www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html
Effective URL:
https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Submission: On December 14 via api (December 14th 2020, 7:43:01 pm UTC) from CA

Summary HTTP 273 Redirects Links 55 Behaviour Indicators

Summary

This website contacted 74 IPs in 9 countries across 57 domains to perform 273 HTTP transactions. The main IP is 2.18.233.28, located in Ascension Island and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 28th 2020. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2.16.186.90 2.16.186.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	104.75.88.116 104.75.88.116	16625 (AKAMAI-AS) (AKAMAI-AS)
21 69	2.18.233.28 2.18.233.28	16625 (AKAMAI-AS) (AKAMAI-AS)
8 26	104.75.88.206 104.75.88.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
7	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
1	2a04:fa87:fff... 2a04:fa87:fffd::c000:42d0	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:211... 2600:9000:211a:8e00:1e:c291:240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.95.134.70 52.95.134.70	16509 (AMAZON-02) (AMAZON-02)
1	52.95.128.187 52.95.128.187	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.181 151.101.193.181	54113 (FASTLY) (FASTLY)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
5	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
3	184.30.216.184 184.30.216.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	23.37.61.47 23.37.61.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
4 4	3.127.129.22 3.127.129.22	16509 (AMAZON-02) (AMAZON-02)
2 9	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	54.195.113.118 54.195.113.118	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	52.37.186.218 52.37.186.218	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	54.36.109.183 54.36.109.183	16276 (OVH) (OVH)
2 2	52.58.161.11 52.58.161.11	16509 (AMAZON-02) (AMAZON-02)
1 1	172.105.220.23 172.105.220.23	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	52.57.142.16 52.57.142.16	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:210... 2600:9000:2104:3000:4:77d:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 5	172.217.16.166 172.217.16.166	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:1000:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
13	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2 4	2600:9000:206... 2600:9000:206e:6600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:210... 2600:9000:2104:6000:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.6.63 13.32.6.63	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:2104:b800:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.73.9 65.9.73.9	16509 (AMAZON-02) (AMAZON-02)
2	2.17.176.249 2.17.176.249	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.158.80.187 35.158.80.187	16509 (AMAZON-02) (AMAZON-02)
1	65.9.73.42 65.9.73.42	16509 (AMAZON-02) (AMAZON-02)
1 4	108.128.13.248 108.128.13.248	16509 (AMAZON-02) (AMAZON-02)
1	54.194.171.8 54.194.171.8	16509 (AMAZON-02) (AMAZON-02)
2	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
1 1	99.81.11.244 99.81.11.244	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	18.205.230.34 18.205.230.34	14618 (AMAZON-AES) (AMAZON-AES)
11	54.77.207.73 54.77.207.73	16509 (AMAZON-02) (AMAZON-02)
1	65.9.73.11 65.9.73.11	16509 (AMAZON-02) (AMAZON-02)
1	82.199.68.73 82.199.68.73	15830 (EQUINIX-C...) (EQUINIX-CONNECT-EMEA)
1	65.9.73.36 65.9.73.36	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
2	65.9.78.118 65.9.78.118	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
3 6	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
16	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
10	2600:9000:20a... 2600:9000:20a5:6a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
19	104.244.39.20 104.244.39.20	7415 (ADSAFE-1) (ADSAFE-1)
2	52.49.200.205 52.49.200.205	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	52.214.20.184 52.214.20.184	16509 (AMAZON-02) (AMAZON-02)
273	74

1 2.16.186.90 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

www.heraldsun.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.116 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-116.deploy.static.akamaitechnologies.com

www.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 2.18.233.28 (Ascension Island) 21 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com

www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mhr.talk.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.75.88.206 (Netherlands) 8 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-206.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resourcesssl.newscdn.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)

origin.go.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:8e00:1e:c291:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

s1.rui.au.reastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.134.70 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

news-networkeditorial.s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.128.187 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com

s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.181 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.216.184 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-216-184.deploy.static.akamaitechnologies.com

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.37.61.47 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-61-47.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

ts2020-indies-client.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.127.129.22 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.62 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.113.118 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-113-118.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.37.186.218 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.36.109.183 (Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: p08.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.161.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.220.23 (Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1874-23.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.142.16 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:3000:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:1000:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206e:6600:1e:a43d:b640:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2104:6000:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.6.63 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-6-63.vie50.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:b800:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

seccdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.9 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.176.249 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-176-249.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.80.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-80-187.eu-central-1.compute.amazonaws.com

uconnect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.42 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.128.13.248 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.171.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.11.244 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.205.230.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.77.207.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.199.68.73 (Netherlands)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5af29a8e53f898387fd48b26683e156a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.78.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Mountain View, United States)

ASN15169 (GOOGLE, US)

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.91 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:20a5:6a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.244.39.20 (United States)

ASN7415 (ADSAFE-1, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.200.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-200-205.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.20.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-20-184.eu-west-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	heraldsun.com.au 21 redirects www.heraldsun.com.au origin.go.heraldsun.com.au metrics.heraldsun.com.au	3 MB
41	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	471 KB
25	doubleclick.net 4 redirects cm.g.doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net 8228261.fls.doubleclick.net googleads.g.doubleclick.net	141 KB
23	googlesyndication.com pagead2.googlesyndication.com 5af29a8e53f898387fd48b26683e156a.safeframe.googlesyndication.com tpc.googlesyndication.com	73 KB
22	taboola.com 2 redirects cdn.taboola.com trc.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com trc-events.taboola.com	149 KB
19	news.com.au 11 redirects www.heraldsun.news.com.au www.news.com.au tags.news.com.au mhr.talk.news.com.au	206 KB
16	api.news content.api.news	270 KB
11	imrworldwide.com 2 redirects secure-gl.imrworldwide.com cdn-gl.imrworldwide.com seccdn-gl.imrworldwide.com secure-dcr.imrworldwide.com	72 KB
11	newscdn.com.au resourcesssl.newscdn.com.au	74 KB
9	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	10 KB
7	google.com adservice.google.com www.google.com	789 B
6	googletagservices.com www.googletagservices.com	172 KB
6	adsrvr.org 2 redirects match.adsrvr.org js.adsrvr.org insight.adsrvr.org	11 KB
5	demdex.net 1 redirects dpm.demdex.net newscorpau.demdex.net	6 KB
5	tiqcdn.com tags.tiqcdn.com	23 KB
4	mfadsrvr.com 4 redirects rtb.mfadsrvr.com	3 KB
3	google.de www.google.de	704 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	googleadservices.com www.googleadservices.com	36 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	21 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	id5-sync.com 2 redirects id5-sync.com	4 KB
3	newscorpaustralia.com login.newscorpaustralia.com
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	amazonaws.com news-networkeditorial.s3-ap-southeast-2.amazonaws.com s3-ap-southeast-2.amazonaws.com	33 KB
2	googletagmanager.com www.googletagmanager.com	76 KB
2	licdn.com snap.licdn.com	3 KB
2	chartbeat.net ping.chartbeat.net	337 B
2	vidora.com assets.vidora.com	4 KB
2	360yield.com 2 redirects ice.360yield.com	1011 B
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	828 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
1	twitter.com analytics.twitter.com	279 B
1	t.co t.co	170 B
1	mookie1.com au-gmtdmp.mookie1.com	609 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	google.nl adservice.google.nl	803 B
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	tealiumiq.com uconnect.tealiumiq.com	455 B
1	newscgp.com au.tags.newscgp.com	48 KB
1	chartbeat.com static.chartbeat.com	24 KB
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	criteo.com 1 redirects dis.criteo.com	483 B
1	emxdgt.com e1.emxdgt.com	124 B
1	adkernel.com dsp.adkernel.com	233 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	storygize.net 1 redirects www.storygize.net	431 B
1	pubmatic.com simage2.pubmatic.com	885 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	web.app ts2020-indies-client.web.app	3 KB
1	fontawesome.com use.fontawesome.com	13 KB
1	reastatic.net s1.rui.au.reastatic.net	9 KB
1	speedcurve.com cdn.speedcurve.com	7 KB
0	digitaleditions.com.au Failed heraldsun.digitaleditions.com.au Failed
273	57

