu, 10 May 2018 06:00:20 GMT
server
nginx
etag
"5af3dff4-85c"
x-cache-stats
ft:0.17
x-cache
Hit
content-type
image/png
status
200
accept-ranges
bytes
content-length
2140
8afcc05d-9da1-4158-832b-03cf1d0d5d0b.png
cdn.fairfaxregional.com.au/M4qG8tFwm4mdvYjNdABvPv/
8 KB
8 KB
Image
General
Full URL
https://cdn.fairfaxregional.com.au/M4qG8tFwm4mdvYjNdABvPv/8afcc05d-9da1-4158-832b-03cf1d0d5d0b.png
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.65.63.14 Sydney, Australia, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-65-63-14.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2b2a58484d626ebe05c14698bf8488ed0734d2d60befdc1c13af99b60071bc03

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:36 GMT
last-modified
Fri, 03 Aug 2018 04:22:33 GMT
server
nginx
etag
"5b63d889-1e39"
x-cache-stats
ft:0.17
x-cache
Hit
content-type
image/png
status
200
accept-ranges
bytes
content-length
7737
masthead-alt.png
nnstatic-a.akamaihd.net/s/1557985731/sites/newcastle-herald/images/masthead/
9 KB
10 KB
Image
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/sites/newcastle-herald/images/masthead/masthead-alt.png
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
006bcd48bf865825e46b8bab92c9c938a6e55246694d049241eee2e696dbf48d

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:35 GMT
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
"5cdcf9c3-25f3"
Content-Type
image/png
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9715
Expires
Sat, 15 Jun 2019 15:04:35 GMT
vendor.js
nnstatic-a.akamaihd.net/s/1557985731/legolite/js/
455 KB
154 KB
Script
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/js/vendor.js
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
ce9725c8fd030478ee28606364de5b03ac3ba8fe407276144cddf6650206851a

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-71d22"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
157641
Expires
Sat, 15 Jun 2019 15:04:34 GMT
app.js
nnstatic-a.akamaihd.net/s/1557985731/legolite/js/
149 KB
47 KB
Script
General
Full URL
https://nnstatic-a.akamaihd.net/s/1557985731/legolite/js/app.js
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e072617c2a134d2d80d3c83fe4f98d78df7f1a91c49a48eca640751502028f01

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 05:48:51 GMT
ETag
W/"5cdcf9c3-254af"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
47367
Expires
Sat, 15 Jun 2019 15:04:34 GMT
css
fonts.googleapis.com/
5 KB
713 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
728175c2094ac11d1371369cddc1ab6985c1c588530a30c767f43e07c6de5a1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 May 2019 15:04:34 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 16 May 2019 15:04:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 16 May 2019 15:04:34 GMT
gtm.js
www.googletagmanager.com/
142 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?cachebust=20190219&gtm_cookies_win=x&id=GTM-KPMZ4JM
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
675e48226e9457c0625d152828a05d6d1df2d2f82c1f37796dd9c8e322f444e0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:35 GMT
content-encoding
br
last-modified
Wed, 15 May 2019 19:53:59 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
38034
x-xss-protection
0
expires
Thu, 16 May 2019 15:04:35 GMT
truncated
/
548 B
548 B
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6355605e3df681ae62b6e9186d7f2992b348366c48291401183e12e8a0ac1449

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.theherald.com.au

Response headers

Content-Type
application/font-woff2
merriweather-regular-woff2.css
www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/
18 KB
14 KB
XHR
General
Full URL
https://www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/merriweather-regular-woff2.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:190::1ba9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Fairfax CMS (Static) /
Resource Hash
2a8350ad156df9702f344dfde49982ad163553e5393b086fc658df19b8de74b0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

date
Thu, 16 May 2019 15:04:35 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
13847
x-esi-enable
0
last-modified
Tue, 23 May 2017 23:23:27 GMT
server
Fairfax CMS (Static)
etag
"43b7aa3e360d0f6280fbb5092cdabd32"
access-control-max-age
86400
access-control-allow-methods
GET,POST
x-varnish
343603311
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
content-type
text/css; charset=utf-8; valid=no;
access-control-allow-headers
*
expires
Fri, 15 May 2020 15:04:35 GMT
merriweather-bold-woff2.css
www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/
19 KB
15 KB
XHR
General
Full URL
https://www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/merriweather-bold-woff2.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:190::1ba9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Fairfax CMS (Static) /
Resource Hash
7abe57e3ac6419dd07499ca2a01c7e6c44fd646acedb7d0c4b4a89dd6adcff9e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

date
Thu, 16 May 2019 15:04:35 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
15049
x-esi-enable
0
last-modified
Tue, 23 May 2017 23:23:27 GMT
server
Fairfax CMS (Static)
etag
"758c29261871ee489ed91907f1c0da2a"
access-control-max-age
86400
access-control-allow-methods
GET,POST
x-varnish
475565963 475195018
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
content-type
text/css; charset=utf-8; valid=no;
access-control-allow-headers
*
expires
Fri, 15 May 2020 15:04:35 GMT
sourcesanspro-regular-woff2.css
www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/
32 KB
24 KB
XHR
General
Full URL
https://www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/sourcesanspro-regular-woff2.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:190::1ba9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Fairfax CMS (Static) /
Resource Hash
8ee068e2b4b02c330d4b9b7943547cee6f4326342b9d6432945812bcaf0238a3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

date
Thu, 16 May 2019 15:04:35 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
24588
x-esi-enable
0
last-modified
Tue, 23 May 2017 23:23:27 GMT
server
Fairfax CMS (Static)
etag
"6ad48c480eaadad0d44d22968f9de8eb"
access-control-max-age
86400
access-control-allow-methods
GET,POST
x-varnish
400035925
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
content-type
text/css; charset=utf-8; valid=no;
access-control-allow-headers
*
expires
Fri, 15 May 2020 15:04:35 GMT
sourcesanspro-bold-woff2.css
www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/
31 KB
24 KB
XHR
General
Full URL
https://www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/sourcesanspro-bold-woff2.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:190::1ba9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Fairfax CMS (Static) /
Resource Hash
47de29dd54d340be725f57f4f4b08ed58ab612ac7376199b7fd441376dee9654

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

date
Thu, 16 May 2019 15:04:35 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
24043
x-esi-enable
0
last-modified
Tue, 23 May 2017 23:23:28 GMT
server
Fairfax CMS (Static)
etag
"05d1de5b6c59d2f85068eec05192c8e6"
access-control-max-age
86400
access-control-allow-methods
GET,POST
x-varnish
472048057
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
content-type
text/css; charset=utf-8; valid=no;
access-control-allow-headers
*
expires
Fri, 15 May 2020 15:04:35 GMT
montserrat-bold-woff2.css
www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/
14 KB
11 KB
XHR
General
Full URL
https://www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/montserrat-bold-woff2.css
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:190::1ba9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Fairfax CMS (Static) /
Resource Hash
eac2bc2c09f3efa6f2f8a2689f7afd875ee2b6ab03bf7841c48c793bb6f8b36a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

date
Thu, 16 May 2019 15:04:35 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
11231
x-esi-enable
0
last-modified
Tue, 23 May 2017 23:23:27 GMT
server
Fairfax CMS (Static)
etag
"2c109003eb3004e469484d24591bceda"
access-control-max-age
86400
access-control-allow-methods
GET,POST
x-varnish
672500220
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
content-type
text/css; charset=utf-8; valid=no;
access-control-allow-headers
*
expires
Fri, 15 May 2020 15:04:35 GMT
truncated
/
13 KB
13 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67744fe3abc70b4eeac16c6e9fc06d056b8bb7e5f142804ff96a5befc55cdbf7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.theherald.com.au

Response headers

Content-Type
application/font-woff2
truncated
/
24 KB
24 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a1ea144f62bf6e0c1eb4f022b0ed2ee33e46fd6d7a805f44c49650ca53daf4c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.theherald.com.au

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8150191e6c92a50a143fb7158e59737fd8261fb28d3894ff65233fd4fa20013f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.theherald.com.au

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cb3863e9ae8ddcb2ced99f68916d78c908f634316993f6a4b82707fa9c0e1d6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.theherald.com.au

Response headers

Content-Type
application/font-woff2
truncated
/
23 KB
23 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be4aaab18446e78340c823c0c461eac098f748b6fbcd27e30100af266870eeb1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.theherald.com.au

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/gif
ad-400.js
hm732.com/adverts/
1 B
348 B
XHR
General
Full URL
https://hm732.com/adverts/ad-400.js
Requested by
Host: b823s.com
URL: https://b823s.com/jdkog4d33gm6tm5h7eq67854maaz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.44.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.8.44.201.138.clients.your-server.de
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

Pragma
public
Date
Thu, 16 May 2019 15:04:36 GMT
Server
nginx/1.10.0 (Ubuntu)
Content-Type
application/javascript, application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
keep-alive
Content-Length
1
Expires
Fri, 17 May 2019 15:04:36 GMT
lxkkpn
by217.com/
35 B
354 B
Image
General
Full URL
https://by217.com/lxkkpn?MXwXWhsdGQpIU1cdDw4FCVFFQBlWU19fQV0KRBUUVBISTkJJRklXU0tZVxIIBBAWS1hLGFMRFAgBEEsbU0MVDxhaR0kFBw5LT1ceXx8UAFoQSVkYCU8F
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.230.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.112.230.243.136.clients.your-server.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

PRAGMA
no-cache
Date
Thu, 16 May 2019 15:04:36 GMT
CONTENT-ENCODING
gzip
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
CACHE-CONTROL
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
EXPIRES
0
truncated
/
718 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e7bbb56b609b0eab34a187e417daa43e74cbb03f467fcaa12f5ed5615fadf40

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
257 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86f1962100b67cc5225608b37c8c42fdb453f0e1dafde4b3ac5cd13f188a2e57

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: b823s.com
URL: https://b823s.com/jdkog4d33gm6tm5h7eq67854maaz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Origin
https://www.theherald.com.au

Response headers

date
Mon, 25 Mar 2019 20:19:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:10:29 GMT
server
sffe
age
4473905
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:31 GMT
ad-400.js
advertising.oriel.io/adverts/
1 B
348 B
XHR
General
Full URL
https://advertising.oriel.io/adverts/ad-400.js
Requested by
Host: b823s.com
URL: https://b823s.com/jdkog4d33gm6tm5h7eq67854maaz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.138.163 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s4.oriel.io
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

Pragma
public
Date
Thu, 16 May 2019 15:04:36 GMT
Server
nginx/1.10.0 (Ubuntu)
Content-Type
application/javascript, application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
keep-alive
Content-Length
1
Expires
Fri, 17 May 2019 15:04:36 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Origin
https://www.theherald.com.au

Response headers

date
Fri, 10 May 2019 08:52:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:11:39 GMT
server
sffe
age
540740
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Sat, 09 May 2020 08:52:16 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?cachebust=20190219&gtm_cookies_win=x&id=GTM-KPMZ4JM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
4660
date
Thu, 16 May 2019 13:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Thu, 16 May 2019 15:46:56 GMT
snxj6l9wj.js
cdn.krxd.net/controltag/
20 KB
6 KB
Script
General
Full URL
https://cdn.krxd.net/controltag/snxj6l9wj.js
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.175 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
abb0b45bc4bc0e6b957dae12f1800f512fc691a2a499ede129fe9c9beba1d601

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend
4FrRTvEr9h480D4BywjehZ--F_Config_Service_V3
Date
Thu, 16 May 2019 15:04:36 GMT
Content-Encoding
gzip
Age
846
X-Cache
MISS, HIT, HIT
X-App-Cache
HIT
Connection
keep-alive
Content-Length
5215
X-Served-By
config-service-a001.krxd.net, cache-iad2148-IAD, cache-hhn1534-HHN
X-Response-Time
0
Accept-Ranges
bytes
X-Do-Esi
esi
X-Timer
S1558019077.919962,VS0,VE0
ETag
"8641a618967fed1a1bfe50c412776a28ac420eb3"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish, 1.1 varnish
Cache-Control
public, max-age=1200
X-Age
0
X-Cache-Hits
0, 1, 107
186432-278594325649166.js
js-sec.indexww.com/ht/p/
86 KB
27 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/186432-278594325649166.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?cachebust=20190219&gtm_cookies_win=x&id=GTM-KPMZ4JM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a98b3b10247f3a9c87515d1a22a1f5ff0315f288d70a5c0edb7f47315e90200

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2019 14:45:46 GMT
Server
Apache
ETag
"7616a5-157ba-58902523c829a"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2540
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
27000
Expires
Thu, 16 May 2019 15:46:56 GMT
lxkkpn
by217.com/
35 B
354 B
Image
General
Full URL
https://by217.com/lxkkpn?MXwXWhsdGQpIU1cdDw4FCVFFQBlWU19aQFEDSRUUVBISTkJbR1IYCwUAEEZTWUlRHRsKUVNfTx0SVx9NFBlSFAUcSVFSFFweBAZXG1sIGgVABw
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.230.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.112.230.243.136.clients.your-server.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

PRAGMA
no-cache
Date
Thu, 16 May 2019 15:04:36 GMT
CONTENT-ENCODING
gzip
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
CACHE-CONTROL
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
EXPIRES
0
truncated
/
366 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf4bad2bed510d5a98da212aa8ace1554e0da88e7c72bf824ac66b671927153c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
508 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9926599f340fa47d63665b751525f58cad4aa90e110c9aa6f4489ffaf5a1dc11

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c0ab613b042bfbc9c5f5e9a9a547283fb9125b14846d9f4864ef3b853f6e7f9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e38ea1af225b43e5e55a1264bbfaa0b2518ac03da73b403a4582fbf9d8c52d60

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
278 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4abe9cdc849179867d36f46e63d86bfad9f88012a023889526f75df42ebcd8bf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
926 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 14:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
2881
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
856
x-xss-protection
0
expires
Thu, 16 May 2019 15:16:36 GMT
controltag.js.b3e38a58706a8dccd9e35f7d4fbedb33
cdn.krxd.net/ctjs/
249 KB
80 KB
Script
General
Full URL
https://cdn.krxd.net/ctjs/controltag.js.b3e38a58706a8dccd9e35f7d4fbedb33
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.175 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
73befba6079d62cda9ad97982f2de870df5bf6235cf67d8e78977d4a1509496b

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date
Thu, 16 May 2019 15:04:37 GMT
Content-Encoding
gzip
Age
608334
X-Cache
HIT
Connection
keep-alive
Content-Length
81035
X-Served-By
cache-hhn1534-HHN
Last-Modified
Tue, 07 May 2019 19:07:53 GMT
X-Timer
S1558019077.108277,VS0,VE0
ETag
"b3e38a58706a8dccd9e35f7d4fbedb33"
Content-Type
application/javascript
Via
1.1 varnish
Expires
Fri, 04 May 2029 19:07:51 GMT
Cache-Control
public, max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
2965677
js
www.google-analytics.com/gtm/
101 KB
27 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5QH7B8D&t=gtm2&cid=1614052842.1558019077
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
a045644e3e18855f6abeeabf898f93d292eea4d4db9afb2aca954fe1cf083556
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:37 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27494
x-xss-protection
0
expires
Thu, 16 May 2019 15:04:37 GMT
collect
www.google-analytics.com/
35 B
106 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j75&a=1502690689&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theherald.com.au%2F&ul=en-us&de=UTF-8&dt=Newcastle%20News%2C%20sport%20and%20weather%20%7C%20Newcastle%20Herald&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEAjQ~&jid=1762335014&gjid=174070610&cid=1614052842.1558019077&tid=UA-16730067-3&_gid=2034960288.1558019077&gtm=2wg5a1KPMZ4JM&cd1=Newcastle%20Herald&cd2=lego1&cd3=home&cd4=&cd5=home&cd6=&cd7=&cd8=&z=975676495
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 22:34:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5934589
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
35 B
103 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-16730067-3&cid=1614052842.1558019077&jid=1762335014&gjid=174070610&_gid=2034960288.1558019077&_u=aGBAgEAjQ~&z=51902657
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 16 May 2019 15:04:38 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/
109 B
531 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186432
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186432-278594325649166.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.227.120 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-51-227-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bd9378dfdd57227d74c8816e8ea461b6ae2e2f42fbd78fe1d177bf9ced3f09e7