	Domain	Requested by
52	www.heraldsun.com.au	21 redirects www.heraldsun.com.au
19	dt.adsafeprotected.com	www.heraldsun.com.au
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
16	content.api.news	www.heraldsun.com.au
15	tags.news.com.au	8 redirects tags.tiqcdn.com au.tags.newscgp.com
13	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net www.heraldsun.com.au
11	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.heraldsun.com.au
11	resourcesssl.newscdn.com.au	www.heraldsun.com.au ts2020-indies-client.web.app
10	static.adsafeprotected.com	pixel.adsafeprotected.com www.heraldsun.com.au
6	www.google.com	securepubads.g.doubleclick.net www.heraldsun.com.au
6	www.googletagservices.com	securepubads.g.doubleclick.net
6	secure.adnxs.com	3 redirects www.heraldsun.com.au
6	cdn.taboola.com	www.heraldsun.com.au cdn.taboola.com
5	cdn-gl.imrworldwide.com	www.heraldsun.com.au seccdn-gl.imrworldwide.com secure-gl.imrworldwide.com cdn-gl.imrworldwide.com
5	sync.taboola.com	2 redirects www.heraldsun.com.au
5	tags.tiqcdn.com	www.heraldsun.com.au tags.tiqcdn.com
5	trc.taboola.com	cdn.taboola.com www.heraldsun.com.au
4	8228261.fls.doubleclick.net	2 redirects www.heraldsun.com.au
4	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net
4	dpm.demdex.net	1 redirects www.heraldsun.com.au tags.news.com.au
4	secure-gl.imrworldwide.com	2 redirects secure-gl.imrworldwide.com www.heraldsun.com.au
4	rtb.mfadsrvr.com	4 redirects
3	www.google.de	www.heraldsun.com.au
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com
3	x.bidswitch.net	3 redirects
3	id5-sync.com	2 redirects www.heraldsun.com.au
3	cm.g.doubleclick.net	2 redirects www.heraldsun.com.au
3	login.newscorpaustralia.com	www.heraldsun.com.au
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.heraldsun.com.au
2	insight.adsrvr.org	js.adsrvr.org
2	px.ads.linkedin.com	1 redirects www.heraldsun.com.au
2	www.googletagmanager.com	secure-ds.serving-sys.com
2	snap.licdn.com	www.heraldsun.com.au snap.licdn.com
2	js.adsrvr.org	secure-ds.serving-sys.com
2	ping.chartbeat.net	www.heraldsun.com.au
2	metrics.heraldsun.com.au	tags.news.com.au www.heraldsun.com.au
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	assets.vidora.com	www.heraldsun.com.au assets.vidora.com
2	trc-events.taboola.com	www.heraldsun.com.au
2	ice.360yield.com	2 redirects
2	sync-t1.taboola.com	www.heraldsun.com.au
2	ce.lijit.com	1 redirects www.heraldsun.com.au
2	match.adsrvr.org	2 redirects
2	ib.adnxs.com	www.heraldsun.com.au
2	bh.contextweb.com	1 redirects www.heraldsun.com.au
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	news-networkeditorial.s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
2	www.news.com.au	2 redirects
1	secure-dcr.imrworldwide.com	www.heraldsun.com.au
1	analytics.twitter.com	static.ads-twitter.com
1	www.linkedin.com	1 redirects
1	t.co	www.heraldsun.com.au
1	au-gmtdmp.mookie1.com	www.heraldsun.com.au
1	acdn.adnxs.com	www.heraldsun.com.au
1	static.ads-twitter.com	www.heraldsun.com.au
1	5af29a8e53f898387fd48b26683e156a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	vars.hotjar.com	static.hotjar.com
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	script.hotjar.com	static.hotjar.com
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	cdn.adsafeprotected.com	tags.news.com.au
1	uconnect.tealiumiq.com	www.heraldsun.com.au
1	static.hotjar.com	tags.tiqcdn.com
1	seccdn-gl.imrworldwide.com	tags.news.com.au
1	au.tags.newscgp.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	ad.doubleclick.net	tags.tiqcdn.com
1	cds.taboola.com	www.heraldsun.com.au
1	bttrack.com	www.heraldsun.com.au
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	www.heraldsun.com.au
1	dsp.adkernel.com	www.heraldsun.com.au
1	rtb-csync.smartadserver.com	www.heraldsun.com.au
1	www.storygize.net	1 redirects
1	simage2.pubmatic.com	www.heraldsun.com.au
1	pixel.rubiconproject.com	www.heraldsun.com.au
1	match.taboola.com	www.heraldsun.com.au
1	ts2020-indies-client.web.app	www.heraldsun.com.au
1	mhr.talk.news.com.au	www.heraldsun.com.au
1	use.fontawesome.com	cdn.taboola.com
1	s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	s1.rui.au.reastatic.net	www.heraldsun.com.au
1	origin.go.heraldsun.com.au	www.heraldsun.com.au
1	cdn.speedcurve.com	www.heraldsun.com.au
1	www.heraldsun.news.com.au	1 redirects
0	heraldsun.digitaleditions.com.au Failed	www.heraldsun.com.au
273	92

This site contains links to these domains. Also see Links.

Domain
www.plusrewards.com.au
myaccount.heraldsun.com.au
www.escape.com.au
supercoach.com.au
tips.com.au
supercoach.heraldsun.com.au
www.realestate.com.au
heraldsun.digitaleditions.com.au
www.facebook.com
www.twitter.com
www.instagram.com
heraldsun.com.au
myaccount.news.com.au
www.newsletters.news.com.au
www.mytributes.com.au
www.newscorpaustralia.com
www.newsphotos.com.au
www.newsconcierge.com.au
www.dailytelegraph.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.news.com.au
www.theaustralian.com.au
www.themercury.com.au
www.geelongadvertiser.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.townsvillebulletin.com.au
www.thechronicle.com.au
www.ntnews.com.au
www.weeklytimesnow.com.au
www.buysearchsell.com.au
leader.local.heraldsun.com.au
www.foxsports.com.au
www.foxtel.com.au
hipages.com.au
kayosports.com.au
www.punters.com.au
www.odds.com.au
www.racenet.com.au
apps.apple.com
play.google.com
preferences.news.com.au
vip.wordpress.com

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2020-09-28` - `2021-09-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2020	`2020-12-09` - `2022-01-10`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
origin.go.heraldsun.com.au Let's Encrypt Authority X3	`2020-11-02` - `2021-01-31`	3 months	crt.sh
s1.rui.au.reastatic.net Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-11-12` - `2021-02-22`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
web.app GTS CA 1O1	`2020-04-15` - `2021-04-14`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.adkernel.com COMODO RSA Domain Validation Secure Server CA	`2017-11-17` - `2021-01-05`	3 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.id5-sync.com Let's Encrypt Authority X3	`2020-09-27` - `2020-12-26`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.vidora.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
au.tags.newscgp.com Amazon	`2020-02-08` - `2021-03-08`	a year	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
*.tealiumiq.com Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
metrics.heraldsun.com.au DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2021-07-15`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
*.google.nl GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 39 frames:

Primary Page: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Frame ID: D8F3922E1FA72D2AD4824A2EE367704D
Requests: 161 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=mIm8w6yOfv3pBg7MKdBPTgjcS6iUdaZO&nonce=eHYRqoIusaqFg4D5fghM4CePAwf8XGTm&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: F8BF9DE84CD5371D573B5C3FA4E62671
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=51f4630a-3e35-4ac5-8f5e-6ce7e14983aa&tbid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&query=taboola_hm%3D51f4630a-3e35-4ac5-8f5e-6ce7e14983aa&isDirect=0
Frame ID: 70D0362868E2397017792FD646F396C4
Requests: 20 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=bIttOPlaXYTgBRkpxaGTGcm4Z4feiBHf&nonce=44zcoedCwhDI7EEwEnV39_xl-oJPvS8M&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: E096A4B5E20D1BEA0F55D8B13315F528
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=_fR~hUFnwVav--T8pG7G.KtmfquIHwtr&nonce=FIt_mN6qwTQ8aF03a~Ta2-FsHk9m6NIU&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 6BC5A782FA1D31ECD0C81A2133BCCE63
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 6738961E749ED69C78CFC8A0168DE3E0
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: DF5BD9950E6BCBBDF8C067B51E57C091
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 5F724FA421180769A2B057436788869B
Requests: 1 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: F3E0F38912415C3B57271D3814B3B637
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 1DE82018AA9C9E7B718BB498E6A27202
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 94333DC4285B6857D04B1339DDBBC429
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 662C7228D60312C48B9601660EDCF807
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: EBC67581FC0B2097550CC57BAA668992
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 49713227224FB61889197EBAF95A77AB
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CM-n-sKdzu0CFQ7Auwgd7rEMXQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5993014848055.5625
Frame ID: 8389C0A41B3F7B7B8C4DCA4549483D97
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJGf-sKdzu0CFTnKuwgd4k0Jsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5080838645805.13
Frame ID: A1D60B540FE481EF0974EC649FEBF891
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: CE28254A6FEC04A52898FBC6DE08D4F8
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 2A241B8A895B494771E0974029CC857B
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: DAB2E225A7AC6D9A19CBAFD29845C63D
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 927090728AACEE34A4A214423F28F0D4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLW0UQR5DzSf3F4I39cqyW9cE8DABuVZKhWLdLykej-Krxt49jQE3l6LSVNOfVkHL098FBQSlApobB8nRy8C6Drf9_fQlUx4HOPAXe5u1yWWqEKoBN69B9j3sQzD2LTtSYxqZq4cPkHGIl8J42lFKHEQiljpx7dDR-8NQe7MMMULecR03iFpDyTUSgvE8VJwbvZ4isgO-WyMiaDNGBhBRBiTx_9DuGzzP4XG7L5QF8z9nh8hvSBXsEdkw0SYRacP3w6mREPEHZ&sig=Cg0ArKJSzHQSN5mV6bkeEAE&adurl=
Frame ID: 2DB2A748DA918042EAE4E2C673C9B0DB
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNbEzvU7entCYOYi9kGNtjSIeHrMN0U2Q3_cQ4BwSXOf-rdFWIwyR2yHtpkR7_yDNdm8rkJZc4Is6QZOsPqGPdwSiGkI0NHi7rCY44Rfe-32tylHvxeoPwXUPG_-FkFjx-r1wfn-u38hLZ3cpOxrNCgnctqXbgeMvsYSt_8ii1z6pXKxsnjCGKUk_To3nkherjMumgc6axMz4482Bxv72IQFPb49JBeklZxDec16vCqFTr7laDSNpx4YcBV7_C3bikQmKylL7O&sig=Cg0ArKJSzASkQGkgANzQEAE&adurl=
Frame ID: A1A27DEEEED408FD4C99C85EEF2D2F20
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszh5QMno03PJou5e8IeOTsnlb04R9VxUTmuxzxPpRl9mvGc_aVGaBowaM9I2ERsYyfJT3efuScrFKlX2RrvhZLlJXTPU03409z08ZptUysT9K49KW1c35X_mFjSzrIgTR6kWnXbFd88WPGe8BanU6A3mziiqHZT8PRp_WzX6yurhf1tub_NXQUFTZndIa4RX4p8MVsQZ4ZiZshl1eA16OroCIPFGZbKDMcl7hnHFFqohkkVL16RLPClMq7or7IVcRrZRbHuTG7&sig=Cg0ArKJSzIGP3g5pNtT2EAE&adurl=
Frame ID: 876B92F40022FD9B5A449F664A4ACBBA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPfGAUFPQ7gWMjJx6_8JAEdYyJnZqytQIuhiqObqntMJP3DFvhtn7iJLtrk__uRznpAgVM0QYlBRxjGD7HVfuMPYji53v9rXYUSKinZMK1go0r9WN3xe5I3eC1iY65dp4h5zEwIwRm2_OQW1qhj_sQTb2C5rKEFxPrWB-9CBs4M1C8YPzFPuyYbsv0DbyhuH5WUH_lehTj9qIOtDRHjE79LNikhDgVEnJHA44GAJT4CuvpeIMdiPaIAMcHe2v5BAdWGWfCY5gg&sig=Cg0ArKJSzLbN5H00u450EAE&adurl=
Frame ID: CB39984B969560BBCE5751CF9FE5DE53
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZ3L2zXH8mhIWjCya51Lc0nQDdi1me3lL2_wqevv39sRCFqgEIQTcTasU9T9t_q7WUVCQYJrdLRcAYQJ1AJaJZUnYy87N27dXPQYnspoXseTyPnC-dSDrMrpQJqsCQjo-L5c0GxMnD4tCaiPrlLpJSHKkM3k9iH4mKphFctir8X84wwZGhufnBJG3O0ZTLil-NbF4Qot0vK0Arvjpc6WkwTIQbKN8x1tgJFG06o0zXv1KjTvu13CrJFhcZsUlDg_15NCRXRHE7&sig=Cg0ArKJSzF30J6J7hyStEAE&adurl=
Frame ID: DFFECEE3BC13075354E4384C78D243CD
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1866880806&custom=homepage&custom3=168400391&adsafe_par&impId=871b1839-3e44-11eb-a989-0a0c79e93e25
Frame ID: 1AC5837C50E12D1DB0C6C710BC952737
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=817476037&custom=homepage&custom3=168400391&adsafe_par&impId=871b1838-3e44-11eb-a989-0a0c79e93e25
Frame ID: 31C5901EC27DC6DC517B29096D7B5DEF
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1929640578&custom=homepage&custom3=168400391&adsafe_par&impId=871b183a-3e44-11eb-a989-0a0c79e93e25
Frame ID: 71545579C90AA4B8D3FDD2367BC6ED9B
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=171174258&custom=homepage&custom3=168400391&adsafe_par&impId=871b183b-3e44-11eb-a989-0a0c79e93e25
Frame ID: B8D5792B061DB0AE083D16571EC7F491
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1445167679&custom=homepage&custom3=168400391&adsafe_par&impId=871b183c-3e44-11eb-a989-0a0c79e93e25
Frame ID: 933154D9503C014DE3057A0E19C4E5A2
Requests: 2 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 6C8182C5CF181C30006BC90736794C1F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 6D658BA816076D997D1788C145A1080C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 647573EE80C7BDAC7A7BB566BAE8825D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 1AD886271B8B8AC85F8546E9CE5A3A9C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 5F0FA5E2D8F6EFC0C8E558D25FEACEA2
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: F720AC1E260435C416CBF01DDDD61D94
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: DF4F424E0DDC82307C9A2E7745A27C50
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 534C25F77998C97040D80634E5A4239C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: EB8E7FCB0C69A43AB9F3E61437A6D464
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&160... HTTP 302
https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

273
Requests

98 %
HTTPS

27 %
IPv6

57
Domains

92
Subdomains

74
IPs

9
Countries

5363 kB
Transfer

8815 kB
Size

4
Cookies

55 Outgoing links

These are links going to different origins than the main page.