Request headers

Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 16 May 2019 15:04:38 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theherald.com.au
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 15 Jun 2019 15:04:38 GMT
gpt.js
www.googletagservices.com/tag/js/
31 KB
10 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
73105bd49cc381afe3583872c08f24f301299ddeb7764b72c575cf02f8f8f2dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"167 / 778 of 1000 / last-modified: 1558015537"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10539
x-xss-protection
0
expires
Thu, 16 May 2019 15:04:38 GMT
tinypass.min.js
cdn-au.piano.io/api/
343 KB
115 KB
Script
General
Full URL
https://cdn-au.piano.io/api/tinypass.min.js
Requested by
Host: nnstatic-a.akamaihd.net
URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de82c2a59238a710f2b780989c77d443eec90afe8416e8e70e50f8097cdadf16

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:38 GMT
content-encoding
gzip
cf-cache-status
HIT
wn
prodau-dash-node4
server
cloudflare
p3p
CP="NON DSP COR OUR IND"
etag
W/"351334-1557957006000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
last-modified
Wed, 15 May 2019 21:50:06 GMT
cf-ray
4d7e3ec7fe036407-FRA
expires
Thu, 16 May 2019 19:04:38 GMT
hotjar-1265741.js
static.hotjar.com/c/
3 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1265741.js?sv=6
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.239 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-28
Software
openresty /
Resource Hash
ce3e1be45a00b1ee6aa4e9b797125710af11246b071e44306138c82beda28500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
42
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1543
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/a39cabd5f7b607a68d93af9660c7c5ad
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.075
accept-ranges
bytes
section-io-id
0da12370daf06fcc140d8fb313aa10c3
truncated
/
487 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ac2c7b85bdd8fc2b9219e5404775cc7283bc5152f6bf70fd0e5e683e87ae853

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
integrator.js
adservice.google.de/adsid/
109 B
172 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theherald.com.au
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
172 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theherald.com.au
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019050901.js
securepubads.g.doubleclick.net/gpt/
150 KB
55 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
a161cba4b2b8a90e2ca19e935256925fa3920b6ed129ec1568fccbd1a290b1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 May 2019 13:16:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
55799
x-xss-protection
0
expires
Thu, 16 May 2019 15:04:38 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma30461/all/7/
Redirect Chain
  • https://js.matheranalytics.com/s/ma30461/481249905/all/ml.js?cb=1503
  • https://js.matheranalytics.com/static/ltm/ma30461/all/7/ml.br.js
130 KB
39 KB
Script
General
Full URL
https://js.matheranalytics.com/static/ltm/ma30461/all/7/ml.br.js
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.250.234 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
5b376b9656bdae0ddbc27a370224a543a0279ea24c627eda3524335309973dea

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 05:18:32 GMT
content-encoding
br
last-modified
Mon, 22 Apr 2019 11:46:20 GMT
server
nginx
age
207966
etag
"5777ec3b1d7d88fabbfae922ba8dcd5f"
vary
Accept-Encoding
x-cache
HIT Mon, 22 Apr 2019 11:59:11 GMT
content-type
application/x-javascript
status
200
cache-control
public, max-age=269200
alt-svc
clear
content-length
39250
via
1.1 google

Redirect headers

date
Thu, 16 May 2019 15:04:38 GMT
via
1.1 google
server
nginx
location
https://js.matheranalytics.com/static/ltm/ma30461/all/7/ml.br.js
vary
Accept-Encoding
status
301
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
0-gc-euw1-10909
modules.fbe6b6c15e2af6afe9ac.js
script.hotjar.com/
421 KB
88 KB
Script
General
Full URL
https://script.hotjar.com/modules.fbe6b6c15e2af6afe9ac.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1265741.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.239 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-28
Software
/
Resource Hash
d12b53b875b02458512c3049cd40119d0ac77b75b431a2cbbc997574b8eeb814
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 May 2019 14:20:47 GMT
access-control-allow-origin
*
etag
W/"8657d4a060e509c56e788e2dc2e6aa8d"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.040
section-io-origin-status
200
accept-ranges
bytes
section-io-id
ea9d78bf546fee7920ce773647b1696e
content-length
89203
collect
www.google-analytics.com/
35 B
100 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j75&a=1502690689&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theherald.com.au%2F&ul=en-us&de=UTF-8&dt=Newcastle%20News%2C%20sport%20and%20weather%20%7C%20Newcastle%20Herald&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&exp=lz394hssSU6hWZofCyDMIQ.1&_u=aGDAgEAjQ~&jid=1668571753&gjid=1787211309&cid=1614052842.1558019077&tid=UA-61683903-1&_gid=2034960288.1558019077&gtm=2wg5a1KPMZ4JM&cd1=Newcastle%20Herald&cd2=lego1&cd3=home&cd4=&cd5=home&cd6=&cd7=&cd8=&cd35=&cd36=&cd47=&cd49=&z=993438913
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 22:34:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5934589
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-61683903-1&cid=1614052842.1558019077&jid=1668571753&gjid=1787211309&_gid=2034960288.1558019077&_u=aGDAgEAjQ~&z=903338360
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=1614052842.1558019077&jid=1668571753&_v=j75&z=903338360
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=1614052842.1558019077&jid=1668571753&_v=j75&z=903338360&slf_rd=1&random=833012132
42 B
110 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=1614052842.1558019077&jid=1668571753&_v=j75&z=903338360&slf_rd=1&random=833012132
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2019 15:04:38 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 May 2019 15:04:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=1614052842.1558019077&jid=1668571753&_v=j75&z=903338360&slf_rd=1&random=833012132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 7A4B
0
0
Document
General
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1265741.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.173 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-27
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.theherald.com.au/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/

Response headers

status
200
date
Thu, 16 May 2019 15:04:38 GMT
content-type
text/html
content-length
967
cache-control
max-age=31536000
last-modified
Tue, 30 Apr 2019 14:57:42 GMT
section-io-origin-status
200
section-io-origin-time-seconds
0.049
etag
W/"90f3a29ef7448451db5af955688970d7"
content-encoding
gzip
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
f779644c09933abf6f258be81ae3592e
ads
securepubads.g.doubleclick.net/gampad/
772 B
542 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3728383657469213&correlator=3277506843760678&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061864&vrg=2019050901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&iu_parts=21666581298%2Cnewcastleherald%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=6x1%2C1x1&ists=1&prev_scp=pos%3D1%26ur%3Dnewcastleherald%257Chomepage%257Chome%257C%257C1%257C6x1%257Cdesktop%26urh%3D-417239817%7Cur%3Dnewcastleherald%257Chomepage%257Chome%257C%257C%257Cint%257Cdesktop%26urh%3D825609984&cust_params=region%3Dnorthern%26ctype%3Dhomepage%26cat%3Dhome%26locstate%3Dnsw%26kuid%3D%26sysEnv%3Ddesktop%26generator%3Dnewsnow%26brms%3Dtrue%26brvs%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1558019078&dt=1558019078729&dlt=1558019074399&idt=4260&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C0&adys=0%2C0&adks=2002901277%2C1667787902&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.theherald.com.au%2F&dssz=51&icsg=137438964224&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x0%7C1585x7117&msz=6x1%7C1x1&blev=1&bisch=1&ga_vid=1614052842.1558019077&ga_sid=1558019079&ga_hid=1502690689&fws=128%2C128
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
2bc815ceb3c586987bddb38f8db6b376f01d3f3bc8ebe5bc5527e7498e284030
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

date
Thu, 16 May 2019 15:04:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
337
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.theherald.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019050901.js
securepubads.g.doubleclick.net/gpt/
71 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019050901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
93d39da3773a26f38a235454f91d1d2a57a0d9d066c72f9a41452651b08e539e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 May 2019 13:16:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
27443
x-xss-protection
0
expires
Thu, 16 May 2019 15:04:38 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

3220481e-9545-495d-b98d-6e863d0aa1af
consumer.krxd.net/consent/get/
238 B
614 B
Script
General
Full URL
https://consumer.krxd.net/consent/get/3220481e-9545-495d-b98d-6e863d0aa1af?idt=device&dt=kxcookie&callback=Krux.ns.fairfaxacm.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.b3e38a58706a8dccd9e35f7d4fbedb33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.175 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
a973cc2fc7a6aaa01a049277eb7032b95c6f35713604eae45fa6ce65032b9f68