URL: https://www.plusrewards.com.au/heraldsun/offers
Title: Rewards

Search URL Search Domain Scan URL

URL: https://myaccount.heraldsun.com.au/s
Title: My account

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/
Title: Travel

Search URL Search Domain Scan URL

URL: https://supercoach.com.au/
Title: SuperCoach

Search URL Search Domain Scan URL

URL: http://tips.com.au/afl/?source_code=HSWEB_TIP1271
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/racing
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/nrl
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://tips.com.au/nrl/
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/news/mt-martha-dream-home-with-incredible-pool-up-for-grabs/?rsf=syn:news:nca:hs:spa

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/destinations/asia/maldives/maldives-video-that-broke-tiktok/news-story/50e2e2f9f2d82bde5d425d0b7c540726

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/news/worldwide-monolith-mystery-reaches-australia/image-gallery/22341ca603ce50b89c185457df159c04
Title: Mystery monolith found in Australia

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/news/weird-and-wonderful-aussie-food-facts/image-gallery/3ec7d089dfee46dc14e8c55430555f20
Title: What no one told you about Saos

Search URL Search Domain Scan URL

URL: https://heraldsun.digitaleditions.com.au/index.php
Title: Front pageRead today's paper as it was printed.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heraldsun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/theheraldsun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldsunphoto

Search URL Search Domain Scan URL

URL: http://heraldsun.com.au/help-rss

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_GCRACA_W52&hideRegistrationTnC=true
Title: Group/Corporate subscriptions

Search URL Search Domain Scan URL

URL: https://www.newsletters.news.com.au/heraldsun
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.mytributes.com.au/
Title: My Tributes

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/careers
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms
Title: Subscription terms

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_LAPP_17A_W04#subscribe
Title: App only subscription terms

Search URL Search Domain Scan URL

URL: http://www.newsphotos.com.au/C.aspx?VP3=CMS3&VF=Home
Title: Photo Sales

Search URL Search Domain Scan URL

URL: https://www.newsconcierge.com.au/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: The Daily Telegraph

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: Courier Mail

Search URL Search Domain Scan URL

URL: http://www.adelaidenow.com.au/
Title: The Advertiser

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: The Australian

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: The Mercury

Search URL Search Domain Scan URL

URL: https://www.geelongadvertiser.com.au/
Title: Geelong Advertiser

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: The Cairns Post

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: Gold Coast Bulletin

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: Townsville Bulletin

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: The Chronicle

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: NT News

Search URL Search Domain Scan URL

URL: https://www.weeklytimesnow.com.au/
Title: The Weekly Times

Search URL Search Domain Scan URL

URL: https://www.buysearchsell.com.au/
Title: Buy Search Sell

Search URL Search Domain Scan URL

URL: http://leader.local.heraldsun.com.au/
Title: Find Your Local

Search URL Search Domain Scan URL

URL: http://www.foxsports.com.au/
Title: Foxsports

Search URL Search Domain Scan URL

URL: https://www.foxtel.com.au/index.html
Title: Foxtel

Search URL Search Domain Scan URL

URL: https://hipages.com.au/
Title: Hipages

Search URL Search Domain Scan URL

URL: https://kayosports.com.au/
Title: Kayo

Search URL Search Domain Scan URL

URL: https://www.punters.com.au/
Title: Punters

Search URL Search Domain Scan URL

URL: https://www.odds.com.au/
Title: odds.com.au

Search URL Search Domain Scan URL

URL: https://www.racenet.com.au/
Title: racenet.com.au

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/herald-sun/id392582225

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newscorp.heraldsun

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##collect
Title: Find out more about our policy and your choices, including how to opt-out.

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##optout
Title: Relevant ads opt-out

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1607974956151507550 HTTP 302
https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1607974959492&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607974959492&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1

Request Chain 36

https://www.heraldsun.com.au/digitalprinteditions HTTP 301
https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F HTTP 0
http://heraldsun.digitaleditions.com.au/

Request Chain 49

https://www.heraldsun.com.au/truecrimeaustralia/police-courts/victoria-police-join-hunt-for-rebels-bikie-boss-nick-martins-killer/news-story/9e7a1e2bacd894ad35c5d4c0cfdbba3b HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fvictoria-police-join-hunt-for-rebels-bikie-boss-nick-martins-killer%2Fnews-story%2F9e7a1e2bacd894ad35c5d4c0cfdbba3b&memtype=anonymous&mode=premium HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a_TCA_PC%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Ftruecrimeaustralia%252Fpolice-courts%252Fvictoria-police-join-hunt-for-rebels-bikie-boss-nick-martins-killer%252Fnews-story%252F9e7a1e2bacd894ad35c5d4c0cfdbba3b%26memtype%3danonymous%26mode%3dpremium HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fvictoria-police-join-hunt-for-rebels-bikie-boss-nick-martins-killer%2Fnews-story%2F9e7a1e2bacd894ad35c5d4c0cfdbba3b&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a_TCA_PC%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Ftruecrimeaustralia%252Fpolice-courts%252Fvictoria-police-join-hunt-for-rebels-bikie-boss-nick-martins-killer%252Fnews-story%252F9e7a1e2bacd894ad35c5d4c0cfdbba3b%26memtype%3danonymous%26mode%3dpremium&16079749602015637833 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fvictoria-police-join-hunt-for-rebels-bikie-boss-nick-martins-killer%2Fnews-story%2F9e7a1e2bacd894ad35c5d4c0cfdbba3b&memtype=anonymous&mode=premium&nk=bf9900401f92a922f10c5ebf966f5371-1607974961

Request Chain 50

https://www.heraldsun.com.au/news/victoria/swimmer-spots-great-white-shark-in-shallow-water-near-pier/news-story/009073eae17357b3e40c0a401eaf5352 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fswimmer-spots-great-white-shark-in-shallow-water-near-pier%2Fnews-story%2F009073eae17357b3e40c0a401eaf5352&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fnews%252Fvictoria%252Fswimmer-spots-great-white-shark-in-shallow-water-near-pier%252Fnews-story%252F009073eae17357b3e40c0a401eaf5352%26memtype%3danonymous%26mode%3dpremium&16079749602137560478 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fswimmer-spots-great-white-shark-in-shallow-water-near-pier%2Fnews-story%2F009073eae17357b3e40c0a401eaf5352&memtype=anonymous&mode=premium&nk=56232578424676792e2d98e7b426017a-1607974961

Request Chain 52

https://www.heraldsun.com.au/sport/afl/teams/collingwood/eddie-mcguire-to-stand-down-as-collingwood-president-at-end-of-2021-season/news-story/4b6daedd278c7905413a8f11f9c26cae HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-stand-down-as-collingwood-president-at-end-of-2021-season%2Fnews-story%2F4b6daedd278c7905413a8f11f9c26cae&memtype=anonymous&mode=premium HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fsport%252Fafl%252Fteams%252Fcollingwood%252Feddie-mcguire-to-stand-down-as-collingwood-president-at-end-of-2021-season%252Fnews-story%252F4b6daedd278c7905413a8f11f9c26cae%26memtype%3danonymous%26mode%3dpremium HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-stand-down-as-collingwood-president-at-end-of-2021-season%2Fnews-story%2F4b6daedd278c7905413a8f11f9c26cae&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fsport%252Fafl%252Fteams%252Fcollingwood%252Feddie-mcguire-to-stand-down-as-collingwood-president-at-end-of-2021-season%252Fnews-story%252F4b6daedd278c7905413a8f11f9c26cae%26memtype%3danonymous%26mode%3dpremium&1607974960209296086 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-stand-down-as-collingwood-president-at-end-of-2021-season%2Fnews-story%2F4b6daedd278c7905413a8f11f9c26cae&memtype=anonymous&mode=premium&nk=c48d23d26bf1ab481c0c560dd5a2a494-1607974961

Request Chain 54

https://www.heraldsun.com.au/sport/afl/teams/collingwood/collingwood-says-afl-trade-radio-added-to-hysteria-about-adam-treloars-trade/news-story/79691134198780fc4d2d3be4112fc0a9 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Fcollingwood-says-afl-trade-radio-added-to-hysteria-about-adam-treloars-trade%2Fnews-story%2F79691134198780fc4d2d3be4112fc0a9&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fsport%252Fafl%252Fteams%252Fcollingwood%252Fcollingwood-says-afl-trade-radio-added-to-hysteria-about-adam-treloars-trade%252Fnews-story%252F79691134198780fc4d2d3be4112fc0a9%26memtype%3danonymous%26mode%3dpremium&1607974960604579511 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Fcollingwood-says-afl-trade-radio-added-to-hysteria-about-adam-treloars-trade%2Fnews-story%2F79691134198780fc4d2d3be4112fc0a9&memtype=anonymous&mode=premium&nk=738700f69b4387d67f1c419a8da986bc-1607974961

Request Chain 56

https://www.heraldsun.com.au/coronavirus/victorian-governments-missed-opportunities-contributed-to-deadly-second-wave/news-story/052eab6d442768db31cd1cb1ba70fb8e HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fvictorian-governments-missed-opportunities-contributed-to-deadly-second-wave%2Fnews-story%2F052eab6d442768db31cd1cb1ba70fb8e&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fvictorian-governments-missed-opportunities-contributed-to-deadly-second-wave%252Fnews-story%252F052eab6d442768db31cd1cb1ba70fb8e%26memtype%3danonymous%26mode%3dpremium&1607974960447100576 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fvictorian-governments-missed-opportunities-contributed-to-deadly-second-wave%2Fnews-story%2F052eab6d442768db31cd1cb1ba70fb8e&memtype=anonymous&mode=premium&nk=c0667568cffaa12e76fc45450685daa8-1607974961

Request Chain 57

https://www.heraldsun.com.au/news/victoria/victorias-public-servants-told-to-avoid-saying-wife-husband-in-lgbtiq-inclusive-language-guide/news-story/86db0d7d9a4f1b37836c75a3e13b7c2a HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fvictorias-public-servants-told-to-avoid-saying-wife-husband-in-lgbtiq-inclusive-language-guide%2Fnews-story%2F86db0d7d9a4f1b37836c75a3e13b7c2a&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fnews%252Fvictoria%252Fvictorias-public-servants-told-to-avoid-saying-wife-husband-in-lgbtiq-inclusive-language-guide%252Fnews-story%252F86db0d7d9a4f1b37836c75a3e13b7c2a%26memtype%3danonymous%26mode%3dpremium&16079749601883799552 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fvictorias-public-servants-told-to-avoid-saying-wife-husband-in-lgbtiq-inclusive-language-guide%2Fnews-story%2F86db0d7d9a4f1b37836c75a3e13b7c2a&memtype=anonymous&mode=premium&nk=3df598c181bbe27735e38076739fa3af-1607974961

Request Chain 58

https://www.heraldsun.com.au/business/aspiring-firsthome-buyers-urged-to-act-soon-before-price-rise/news-story/11781d3c6b4da2e06dc3b8091113b13b HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fbusiness%2Faspiring-firsthome-buyers-urged-to-act-soon-before-price-rise%2Fnews-story%2F11781d3c6b4da2e06dc3b8091113b13b&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fbusiness%252Faspiring-firsthome-buyers-urged-to-act-soon-before-price-rise%252Fnews-story%252F11781d3c6b4da2e06dc3b8091113b13b%26memtype%3danonymous%26mode%3dpremium&160797496027525873 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fbusiness%2Faspiring-firsthome-buyers-urged-to-act-soon-before-price-rise%2Fnews-story%2F11781d3c6b4da2e06dc3b8091113b13b&memtype=anonymous&mode=premium&nk=2096c68f000ab8a627e184b8c8f45101-1607974961

Request Chain 73

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=51f4630a-3e35-4ac5-8f5e-6ce7e14983aa HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=51f4630a-3e35-4ac5-8f5e-6ce7e14983aa&tbid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&query=taboola_hm%3D51f4630a-3e35-4ac5-8f5e-6ce7e14983aa&isDirect=0

Request Chain 75

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=r0frXDnSGsFl&ev=1&orig=trc&pid=562107

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEByadlISMaCr2oG_3ILF4UA&google_cver=1

Request Chain 79

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af

Request Chain 80

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=697c6fe6-0a95-4b79-92bb-b27b1e481899

Request Chain 81

https://ce.lijit.com/merge?pid=42&3pid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 83

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af HTTP 302
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 87

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=56e9377a-ea33-4e47-b620-a3ff7d7380dd

Request Chain 88

https://id5-sync.com/s/464/9.gif?puid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOPGg10Ayph2hSMGefomFb1fQ3Wiq1yxf29j8Nhg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOPGg10Ayph2hSMGefomFb1fQ3Wiq1yxf29j8Nhg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=83364d96-886e-4ee2-b6a0-58813fb1c22a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

Request Chain 89

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Sc7ntTfuDOaixkzMMcDXXw

Request Chain 92

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=4b6385b0-91ba-4540-bd23-43b0248762a5 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=4b6385b0-91ba-4540-bd23-43b0248762a5 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a3608f9d-6b27-4b96-9f29-cc384b88c323&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4b6385b0-91ba-4540-bd23-43b0248762a5

Request Chain 108

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 118

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607974960286 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607974960286

Request Chain 121

https://cm.everesttech.net/cm/dd?d_uuid=21333485245962850940718422150944564211 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9fAMAAAAKG1qh-H

Request Chain 142

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607974961098&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-f3e39f2afdbb85e67efe315e07ed97ec&tz=1 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607974961098&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-f3e39f2afdbb85e67efe315e07ed97ec&tz=1&ja=1

Request Chain 149

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5993014848055.5625 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CM-n-sKdzu0CFQ7Auwgd7rEMXQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5993014848055.5625

Request Chain 150

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5080838645805.13 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJGf-sKdzu0CFTnKuwgd4k0Jsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5080838645805.13

Request Chain 154

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Request Chain 155

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Request Chain 156

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

Request Chain 206

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607974961384 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1607974961384%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607974961384&liSync=true

273 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldsun.com.au/
Redirect Chain

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html
https://www.heraldsun.com.au/
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f
https://www.heraldsun.com.au/
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1607974956151507550
https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

337 KB
61 KB

1956ms
1956ms

Document
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

91350974029c7daf6f24a0f9d3a2ad3f003923f59144fe0f43e26de77eade3eb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.heraldsun.com.au
:scheme: https
:path: /?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: n_regis=123456789
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=uM0nO4plH+RvVjU8dPAN4ifzwVw8jjqvLqk5PSJ8Q1o6Y3j8x6EmeuVyD00VFyypIp+Mxe68D81viK8kICLrdgWHdFBySdTStuVcTw3t5p66P651HXO95b/Ged7b; Expires=Mon, 21 Dec 2020 19:42:37 GMT; Path=/ nk=2e8d3f1980b8629f51f65ae881da0b29; expires=Thu, 14 Dec 2023 19:42:38 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=uM0nO4plH+RvVjU8dPAN4ifzwVw8jjqvLqk5PSJ8Q1o6Y3j8x6EmeuVyD00VFyypIp+Mxe68D81viK8kICLrdgWHdFBySdTStuVcTw3t5p66P651HXO95b/Ged7b; Expires=Mon, 21 Dec 2020 19:42:37 GMT; Path=/; SameSite=None; Secure
x-powered-by: WordPress VIP <https://wpvip.com>
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d2e8d3f1980b8629f51f65ae881da0b29-1607974956&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=2e8d3f1980b8629f51f65ae881da0b29
x-arrrg5: BlaizeHappened
x-rq: ewr4 119 89 3095
x-xss-protection: 1
x-content-type-options: nosniff
host-header: a9130478a60e5f9135f765b23f26593b
content-encoding: gzip
expires: Mon, 14 Dec 2020 19:42:38 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 14 Dec 2020 19:42:38 GMT

Redirect headers

server: AkamaiGHost
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
set-cookie: nk=2e8d3f1980b8629f51f65ae881da0b29; expires=Thu, 14 Dec 2023 19:42:36 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version: 1.0
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary: Accept-Encoding
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
expires: Mon, 14 Dec 2020 19:42:36 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Mon, 14 Dec 2020 19:42:36 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 1 B
594 B 237ms
236ms Stylesheet
text/css 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-rq: ewr4 114 53 3167
last-modified: Fri, 06 Nov 2020 23:21:49 GMT
server: nginx
etag: "5fa5da8d-1"
vary: User-Agent
content-type: text/css
expires: Mon, 14 Dec 2020 19:42:55 GMT
cache-control: max-age=16
date: Mon, 14 Dec 2020 19:42:39 GMT
is-https: true
content-length: 1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 21 KB
7 KB 218ms
84ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.speedcurve.com/js/lux.js?id=338391603