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:38 GMT
Via
1.1 varnish
Age
0
X-Timer
S1558019079.911918,VS0,VE24
Vary
Accept-Encoding
X-Cache
MISS, MISS
Content-Type
text/javascript; charset=UTF-8
Cache-Control
max-age=1800
X-Cache-Hits
0, 0
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
X-Age
0
Content-Length
194
X-Served-By
consumer-a008-dub.krxd.net, cache-hhn1531-HHN
get
buy-au.piano.io/api/v3/anon/user/
115 B
218 B
Script
General
Full URL
https://buy-au.piano.io/api/v3/anon/user/get?aid=jB2cYAVqtu&user_provider=piano_id&user_token=&callback=jQuery17106066973412883818_1558019078878&_=1558019079340
Requested by
Host: cdn-au.piano.io
URL: https://cdn-au.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2054db7b42ab7fb5842e6797a724afcf4760beee8590403d415712939a4535cb

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2019 15:04:40 GMT
content-encoding
gzip
wn
prodau-dash-node2
server
cloudflare
p3p
CP="NON DSP COR OUR IND"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4d7e3ece1a896407-FRA
x-request-id
Cs7rlrprYWQ
expires
0
i
www.i.matheranalytics.com/
43 B
338 B
Image
General
Full URL
https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fwww.theherald.com.au%2F&page=Newcastle%20News%2C%20sport%20and%20weather%20%7C%20Newcastle%20Herald&sec=home&pubname=Newcastle%20Herald&ptype=home&hier=home&cms=lego1&tv=js-3.0.74&tna=Mather&aid=v1&p=web&tz=UTC&tzoff=0&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=7&tvcfg=all&tid=d539aa9a-f51a-4d09-a789-9233385071a0&pid=b170513e-d508-4ab9-b965-040cc261782a&dtm=1558019079351&qnm=_matherq&visible=1&tabid=c6cb8b14-644a-40c1-bfe5-d925ba7fb075&vp=1600x1200&ds=1585x7118&tofa=1558019079&vid=1&duid=e76b4f2678f0ed57&fp=3998842399&cid=ma30461&mrk=481249905&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU1ODAxOTA3Mzg3MSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMi43MjMyNTVtYiIsImhlYXBUIjoiMjkuNTU2MTUxbWIiLCJmc3RQYWludCI6IjI0MzIiLCJmZXRjaFMiOiI0MjQiLCJkb21haW5TIjoiNDMwIiwiZG9tYWluRSI6IjQ1MiIsImNvbm5TIjoiNDUyIiwiY29ubkUiOiI0OTciLCJzc2xTIjoiNDY0IiwicmVxdVMiOiI0OTciLCJyZXNwUyI6IjUxOSIsInJlc3BFIjoiNTYzIiwiZG9tTG9hZCI6IjUyOCIsImRvbUludGVyIjoiNDQyNCIsImRvbUxvYWRTIjoiNDQyNCIsImRvbUxvYWRFIjoiNDQ5MSJ9fQ
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.120.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-120-255.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:39 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
verify
id-au.piano.io/id/api/v1/identity/token/
160 B
772 B
Script
General
Full URL
https://id-au.piano.io/id/api/v1/identity/token/verify?callback=jQuery17106066973412883818_1558019078879&client_id=jB2cYAVqtu&token=&site=https%3A%2F%2Fwww.theherald.com.au&_=1558019079360
Requested by
Host: cdn-au.piano.io
URL: https://cdn-au.piano.io/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
42ecd45865dd5658d81b0c69f9a2bd66f76ff5325433a02331f87a4d83ef3193

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:40 GMT
content-encoding
gzip
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
status
200
pragma
no-cache
wn
prodau-dash-node1
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
4d7e3ece2aa06407-FRA
access-control-allow-headers
origin, content-type, accept, authorization
expires
Thu, 01 Jan 1970 00:00:00 GMT
log
errors.client.optimizely.com/
13 B
412 B
XHR
General
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/6938472286.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.174.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-172-174-181.compute-1.amazonaws.com
Software
/
Resource Hash
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method
POST
Origin
https://www.theherald.com.au
Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 16 May 2019 15:04:41 GMT
Allow
POST,OPTIONS
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.theherald.com.au
Access-Control-Max-Age
1800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Content-Length
13
advertising.js
www.npttech.com/
7 KB
3 KB
Script
General
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: nnstatic-a.akamaihd.net
URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:40 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
68E1383B2332C2CE
cf-ray
4d7e3ed808ded709-FRA
status
200
x-amz-id-2
xiMJPdF0bfv1nWVbnsRhApBDRafQfgOVHs06+RmcqZMEqnTjO+VgvW2JCaqYluIiRy/6qe7rSsU=
last-modified
Wed, 20 Mar 2019 08:41:04 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
X57jS16C5nGCzFSxngcUi3lF_R_2.PZg
cache-control
public, max-age=28800
content-type
application/javascript
expires
Thu, 16 May 2019 23:04:40 GMT
asset_composer.js
static.zdassets.com/ekr/ Frame F5D4
Redirect Chain
  • https://assets.zendesk.com/embeddable_framework/main.js
  • https://static.zdassets.com/ekr/asset_composer.js
24 KB
7 KB
Script
General
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe42375f89b1b60e63cab69f39cf643e51318e004b58af528a3f44c4cafd711
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
A383ACC1B221A667
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
content-type
application/javascript
x-amz-id-2
P8ZNVlTXmrknrt7aPIWPCMmMqUze3AdABK62gMjMbDKXqX4XdhlZp48S6ljmSfjhLMNfLCtsHTI=
last-modified
Thu, 09 May 2019 06:26:10 GMT
server
cloudflare
etag
W/"900f9b4dedbc0f34b05b14425f37386b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
2Kdt9_2NDyrC16g7mZ8PRxgDRyOPYaJR
cache-control
public, max-age=3600, s-maxage=60
cf-ray
4d7e3ed9987f3534-LHR

Redirect headers

date
Thu, 16 May 2019 15:04:40 GMT
server
cloudflare
location
https://static.zdassets.com/ekr/asset_composer.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
301
cache-control
max-age=3600
strict-transport-security
max-age=0
cf-ray
4d7e3ed838d4c83f-AMS
expires
Thu, 16 May 2019 16:04:40 GMT
chartbeat.js
static.chartbeat.com/js/
35 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:7600:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b8a8385400d498bd2379a4abd15c533ae635bc5a958198b339cd19662d062e39

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 01:07:46 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 01:35:46 GMT
server
nginx
age
50214
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
x-amz-cf-id
0Kx9j-bmVXtS7JCmMaDUcGMwEc2Il4WFSD9vpZ_bOr3FgaA8iwDZPg==
via
1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)
expires
Fri, 17 May 2019 01:07:46 GMT
optout_check
beacon.krxd.net/
64 B
317 B
Script
General
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.fairfaxacm.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.b3e38a58706a8dccd9e35f7d4fbedb33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.240.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-176-34-240-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4a182727f67e363ee9bae8e743947f3e56c807c9659cab3dd91e4b3320e7c15b

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:41 GMT
Cache-Control
private, max-age=0, s-max-age=0
X-Request-Time
D=34 t=1558019081
Connection
keep-alive
X-Served-By
beacon-n019-dub.krxd.net
Content-Length
64
Content-Type
text/javascript
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-au.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
21 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
V6f0f8aPs4uc7kiNd9V1rxWOPadm6KHc
content-encoding
gzip
last-modified
Wed, 27 Mar 2019 02:17:52 GMT
server
AmazonS3
age
71750
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=86400
date
Wed, 15 May 2019 19:09:18 GMT
x-amz-cf-id
TydCBnWenuynviNMW326i4KZRE_Qj1hpP9hUmk62nTZU6VQT-AQquQ==
via
1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)