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

ef024a5f6a6afe4d445fd60002ff33e71b80ca52cbaab97153e31ab62b40d379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
age: 115
x-cache: HIT
content-length: 6883
x-served-by: cache-hhn4040-HHN
access-control-allow-origin: *
last-modified: Mon, 14 Dec 2020 19:40:44 GMT
server: Apache
x-timer: S1607974959.182613,VS0,VE1
date: Mon, 14 Dec 2020 19:42:39 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Mon, 21 Dec 2020 19:40:44 GMT
cache-control: max-age=604800
x-ua-compatible: IE=edge
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
4 KB 42ms
42ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 3055
x-rq: ewr4 113 245 3113
last-modified: Wed, 02 Dec 2020 22:32:17 GMT
server: nginx
etag: W/"5fc815f1-1f69"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=2015304
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 07 Jan 2021 03:31:03 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 216 KB
33 KB 150ms
62ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0abeec6125f9e84e6bdb0a3d0ec88f5c9364aec0f2fd73e5ad1e557fdb5ba410

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: wDu7S7DMrERX2EAgfdwM4tGJr.h.c2Q3
content-encoding: gzip
etag: "e55364132ed014b3fd5b677fd3383c48"
age: 28139
x-cache: HIT
content-length: 33404
x-amz-id-2: SZqGcPdMr9lbOdlHsH4CwLpohG+LWeuEakQ/79TJHCey2Cc3e7So/4ZY/1+Tj8s1+YsrUVR8l28=
x-served-by: cache-hhn4077-HHN
last-modified: Mon, 14 Dec 2020 11:53:19 GMT
server: AmazonS3
x-timer: S1607974959.142621,VS0,VE1
date: Mon, 14 Dec 2020 19:42:39 GMT
vary: Accept-Encoding
x-amz-request-id: 79E95C3269309AA0
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 1

GET
H2 200 ecceecd12846e45316d0ed242a2658ec
content.api.news/v3/images/bin/ 53 KB
53 KB 123ms
120ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/ecceecd12846e45316d0ed242a2658ec?width=1024
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9c8520255fc8286aa2c151bd1422373a0505b90ef50496c79be3b6fb9284c0d2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: ecceecd12846e45316d0ed242a2658ec
date: Mon, 14 Dec 2020 19:42:39 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 150c367042435b7685f82a461a3f0447-ecceecd12846e45316d0ed242a2658ec-1024
x-serial: 1052
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5139623
last-modified: Mon, 14 Dec 2020 07:24:21 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 54145
expires: Fri, 12 Feb 2021 07:23:02 GMT

GET
H2 200 b7d40cf76e8a9c101086d77769a1fce9
content.api.news/v3/images/bin/ 31 KB
31 KB 180ms
177ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/b7d40cf76e8a9c101086d77769a1fce9?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b7b2eec2a7ccb990422ac9c7aef5f9a3fca8ad9cb69fc98a2a128de953f83064

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: b7d40cf76e8a9c101086d77769a1fce9
date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Mon, 14 Dec 2020 08:44:29 GMT
server: Akamai Image Manager
etag: c8903e81ca6074a0a2860ed97002ba2c-b7d40cf76e8a9c101086d77769a1fce9-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5144470
access-control-allow-headers: x-newsapi-api-key
content-length: 31297
expires: Fri, 12 Feb 2021 08:43:49 GMT

GET
H2 200 fc97a8379e8e375a0527994c579b54ca
content.api.news/v3/images/bin/ 33 KB
33 KB 120ms
117ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/fc97a8379e8e375a0527994c579b54ca?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 1b94033b131d99d3541f5da66f004d4a49e491c20c28e82635554e155a3b2293

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: fc97a8379e8e375a0527994c579b54ca
date: Mon, 14 Dec 2020 19:42:39 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 0b3ac42cb5d32d6c269f30c44811c0d9-fc97a8379e8e375a0527994c579b54ca-650
x-serial: 335
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5144417
last-modified: Mon, 14 Dec 2020 08:42:31 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 33465
expires: Fri, 12 Feb 2021 08:42:56 GMT

GET
H2 200 80110a5b565ab8fbb8f217fcdc428c68
content.api.news/v3/images/bin/ 3 KB
3 KB 176ms
173ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/80110a5b565ab8fbb8f217fcdc428c68?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 5b00638a45fb3c677c32cbcd779230420ada3b5d348da75e2af3395e424bd7eb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 80110a5b565ab8fbb8f217fcdc428c68
date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Mon, 14 Dec 2020 04:42:51 GMT
server: Akamai Image Manager
etag: 422246a1466686f45fc667dd136d3b92-80110a5b565ab8fbb8f217fcdc428c68-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5130102
access-control-allow-headers: x-newsapi-api-key
content-length: 2838
expires: Fri, 12 Feb 2021 04:44:21 GMT

GET
H2 200 776d3320305f5ee0335b069775cd7260
content.api.news/v3/images/bin/ 3 KB
4 KB 175ms
173ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/776d3320305f5ee0335b069775cd7260?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 27b84d365ac2c0bf6a2222e0f592f6d8bc4aec62dea1896f6267c40d9369cc8b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 776d3320305f5ee0335b069775cd7260
date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Mon, 14 Dec 2020 19:03:58 GMT
server: Akamai Image Manager
etag: 177e24b8b07b9125464cf9da1aba8daf-776d3320305f5ee0335b069775cd7260-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5181628
access-control-allow-headers: x-newsapi-api-key
content-length: 3274
expires: Fri, 12 Feb 2021 19:03:07 GMT

GET
H2 200 d579918d1a4482e7f190bb3f318a8ea9
content.api.news/v3/images/bin/ 4 KB
4 KB 103ms
100ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/d579918d1a4482e7f190bb3f318a8ea9?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d6d59951dee3a8fb394bcb5c8fd164970dd99847f3721a2eb76f933290870844

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: d579918d1a4482e7f190bb3f318a8ea9
date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Mon, 14 Dec 2020 13:27:36 GMT
server: Akamai Image Manager
etag: 82c4f6f3d0fd1483dcb8881fb346be6b-d579918d1a4482e7f190bb3f318a8ea9-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5161552
access-control-allow-headers: x-newsapi-api-key
content-length: 3922
expires: Fri, 12 Feb 2021 13:28:31 GMT

GET
H2 200 00054270b85416e4d75bbc167853cace
content.api.news/v3/images/bin/ 4 KB
5 KB 117ms
115ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/00054270b85416e4d75bbc167853cace?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3d2b3ea6223a753292e252a6543d80fe52e293f946d2986656b32d558902aadb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 00054270b85416e4d75bbc167853cace
date: Mon, 14 Dec 2020 19:42:39 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 1508b3f6161e44c2cbacbd16bfee4b23-00054270b85416e4d75bbc167853cace-150
x-serial: 1247
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5140036
last-modified: Mon, 14 Dec 2020 07:31:23 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 4452
expires: Fri, 12 Feb 2021 07:29:55 GMT

GET
H2 200 e7f975d64319861e5a0c329b32b70750
content.api.news/v3/images/bin/ 40 KB
41 KB 111ms
110ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/e7f975d64319861e5a0c329b32b70750?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: fe78fc7cfda2c628ebd9b2335dd306f895c674acff378abdc98684385adcab17

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: e7f975d64319861e5a0c329b32b70750
date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Mon, 14 Dec 2020 13:03:25 GMT
server: Akamai Image Manager
etag: 18066881e10525f72a855252d5f7bab9-e7f975d64319861e5a0c329b32b70750-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5159989
access-control-allow-headers: x-newsapi-api-key
content-length: 41341
expires: Fri, 12 Feb 2021 13:02:28 GMT

GET
H2 200 75e8929429bc8146916ae2cc2202fa3f
content.api.news/v3/images/bin/ 39 KB
39 KB 101ms
100ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/75e8929429bc8146916ae2cc2202fa3f?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: bcb15c28e75bc90c294250501c077c01b71014bb67e3c0eb48349d9e45ada52f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 75e8929429bc8146916ae2cc2202fa3f
date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Mon, 14 Dec 2020 09:29:45 GMT
server: Akamai Image Manager
etag: 69c6f41a093633e4ac73cb0dcecce3e0-75e8929429bc8146916ae2cc2202fa3f-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5147228
access-control-allow-headers: x-newsapi-api-key
content-length: 39697
expires: Fri, 12 Feb 2021 09:29:47 GMT