Redirect headers

status
301
date
Thu, 16 May 2019 15:04:41 GMT
server
awselb/2.0
content-length
150
location
https://cdn-gl.imrworldwide.com:443/v60.js
content-type
text/html
ggcmb510.js
cdn-gl.imrworldwide.com/novms/js/2/
12 KB
5 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by
Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
eV4ifaHCsLoRUqgtPitq6T30xrVcwbo9
content-encoding
gzip
last-modified
Wed, 27 Mar 2019 16:35:08 GMT
server
AmazonS3
age
71766
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=86400
date
Wed, 15 May 2019 19:08:35 GMT
x-amz-cf-id
WmTVttKkiyj3R8Y8h3XOQnnEDrSs0wPa5152GmTg4HRj_fXDtkoSrA==
via
1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)
/
tt.onthe.io/
0
287 B
XHR
General
Full URL
https://tt.onthe.io/?k[]=42433:uniques_instantly[domain:www.theherald.com.au,url:%2F,language:en,page:Main%20page,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36,device:desktop,browser_version:Other%2067,browser:Other,depth:1,user_type:new,user_id:1ea9da910.398a88a78_1558019081035,cdn_version:18]&s=af4c9512891beba751a8fbf484775b7c&1558019081051
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/a8v9omjCclKc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

Pragma
no-cache
Date
Thu, 16 May 2019 15:04:41 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/
0
287 B
XHR
General
Full URL
https://tt.onthe.io/?k[]=42433:visits_instantly[domain:www.theherald.com.au,url:%2F,language:en,page:Main%20page,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36,device:desktop,browser_version:Other%2067,browser:Other,depth:1,user_type:new,user_id:1ea9da910.398a88a78_1558019081035,cdn_version:18]&s=af4c9512891beba751a8fbf484775b7c&__io=1ea9da910.398a88a78_1558019081035&1558019081063
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/a8v9omjCclKc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

Pragma
no-cache
Date
Thu, 16 May 2019 15:04:41 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/
0
287 B
XHR
General
Full URL
https://tt.onthe.io/?k[]=42433:pageviews[domain:www.theherald.com.au,url:%2F,language:en,page:Main%20page,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36,device:desktop,browser_version:Other%2067,browser:Other,depth:1,user_type:new,user_id:1ea9da910.398a88a78_1558019081035,cdn_version:18]&s=af4c9512891beba751a8fbf484775b7c&1558019081068
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/a8v9omjCclKc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

Pragma
no-cache
Date
Thu, 16 May 2019 15:04:41 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=theherald.com.au&p=%2F&u=DRdqbl3RmulBgq9Zu&d=theherald.com.au&g=27223&g0=home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7118&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=7013&t=DecLvJCGwTy3jc1huB47jA6CYVEBh&V=113&i=Newcastle%20News%2C%20sport%20and%20weather%20%7C%20Newcastle%20Herald&tz=0&sn=1&sv=I2r3St2biW5rQiKBQuv47opqXM&sd=1&im=062b0733&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.115.104 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-115-104.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 16 May 2019 15:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
43
content-type
image/gif
glcfg510.js
cdn-gl.imrworldwide.com/novms/js/2/configs/
2 KB
1 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
uISShhR4AS42ssOdQwxKF7F02AFNsCVV
content-encoding
gzip
last-modified
Wed, 27 Mar 2019 16:35:08 GMT
server
AmazonS3
age
71749
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=86400
date
Wed, 15 May 2019 19:09:09 GMT
x-amz-cf-id
kJrVl2sBkLo_hQwq2oOa3TJBGdXpbjb9lZg7m-b4xDoYScaHZGFXVg==
via
1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)
P553E793A-7C43-4F14-9680-D63B52235283.js
cdn-gl.imrworldwide.com/conf/
33 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/P553E793A-7C43-4F14-9680-D63B52235283.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d075a83599848e3fe7a5ef7d22cddad3b6da99ce8b0c7b71a9a9016d0d754f19

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 13:08:34 GMT
content-encoding
gzip
last-modified
Thu, 16 May 2019 12:30:40 GMT
server
AmazonS3
age
328
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
RPonnBvbPeyhdyZQecnBGNCRfVS2yYC3
status
200
cache-control
max-age=86400,s-maxage=86400
content-type
application/javascript
x-amz-cf-id
EtPwZqPRCqctSqkDmq9lwyGrnWc8ZRH4bzQO6IjdqZaF6SOpyVjH3g==
via
1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/
154 KB
45 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P553E793A-7C43-4F14-9680-D63B52235283.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb555becf9cb272e5d13e3f54a07a06034900816f1805c4ec4df7d719d45ae17

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
OqMDVoXMC0Pl.vtZ9bUCz1Vpdssske9w
content-encoding
gzip
last-modified
Wed, 27 Mar 2019 16:35:08 GMT
server
AmazonS3
age
71775
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=86400
date
Wed, 15 May 2019 19:08:40 GMT
x-amz-cf-id
D5yvCHXgMU6F3iO_a6M8WIKJ5WVaBs79p6IdMleax0q5HOq5Ev__CQ==
via
1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 34AF
0
0
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn-gl.imrworldwide.com
:scheme
https
:path
/novms/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.theherald.com.au/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/

Response headers

status
200
content-type
text/html
last-modified
Wed, 27 Mar 2019 16:35:07 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
rzSfMcx919QN3wc1e0jl4CN3A2NWibC3
server
AmazonS3
content-encoding
gzip
date
Wed, 15 May 2019 19:08:25 GMT
cache-control
max-age=86400
vary
Accept-Encoding
age
71779
x-cache
Hit from cloudfront
via
1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)
x-amz-cf-id
PeLoLsmd9kbGCoWR4PTkAxPt9cx0ncMo1gQhLx1K0SFcoskKhv-Z2A==
m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019081253&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019081253&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200&ja=1
44 B
470 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019081253&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200&ja=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:4400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2019 15:04:41 GMT
via
1.1 dfb957c193e8f98057bb6f530c2816a9.cloudfront.net (CloudFront)
server
nginx
access-control-allow-origin
*
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status
200
cache-control
no-cache
x-cache
Miss from cloudfront
content-type
image/gif
content-length
44
x-amz-cf-id
W6Bq-xy1BhDOKRlnxCOlImNNuwHxAyw9elmJdU8f-PC3x4QKQKb3PQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 May 2019 15:04:41 GMT
via
1.1 dfb957c193e8f98057bb6f530c2816a9.cloudfront.net (CloudFront)
server
nginx
access-control-allow-origin
*
location
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019081253&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200&ja=1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status
302
cache-control
no-cache
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
VgwXejQWb07P7skhYzKahZJ2ezHAk5eQoHKlAiVW1XBXm6ejX6c3Hg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
newcastleherald.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame F5D4
238 B
775 B
XHR
General
Full URL
https://ekr.zdassets.com/compose/web_widget/newcastleherald.zendesk.com
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:9a00:14:e8dc:9940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94b7b00ea6b3939ad365c28a6c6779d8877517086d47043e778f91612e67948d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

date
Thu, 16 May 2019 13:10:48 GMT
via
1.1 c5ad7defce0694621f07129d852e42da.cloudfront.net (CloudFront)
vary
Origin
x-cache
RefreshHit from cloudfront
status
200, 200 OK
content-length
238
x-request-id
5498abdc-3cd8-4bea-97a3-9b85955f313d
x-runtime
0.007334
server
nginx
etag
W/"94b7b00ea6b3939ad365c28a6c6779d8"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theherald.com.au
access-control-expose-headers
cache-control
public, max-age=600, s-maxage=60
access-control-allow-credentials
true
x-amz-cf-id
DCOdqOL-TIalbV2jfA_66YT0d-KQHtbqd7aJUIOWk-x3es_6BOAzew==
log
errors.client.optimizely.com/
0
246 B
XHR
General
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.174.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-172-174-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://www.theherald.com.au
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Thu, 16 May 2019 15:04:41 GMT
Content-Type
text/plain
a868061aedd230501d2a8a522cee6005ca7778fb
ekr.zdassets.com/compose_product/web_widget/ Frame F5D4
339 B
873 B
XHR
General
Full URL
https://ekr.zdassets.com/compose_product/web_widget/a868061aedd230501d2a8a522cee6005ca7778fb?features[]=ticket_submission&use_json=true
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:9a00:14:e8dc:9940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
2af904471216e1101423b2f6faa6cf5007eebfa2aea7438fd419605f3fdc55fa

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

date
Thu, 16 May 2019 07:08:37 GMT
via
1.1 c5ad7defce0694621f07129d852e42da.cloudfront.net (CloudFront)
vary
Origin
age
28564
x-cache
Hit from cloudfront
status
200, 200 OK
content-length
339
x-request-id
a1aa3b93-6509-4d7a-b087-61c3a276506e
x-runtime
0.004411
server
nginx
etag
W/"2af904471216e1101423b2f6faa6cf50"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theherald.com.au
access-control-expose-headers
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-id
eTT8E8WsU-1qwt5XSvW0QW5sdpw_H_q996arVsg8BQbWMYnDamyv9Q==
runtime.fa28037f158c4c49acea.js
static.zdassets.com/web_widget/latest/ Frame C0EF
2 KB
1 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/runtime.fa28037f158c4c49acea.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6feed27cb2bbf32a7c54e063b537c5be6ee7aab4e36a586fb733da2c05fdae5a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
CCA675CDEEEFC050
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
x-amz-id-2
GsVd5qv12pT0tDPWoJEc69tN1ekn/DMOwkF8C4Ilz39t2ENeoCwNwGDOUUvQ32nx84kR5d058ZE=
last-modified
Tue, 14 May 2019 01:36:34 GMT
server
cloudflare
etag
W/"f7e8e083e466edeafb411e3b29ac7289"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
4Sk8paewyrIYEQejKjYCILYBn2gKc.rb
cache-control
public, max-age=31536000
cf-ray
4d7e3edc3b0e3534-LHR
expires
Wed, 13 May 2020 01:36:33 GMT
common_vendor.1631a18322c1e45b326c.js
static.zdassets.com/web_widget/latest/ Frame C0EF
283 KB
94 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/common_vendor.1631a18322c1e45b326c.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeafacef5a6029fb54f0b596912d8d5f244924184a3133b8181a707d682f0d38
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
4ACD795148C0E46E
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
x-amz-id-2
7E5fn0Q9qg0jGaj4B5sGO3tdpqb6nvweABr7mDBd62wCLF92Is9Qyql5xPB/2Jnwf8EExBtwHSA=
last-modified
Tue, 14 May 2019 01:36:34 GMT
server
cloudflare
etag
W/"4216abea22152f26d4f44e3ec9efcb93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
AxhpwbiyPOVqw.zYeCaLx35fEkHIvYJ3
cache-control
public, max-age=31536000
cf-ray
4d7e3edc3b113534-LHR
expires
Wed, 13 May 2020 01:36:33 GMT
web_widget.978983efead85e8f46bb.js
static.zdassets.com/web_widget/latest/ Frame C0EF
2 MB
393 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11a84380b3d8221e4b6a58a148be42e5e815a32c1449d6dee5d84b39c23dc58
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
C0E0DFB5CF98DBC8
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
x-amz-id-2
byhcj2EmYSIOuZKkorl0tNqbs+oXMftgxcRfk0Mmrj+ed9R6W/gvtRgTAfnvr3mok5TFmCB2/Wg=
last-modified
Wed, 15 May 2019 06:02:27 GMT
server
cloudflare
etag
W/"27323a9e1152c950965fe6b5b7b84e93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
g7QKcGrP5DPJpIJMJpHilLFkJofX4TeT
cache-control
public, max-age=31536000
cf-ray
4d7e3edc3b123534-LHR
expires
Thu, 14 May 2020 06:02:26 GMT
config
newcastleherald.zendesk.com/embeddable/ Frame C0EF
505 B
991 B
XHR
General
Full URL
https://newcastleherald.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.52.111 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
02b4519d09518b283b7a2a427f77fc4c7422542064b0acb35ced834995dddd3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.theherald.com.au

Response headers

date
Thu, 16 May 2019 15:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
status
200
vary
Origin, Accept-Encoding
x-request-id
4d7e39b71816bd5e-IAD
x-runtime
0.001411
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server
embeddable-app-server-867556746b-ftp7d
cf-ray
4d7e3ee00a15ce5b-LHR
en-us.14a18486fe69862e0aa6.js
static.zdassets.com/web_widget/latest/locales/ Frame C0EF
21 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/locales/en-us.14a18486fe69862e0aa6.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90061e3116a39fe12089aae5143fdc63620921a672a48d2a9e8baa18181232b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:42 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
EE24300BACD3271A
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
x-amz-id-2
JesQlrDBUswYJgZm0BvUeLfWz5SHB1feUrdkg7Q88ThUYBA/twtpa0r4DvHTytlgD1/achJsvE4=
last-modified
Wed, 01 May 2019 01:36:00 GMT
server
cloudflare
etag
W/"14a18486fe69862e0aa6b4a2764d0949"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
Vp5AgBzM71QmCgmRPdE2qbeoyWQrqRaw
cache-control
public, max-age=31536000
cf-ray
4d7e3ee0ef5d3534-LHR
expires
Thu, 30 Apr 2020 01:35:59 GMT
show_many.json
newcastleherald.zendesk.com/api/v2/ticket_forms/ Frame C0EF
3 KB
1 KB
XHR
General
Full URL
https://newcastleherald.zendesk.com/api/v2/ticket_forms/show_many.json?ids=114093992954&include=ticket_fields&locale=en-US
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.52.111 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
372814b54995a67278ae9e0c7cae3139cbf9223ce1843941dc86ca029c8d4776
Security Headers
Name Value
Strict-Transport-Security max-age=259200;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-US
Origin
https://www.theherald.com.au
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 15:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-rate-limit-remaining
699
x-rate-limit
700
x-zendesk-request-id
57161bce1bc1522b6370
status
200
strict-transport-security
max-age=259200;
x-request-id
4d7e3ee17f01ce5b-LHR
x-runtime
0.098393
server
cloudflare
x-zendesk-api-version
v2
etag
W/"c11278c7b690eca91ce6c3066556ba51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Zendesk-API-Warn
cache-control
max-age=60, private
access-control-allow-credentials
true
x-zendesk-application-version
v2305.62
x-zendesk-origin-server
app17.pod14.use1.zdsys.com
cf-ray
4d7e3ee17f01ce5b-LHR
embeddable_blip
newcastleherald.zendesk.com/ Frame C0EF
0
105 B
XHR
General
Full URL
https://newcastleherald.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LnRoZWhlcmFsZC5jb20uYXUvIiwidGltZSI6Mzc5LCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiTmV3Y2FzdGxlIE5ld3MsIHNwb3J0IGFuZCB3ZWF0aGVyIHwgTmV3Y2FzdGxlIEhlcmFsZCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiN2EwMDZjZDMzY2M1MWQyNGQwMWE5MTJlNWRmYjAzOWQiLCJzdWlkIjoiZWMxY2ViOTA1OTEyNzY0MDliZmQ0MTVlNjRhZWMyNGMiLCJ2ZXJzaW9uIjoiYTg2ODA2MWFlIiwidGltZXN0YW1wIjoiMjAxOS0wNS0xNlQxNTowNDo0Mi41MTdaIiwidXJsIjoiaHR0cHM6Ly93d3cudGhlaGVyYWxkLmNvbS5hdS8ifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.52.111 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.theherald.com.au

Response headers

date
Thu, 16 May 2019 15:04:42 GMT
cf-cache-status
MISS
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.theherald.com.au
accept-ranges
bytes
cf-ray
4d7e3ee1d85ece5b-LHR
content-length
0
gn
secure-dcr.imrworldwide.com/cgi-bin/
44 B
426 B
Image
General
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-302812&ch=au-302812_c111_Puzzles_S&asn=Puzzles&sessionId=js9rmaVUWyo6Rct7oa4mcFztuNUIU1558019081&prv=1&c6=vc,c111&ca=NA&c13=asid,P553E793A-7C43-4F14-9680-D63B52235283&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,newcastleherald&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,15580190812403765&c30=bldv,6.0.0.333&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=homepage&c3=st,c&c64=starttm,1558019083&adid=homepage&c58=isLive,false&c59=sesid,&c61=createtm,1558019084&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.theherald.com.au%2F&c66=mediaurl,&c62=sendTime,1558019084&rnd=120018
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.170.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-211-170-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2019 15:04:44 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status
200
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
tt.onthe.io/
0
287 B
XHR
General
Full URL
https://tt.onthe.io/?k[]=42433:time[url:%2F,cdn_version:18]&s=af4c9512891beba751a8fbf484775b7c&1558019085774
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/a8v9omjCclKc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.theherald.com.au/
Origin
https://www.theherald.com.au