GET
H2 200 source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 198ms
71ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Tue, 01 Sep 2020 04:31:33 GMT
server: AmazonS3
x-amz-request-id: 34B4778288C88CAA
etag: "899c8f78ce650d4009d42443897aa723"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=309273
accept-ranges: bytes
content-length: 16112
x-amz-id-2: 0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
expires: Fri, 18 Dec 2020 09:37:12 GMT

GET
H2 200 source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 217ms
90ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Tue, 22 Sep 2020 06:30:09 GMT
server: AmazonS3
x-amz-request-id: B9F079BFD69B8BC1
etag: "c85615b296302af51e683eecb5e371d4"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=413235
accept-ranges: bytes
content-length: 15948
x-amz-id-2: DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
expires: Sat, 19 Dec 2020 14:29:54 GMT

GET
H2 200 Dog_in_boot_1920x1080.jpg
origin.go.heraldsun.com.au/wp-content/uploads/2020/12/ 2 MB
2 MB 48ms
12ms Image
image/jpeg 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.heraldsun.com.au/wp-content/uploads/2020/12/Dog_in_boot_1920x1080.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d42605a78277db9f4d4b35ac625ec962a9698bd859d5341aa995ab195aa54d27

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
x-rq: ams8 109 28 443
last-modified: Mon, 14 Dec 2020 06:35:43 GMT
server: nginx
etag: "7dd2f9414560940d"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2525653
expires: Tue, 14 Dec 2021 06:39:37 GMT

GET
H2 200 rea-logo-v4.png
s1.rui.au.reastatic.net/rui-static/img/ 8 KB
9 KB 76ms
22ms Image
image/png 2600:9000:211a:8e00:1e:c291:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.rui.au.reastatic.net/rui-static/img/rea-logo-v4.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8e00:1e:c291:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 03:25:47 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
last-modified: Fri, 11 Aug 2017 05:25:43 GMT
server: AmazonS3
age: 2132213
etag: "7fb1763135890cdfa60dcb405cd51572"
x-cache: Hit from cloudfront
x-amz-version-id: itrxET0Vrz4We1UVf0nZMlYhOyBF2D8w
cache-control: max-age=20221025
x-amz-replication-status: COMPLETED
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-type: image/png
content-length: 8533
x-amz-cf-id: E8jSnqpKZqkwiueGKXGydSU7qpd3XLJ3fhNh0052J_f8kDOixmYKDg==

GET
H2 200 charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 12 KB
12 KB 221ms
130ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: EE3D21683166F96F
etag: "da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=470861
accept-ranges: bytes
content-length: 12440
x-amz-id-2: BGzA4H6MhiNFsVMRHnDid7w0RneCV9f+L69FdEMmbqtC5J6BXqShCVeo7uP6Jum7BVtWfb2VAeI=
expires: Sun, 20 Dec 2020 06:30:20 GMT

GET
H2 200 charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 240ms
149ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 03A09A05F9B00284
etag: "c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=198301
accept-ranges: bytes
content-length: 11472
x-amz-id-2: 7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
expires: Thu, 17 Dec 2020 02:47:40 GMT

GET
H2 200 title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 540 B
859 B 88ms
87ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Wed, 16 Sep 2020 23:56:43 GMT
server: AmazonS3
x-amz-request-id: 4R7K4V2MCP8N6R9R
etag: "4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=183980
accept-ranges: bytes
content-length: 540
x-amz-id-2: yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
expires: Wed, 16 Dec 2020 22:48:59 GMT

GET
H/1.1 200
OK games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 4 KB
5 KB 1317ms
317ms Image
image/svg+xml 52.95.134.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.70 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 19:42:41 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: 2A3646F5864B216B
ETag: "2fa79b1c302fa407df95b287a47e01bc"
Content-Type: image/svg+xml
x-amz-version-id: mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges: bytes
Content-Length: 4533
x-amz-id-2: QS62B4oNoOuTNXIe57LahNPWpaYSB0vYPTgnk8pFXMvV8cr0vTiT8DVfDTgJDre02w22PKpRESI=

GET
H/1.1 200
OK sudoku.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 5 KB
5 KB 1338ms
325ms Image
image/svg+xml 52.95.134.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/sudoku.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.70 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: ef5fa8602198232e4f3704cf1dc886cb295af0f9906b0c9d63777b5f49852b84

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 19:42:41 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: 6DC3408F033CC817
ETag: "f980b48900de5e5e318ca4e3530b2d75"
Content-Type: image/svg+xml
x-amz-version-id: EnoeaZvtrAcNuP4vk_X8AB6oSBROL97r
Accept-Ranges: bytes
Content-Length: 5207
x-amz-id-2: GJZIARZi4tEPOsvmiwO0eRfoiBOPZsI1kZJnA2A4KpYq6xCxjY0cCEkaCSBIiL7S5BEU5HN4mMg=

GET
H/1.1 200
OK NCHRS_thumb.jpg
s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/ 23 KB
23 KB 1332ms
326ms Image
image/jpeg 52.95.128.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/NCHRS_thumb.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.128.187 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 83a75162271c69203616574e9f7849e91eff4e86e449bfe02f63c0b696c84f9d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 19:42:41 GMT
Last-Modified: Mon, 14 Dec 2020 16:34:43 GMT
Server: AmazonS3
x-amz-request-id: 4F1513F51B11C23B
ETag: "94817899205f13dfd42cb0d8ac1ff61a"
x-amz-version-id: xt9d_zXi6LtzsH7v7hh_Uq09WiC84KXx
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 23228
x-amz-id-2: 7pe9T4z/gAp2hKIiMm8N7cbVyku2DYRko/4GHOuHxU606EK/ZDKnZGpFrDPOSSYckcmALyocU4s=
x-amz-meta-s3b-last-modified: 20201214T162131Z

GET
H2 200 heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
3 KB 105ms
102ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2891
x-rq: ewr4 116 149 3106
last-modified: Fri, 04 Dec 2020 16:00:47 GMT
server: nginx
etag: W/"5fca5d2f-1e5e"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=2004153
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 07 Jan 2021 00:25:12 GMT

GET
H2 200 js-critical-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 258ms
256ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

58216d07697cb268f0b30bd5963a1515dd4ee3b5b185151bdb99d041f0fa73fc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2444
x-rq: ewr4 113 21 3101
last-modified: Wed, 02 Dec 2020 23:12:02 GMT
server: nginx
etag: W/"5fc81f42-173a"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 14 Dec 2020 19:42:40 GMT

GET
H2 200 charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
11 KB 162ms
161ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 4N2W2Y6HDY8Z3Q2W
etag: "29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=592820
accept-ranges: bytes
content-length: 11372
x-amz-id-2: Z1HhaEEhR+4SW45rFV+SZJ/QiklrgDUhrbvWmFxzzpa1Kifm2MvbbI9Ateo09sYRHNLYlfgsmGM=
expires: Mon, 21 Dec 2020 16:22:59 GMT

GET
H2 200 title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 535 B
855 B 69ms
66ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Thu, 17 Sep 2020 00:28:25 GMT
server: AmazonS3
x-amz-request-id: BX6X5G9GEK1G9M4M
etag: "b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=157205
accept-ranges: bytes
content-length: 535
x-amz-id-2: DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
expires: Wed, 16 Dec 2020 15:22:44 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 3 KB
2 KB 176ms
61ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding: gzip
etag: "1a868d280f9424f5d82876d6cf0c46b9"
age: 160
x-cache: HIT, HIT
content-length: 1123
x-amz-id-2: N7yWKBmoAO62xj5Jk4J8zAgVgReWlcT/gqq80/qj1psg+zSnkkGIJ/rCneqI1ybcpGBAb3XlqH8=
x-served-by: cache-lax10637-LGB, cache-ams21044-AMS
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1607974959.406066,VS0,VE1
date: Mon, 14 Dec 2020 19:42:39 GMT
vary: Accept-Encoding,,
x-amz-request-id: 4503864EE7C2CBBE
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20201214-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 450 KB
104 KB 63ms
62ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 3d46904b944d38dac0fe78cc6c3aad567ac826a9079ce9522147ef1c7feb158b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2sVTA33cfaRgn0Prw5U.XCwVzohq6ybg
content-encoding: br
etag: "10bdb5807bdff4c42c4587c2d03bb5d3"
age: 641
x-cache: HIT
content-length: 106007
x-amz-id-2: x8k2ExEm+o+UHHEF+GPDAQi/40zHAmlGGzgfgTi/d47MN97Ep1RCLH7D2je9GKzD9J2q8D28bx8=
x-served-by: cache-hhn4077-HHN
last-modified: Mon, 14 Dec 2020 11:30:09 GMT
server: AmazonS3-br
x-timer: S1607974959.280192,VS0,VE0
date: Mon, 14 Dec 2020 19:42:39 GMT
vary: Accept-Encoding
x-amz-request-id: 6AC41CDCEEC3B1D3
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 4701