Response headers

Pragma
no-cache
Date
Thu, 16 May 2019 15:04:45 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
i
www.i.matheranalytics.com/
43 B
338 B
Image
General
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.74&tna=Mather&aid=v1&p=web&tz=UTC&tzoff=0&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=7&tvcfg=all&f_privb=0&tid=873aaaba-68e2-47c4-b7d2-7b61825a676d&pid=b170513e-d508-4ab9-b965-040cc261782a&dtm=1558019089349&qnm=_matherq&visible=1&tabid=c6cb8b14-644a-40c1-bfe5-d925ba7fb075&url=https%3A%2F%2Fwww.theherald.com.au%2F&vp=1600x1200&ds=1585x7118&tofa=1558019089&vid=1&duid=a83197e481ba901c&fp=3998842399&cid=ma30461&mrk=481249905&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU1ODAxOTA3Mzg3MSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI0My42NzQyOW1iIiwiaGVhcFQiOiI1My43Njg1MDZtYiIsImZzdFBhaW50IjoiMjQzMiIsImZldGNoUyI6IjQyNCIsImRvbWFpblMiOiI0MzAiLCJkb21haW5FIjoiNDUyIiwiY29ublMiOiI0NTIiLCJjb25uRSI6IjQ5NyIsInNzbFMiOiI0NjQiLCJyZXF1UyI6IjQ5NyIsInJlc3BTIjoiNTE5IiwicmVzcEUiOiI1NjMiLCJkb21Mb2FkIjoiNTI4IiwiZG9tSW50ZXIiOiI0NDI0IiwiZG9tTG9hZFMiOiI0NDI0IiwiZG9tTG9hZEUiOiI0NDkxIiwiZG9tQ21wbHQiOiI3MDEzIiwibG9hZFMiOiI3MDEzIiwibG9hZEUiOiI3MTAyIn19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.120.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-120-255.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.theherald.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 15:04:49 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| author string| datePublished string| datePublishedIso string| dateUpdatedIso string| primaryPage string| secondaryPage string| storyId string| storySource string| wordCount string| wordCountRange object| dataLayer function| _ function| FontFaceObserver object| INITIAL_SITEBUILDER_STATE object| titan object| suzukaAsync function| loadScript object| REACT_APP_STATE object| Suzuka function| iframeLoad function| asyncLoad number| _sf_startpt boolean| titanEnabled object| digitalData object| __io object| google_tag_manager string| GoogleAnalyticsObject function| ga function| Krux string| story_tags object| hrefToCampaign object| elements object| conf object| google_tag_data object| gaplugins object| gaGlobal function| require function| $ function| jQuery function| JsMutationObserver function| BlockAdBlock object| blockAdBlock object| Handlebars function| Waypoint object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| html5 object| Modernizr function| yepnope function| moment object| gaData object| headertag object| googletag function| headertag_render object| rubicontag object| validateEmail object| core object| __core-js_shared__ function| afterPaywallRemoved object| tp object| _matherq function| setAdblockerCookie function| hj object| _hjSettings object| _sf_async_config function| PluginClass function| galleryV0 function| galleryV1 function| openDigitalPrintEdition object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken string| hostname string| listenerdId object| operatingGroupMap undefined| suzukaIndex string| operatingGroup object| listenerIdMap object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| google_optimize undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state function| ___tp object| localCookieStorage object| sessionCookieStorage object| jQuery17106066973412883818 string| __tpVersion object| _mather undefined| jQuery17106066973412883818_1558019078878 object| tid undefined| jQuery17106066973412883818_1558019078879 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| adDiv object| _io_config function| zEmbed function| zE number| _sf_endpt object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| NOLCMB object| NOLBUNDLE string| emmUrlKey string| optoutCookieKey object| ns object| paramsPassed object| stateObject string| BUILDVERSION object| stateEvents function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick object| V60 object| trac boolean| zEACLoaded function| $zopim

24 Cookies

Domain/Path Name / Value
.imrworldwide.com/ Name: IMRID
Value: f6332e65-35a8-472f-be65-b27930ba48c0
www.theherald.com.au/ Name: __io
Value: 1ea9da910.398a88a78_1558019081035
www.theherald.com.au/ Name: _chartbeat2
Value: .1558019081097.1558019081097.1.I2r3St2biW5rQiKBQuv47opqXM.1
.theherald.com.au/ Name: _gid
Value: GA1.3.2034960288.1558019077
www.theherald.com.au/ Name: _cb
Value: DRdqbl3RmulBgq9Zu
www.theherald.com.au/ Name: _cb_svref
Value: null
www.theherald.com.au/ Name: _cb_ls
Value: 1
www.theherald.com.au/ Name: __io_visit_42433
Value: 1
www.theherald.com.au/ Name: kxfairfaxacm_whistle
Value: 0
www.theherald.com.au/ Name: __io_unique_42433
Value: 16
www.theherald.com.au/ Name: __io_lv
Value: 1558019081036
www.theherald.com.au/ Name: __io_d
Value: 1_705468254
.theherald.com.au/ Name: __gads
Value: ID=49900e6dbe3eb5ea:T=1558019078:S=ALNI_MZkaFdZPYgFbEd-1x98oWO6_Ep--Q
.theherald.com.au/ Name: _sp_id.cd0e
Value: e76b4f2678f0ed57.1558019079.1.1558019079.1558019079
.theherald.com.au/ Name: _gaexp
Value: GAX1.3.lz394hssSU6hWZofCyDMIQ.18095.1
.theherald.com.au/ Name: _dc_gtm_UA-61683903-1
Value: 1
.theherald.com.au/ Name: _sp_ses.cd0e
Value: *
www.theherald.com.au/ Name: __adblocker
Value: false
.theherald.com.au/ Name: _ga
Value: GA1.3.1614052842.1558019077
www.theherald.com.au/ Name: kxfairfaxacm_visits
Value: 1
www.theherald.com.au/ Name: _stl
Value: 1
.theherald.com.au/ Name: _dc_gtm_UA-16730067-3
Value: 1
www.theherald.com.au/ Name: _las
Value: 0
www.theherald.com.au/ Name: 420576909
Value: z6wqs3r3mil

1 Console Messages

Source Level URL
Text
console-api info URL: https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js(Line 8)
Message:
Our embeddable contains third-party, open source software and/or libraries. To view them and their license terms, go to http://goto.zendesk.com/embeddable-legal-notices

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy child-src * blob:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
advertising.oriel.io
assets.zendesk.com
b823s.com
beacon.krxd.net
buy-au.piano.io
by217.com
cdn-au.piano.io
cdn-gl.imrworldwide.com
cdn.fairfaxregional.com.au
cdn.krxd.net
cdn.onthe.io
cdn.optimizely.com
consumer.krxd.net
ekr.zdassets.com
errors.client.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
hm732.com
id-au.piano.io
js-sec.indexww.com
js.matheranalytics.com
match.adsrvr.org
newcastleherald.zendesk.com
nnstatic-a.akamaihd.net
ping.chartbeat.net
script.hotjar.com
secure-au.imrworldwide.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
sochi.fairfaxregional.com.au
static.chartbeat.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
theherald.com.au
tpc.googlesyndication.com
tt.onthe.io
vars.hotjar.com
www.fairfaxstatic.com.au
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.npttech.com
www.theherald.com.au
104.16.52.111
104.18.72.113
104.18.74.113
104.248.100.80
107.178.250.234
107.23.115.104
13.32.222.45
136.243.230.112
138.201.138.163
138.201.44.14
138.201.44.8
147.75.32.173
147.75.33.239
151.101.0.175
172.217.22.34
176.34.240.242
2.16.181.216
2.16.181.224
2.18.234.21
2600:9000:20bb:4400:1e:a43d:b640:93a1
2600:9000:20bb:7600:18:1fcd:349:ca21
2600:9000:20bb:9a00:14:e8dc:9940:93a1
2600:9000:20bb:be00:2:42d9:3100:93a1
2606:4700::6810:2a41
2606:4700:e4::ac40:a222
2a00:1450:4001:80b::2001
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::2008
2a00:1450:4001:820::2004
2a00:1450:4001:821::2002
2a00:1450:4001:824::2002
2a00:1450:4001:825::2002
2a00:1450:4001:825::200e
2a00:1450:400c:c08::9d
2a02:26f0:6c00:181::13b8
2a02:26f0:6c00:190::1ba9
2a02:26f0:6c00::210:ba49
34.248.179.93
52.0.120.255
52.211.170.118
52.51.227.120
52.65.63.14
54.172.174.181
95.216.24.148
006bcd48bf865825e46b8bab92c9c938a6e55246694d049241eee2e696dbf48d
02b4519d09518b283b7a2a427f77fc4c7422542064b0acb35ced834995dddd3d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c0ab613b042bfbc9c5f5e9a9a547283fb9125b14846d9f4864ef3b853f6e7f9
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1ac2c7b85bdd8fc2b9219e5404775cc7283bc5152f6bf70fd0e5e683e87ae853
1cb3863e9ae8ddcb2ced99f68916d78c908f634316993f6a4b82707fa9c0e1d6
2054db7b42ab7fb5842e6797a724afcf4760beee8590403d415712939a4535cb
2a1ea144f62bf6e0c1eb4f022b0ed2ee33e46fd6d7a805f44c49650ca53daf4c
2a8350ad156df9702f344dfde49982ad163553e5393b086fc658df19b8de74b0
2a98b3b10247f3a9c87515d1a22a1f5ff0315f288d70a5c0edb7f47315e90200
2af904471216e1101423b2f6faa6cf5007eebfa2aea7438fd419605f3fdc55fa
2b141c19916841d85deef62c5e829492f3f92784be3f85b65beb3ad4f3f48658
2b2a58484d626ebe05c14698bf8488ed0734d2d60befdc1c13af99b60071bc03
2bc815ceb3c586987bddb38f8db6b376f01d3f3bc8ebe5bc5527e7498e284030
2de6c03c57fa6f56315d0a90e9f188bf61ba1de455f0ceb50cd14902eba3d78a
30121367e1b2323392e95380e8df04d38c4c00126946e99b9d2597abdcfd2ac1
372814b54995a67278ae9e0c7cae3139cbf9223ce1843941dc86ca029c8d4776
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
42ecd45865dd5658d81b0c69f9a2bd66f76ff5325433a02331f87a4d83ef3193
47de29dd54d340be725f57f4f4b08ed58ab612ac7376199b7fd441376dee9654
4a182727f67e363ee9bae8e743947f3e56c807c9659cab3dd91e4b3320e7c15b
4abe9cdc849179867d36f46e63d86bfad9f88012a023889526f75df42ebcd8bf
4bacda126d4318418c593800f3ed310cdc4e9d0f0b4e5e7485f268d3e8ceb12d
4e7bbb56b609b0eab34a187e417daa43e74cbb03f467fcaa12f5ed5615fadf40
5024d862c9d18b5393a95464d736ee00d88bba8ce166774db11b131682425e95
52edbe109ac49d0b2065a86d9b66f47bfa49d6ae157eb077a330b6e6468b2b29
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5b376b9656bdae0ddbc27a370224a543a0279ea24c627eda3524335309973dea
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6355605e3df681ae62b6e9186d7f2992b348366c48291401183e12e8a0ac1449
675e48226e9457c0625d152828a05d6d1df2d2f82c1f37796dd9c8e322f444e0
67744fe3abc70b4eeac16c6e9fc06d056b8bb7e5f142804ff96a5befc55cdbf7
6feed27cb2bbf32a7c54e063b537c5be6ee7aab4e36a586fb733da2c05fdae5a
728175c2094ac11d1371369cddc1ab6985c1c588530a30c767f43e07c6de5a1a
73105bd49cc381afe3583872c08f24f301299ddeb7764b72c575cf02f8f8f2dd
73befba6079d62cda9ad97982f2de870df5bf6235cf67d8e78977d4a1509496b
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
77cf8357faefe30b0b2618225247f9c46018a2364a5208c8deb04cf0fb8ad606
7abe57e3ac6419dd07499ca2a01c7e6c44fd646acedb7d0c4b4a89dd6adcff9e
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
80f16f6cc6ad09222b82ead9d638ce890ccebcf88a91984d9527b0537b48d524
8150191e6c92a50a143fb7158e59737fd8261fb28d3894ff65233fd4fa20013f
82f4eba71f16faf1d7c280a2b8c9138c2e465902deceb9e8a1590df6acce0a40
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86f1962100b67cc5225608b37c8c42fdb453f0e1dafde4b3ac5cd13f188a2e57
8a9fc6b7cc97c329b87a2c7ca7ec0b30ef584276333ff82b52dcb6c2b5a40bfd
8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb
8ee068e2b4b02c330d4b9b7943547cee6f4326342b9d6432945812bcaf0238a3
90493b7d09262ca31da85504d3fb39ec95a204e2cd8614ffd75a86b167ad2d79
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93d39da3773a26f38a235454f91d1d2a57a0d9d066c72f9a41452651b08e539e
94b7b00ea6b3939ad365c28a6c6779d8877517086d47043e778f91612e67948d
960381cdbe4eddade3c3b0c4d8bf5513cf9768c26c43db27e53df742f4f7b535
9926599f340fa47d63665b751525f58cad4aa90e110c9aa6f4489ffaf5a1dc11
a045644e3e18855f6abeeabf898f93d292eea4d4db9afb2aca954fe1cf083556
a161cba4b2b8a90e2ca19e935256925fa3920b6ed129ec1568fccbd1a290b1b1
a973cc2fc7a6aaa01a049277eb7032b95c6f35713604eae45fa6ce65032b9f68
abb0b45bc4bc0e6b957dae12f1800f512fc691a2a499ede129fe9c9beba1d601
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
af3493b3a347f14e1b8da7c7e2808274606ae5ff13d559c2525cdd477e3e5a21
b85d2c05bbb35dde5f7ceff8bd5e46d9e4381559565a795748b6a31a59a049a8
b8a8385400d498bd2379a4abd15c533ae635bc5a958198b339cd19662d062e39
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb555becf9cb272e5d13e3f54a07a06034900816f1805c4ec4df7d719d45ae17
bd9378dfdd57227d74c8816e8ea461b6ae2e2f42fbd78fe1d177bf9ced3f09e7
be4aaab18446e78340c823c0c461eac098f748b6fbcd27e30100af266870eeb1
bf4bad2bed510d5a98da212aa8ace1554e0da88e7c72bf824ac66b671927153c
cd257d196733acfdafab94b36a074f6de01c2d21ccfcf28215c443a7998ae340
ce3e1be45a00b1ee6aa4e9b797125710af11246b071e44306138c82beda28500
ce9725c8fd030478ee28606364de5b03ac3ba8fe407276144cddf6650206851a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d075a83599848e3fe7a5ef7d22cddad3b6da99ce8b0c7b71a9a9016d0d754f19
d12b53b875b02458512c3049cd40119d0ac77b75b431a2cbbc997574b8eeb814
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
dbe42375f89b1b60e63cab69f39cf643e51318e004b58af528a3f44c4cafd711
de82c2a59238a710f2b780989c77d443eec90afe8416e8e70e50f8097cdadf16
e072617c2a134d2d80d3c83fe4f98d78df7f1a91c49a48eca640751502028f01
e11a84380b3d8221e4b6a58a148be42e5e815a32c1449d6dee5d84b39c23dc58
e32d18ce4816c4bf5847e24fcafc650ea566be289229347f1c85fa59f35d728a
e38ea1af225b43e5e55a1264bbfaa0b2518ac03da73b403a4582fbf9d8c52d60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac2bc2c09f3efa6f2f8a2689f7afd875ee2b6ab03bf7841c48c793bb6f8b36a
ebcc5baa538ee8a13582cdc2decb26237567d4dae58350f8edb6da148c200bfb
ec2c5c23282a69a44cf751f989077cb6f74a2606c555fd24a2b551fb59bfb1d0
eeafacef5a6029fb54f0b596912d8d5f244924184a3133b8181a707d682f0d38
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f90061e3116a39fe12089aae5143fdc63620921a672a48d2a9e8baa18181232b
ff865fd3ebf65b46f940231a357eb502b869a705b5354526997f4edc1c6e3dbc