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 194ms
70ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 19:42:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 15 Dec 2020 19:42:39 GMT

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 248 KB
78 KB 478ms
477ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "f1b190419095215938ba092e3e98262e:1606882430.472598"
vary: User-Agent, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1332
date: Mon, 14 Dec 2020 19:42:39 GMT
is-https: true
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 14 Dec 2020 20:04:51 GMT

GET
H2 200 js-metro-desktop-lazy.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 45 KB
14 KB 179ms
179ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

93b175796385750b38fd82e8e644a731aa51296a1a405fae8a12907be3e9eb39

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 14195
x-rq: ewr4 113 181 3106
last-modified: Mon, 23 Nov 2020 02:17:39 GMT
server: nginx
etag: W/"5fbb1bc3-b347"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=60
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 14 Dec 2020 19:43:39 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
13 KB 45ms
45ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:39 GMT
content-encoding: gzip
last-modified: Thu, 20 Dec 2018 17:45:13 GMT
server: NetDNA-cache/2.2
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 json Show response
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 3 KB
2 KB 516ms
421ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=20%3A42%3A39.469&lti=deflated&data=%7B%22id%22%3A875%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1607946794309%2C%22vi%22%3A1607974959442%2C%22cv%22%3A%2220201214-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9619%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1513.5%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 59975bdd0f321322b71c53f037abce397beb110e9e8937e25d40cc14d8d6c7a9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 380
date: Mon, 14 Dec 2020 19:42:39 GMT
content-encoding: gzip
server: nginx
x-timer: S1607974960.596288,VS0,VE380
x-served-by: cache-fra19127-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 111 KB
31 KB 37ms
37ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding: gzip
etag: "b7fcedf037c57085d364b689ca46f32e"
age: 9910969
x-cache: HIT, HIT, HIT
content-length: 30954
x-amz-id-2: TG49UWLSXX/7JOu+pu/KWBF6lPU+j/sA4SNskqAGNRvS7P8ejY6LRwed0jVXlMerBXwRC25qwP8=
x-served-by: cache-lax8636-LAX, cache-lax10642-LGB, cache-ams21044-AMS
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1607974960.520542,VS0,VE1
date: Mon, 14 Dec 2020 19:42:39 GMT
vary: Accept-Encoding,,,
x-amz-request-id: 9758181B46377FE5
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 2, 1, 1

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1607974959492&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=ht...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607974959492&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=h...

0
528 B

59ms
57ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607974959492&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:39 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607974959492&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:39 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET

/
heraldsun.digitaleditions.com.au/
Redirect Chain

https://www.heraldsun.com.au/digitalprinteditions
https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F
http://heraldsun.digitaleditions.com.au/

0
0

GET
H2 200 /
www.heraldsun.com.au/tributes/ 0
31 KB 2278ms
2270ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/tributes/

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx/1.12.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
etag: "472cc64eef61923e65f12d37b5843314"
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-subscribed: False
is-https: true
x-forwarded-proto: https
x-device: desktop
x-ua-compatible: IE=edge,chrome=1
x-arrrg5: BlaizeHappened
server: nginx/1.12.1
date: Mon, 14 Dec 2020 19:42:41 GMT
vary: User-Agent, Accept-Encoding
x-varnish: 27919296
access-control-allow-origin: http://heraldsun.finda.production.apnarm.net.au
cache-control: max-age=281
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2ftributes%2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=2e8d3f1980b8629f51f65ae881da0b29
content-length: 30309
content-type: text/html; charset=utf-8
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 14 Dec 2020 19:47:22 GMT

GET
H2 200 /
www.heraldsun.com.au/subscribe/news/1/ 0
1 KB 316ms
308ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?int_medium=display&int_source=site-link&int_campaign=acq_onsite_login&int_content=link&sourceCode=HSWEB_ONS538

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Mon, 14 Dec 2020 19:42:39 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=35
is-https: true
ssl: yes
content-length: 912
expires: Mon, 14 Dec 2020 19:43:14 GMT

GET
H2 200 /
www.heraldsun.com.au/ 0
61 KB 2585ms
2578ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 119 89 3095
server: nginx
date: Mon, 14 Dec 2020 19:42:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:42 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 leader
www.heraldsun.com.au/ 0
63 KB 2609ms
2602ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/leader

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 120 3185
server: nginx
date: Mon, 14 Dec 2020 19:42:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:42 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=leader&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 victoria
www.heraldsun.com.au/news/ 0
48 KB 2580ms
2572ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/victoria

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 47932
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 153 3222
server: nginx
date: Mon, 14 Dec 2020 19:42:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:42 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=victoria&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 national
www.heraldsun.com.au/news/ 0
52 KB 1429ms
1421ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/national

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 119 100 3097
server: nginx
date: Mon, 14 Dec 2020 19:42:40 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:40 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=national&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 world
www.heraldsun.com.au/news/ 0
52 KB 2574ms
2567ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/world

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 119 85 3122
server: nginx
date: Mon, 14 Dec 2020 19:42:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:42 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=world&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 opinion
www.heraldsun.com.au/news/ 0
53 KB 1504ms
1497ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/opinion

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 119 85 3122
server: nginx
date: Mon, 14 Dec 2020 19:42:41 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:41 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=opinion&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 business
www.heraldsun.com.au/ 0
50 KB 3416ms
3410ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/business

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 113 245 3125
server: nginx
date: Mon, 14 Dec 2020 19:42:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:42 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fbusiness&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=business&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 entertainment
www.heraldsun.com.au/ 0
51 KB 2582ms
2575ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/entertainment

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 50557
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 153 3222
server: nginx
date: Mon, 14 Dec 2020 19:42:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:42 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=entertainment&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 lifestyle
www.heraldsun.com.au/ 0
48 KB 1469ms
1463ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/lifestyle

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 113 245 3125
server: nginx
date: Mon, 14 Dec 2020 19:42:41 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:41 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=lifestyle&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 sport
www.heraldsun.com.au/ 0
65 KB 1510ms
1504ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/sport

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 114 24 3104
server: nginx
date: Mon, 14 Dec 2020 19:42:41 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:41 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=sport&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/truecrimeaustralia/police-courts/victoria-police-join-hunt-for-rebels-bikie-boss-nick-martins-killer/news-story/9e7a1e2bacd894ad35c5d4c0cfdbba3b
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fvictoria-police-join-hunt-for-rebels-b...
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a_TCA_PC%26dest%3dhttps%253A%252F%252Fwww.heraldsu...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fvictoria-police-join-hunt-for-rebels-b...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a_TCA_PC%26dest%3dhttps%253A%252F%252Fwww.herald...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fvictoria-police-join-hunt-for-rebels-b...

0
1 KB

154ms
154ms

Other
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fvictoria-police-join-hunt-for-rebels-bikie-boss-nick-martins-killer%2Fnews-story%2F9e7a1e2bacd894ad35c5d4c0cfdbba3b&memtype=anonymous&mode=premium&nk=bf9900401f92a922f10c5ebf966f5371-1607974961

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Mon, 14 Dec 2020 19:42:41 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2042
is-https: true
ssl: yes
content-length: 912
expires: Mon, 14 Dec 2020 20:16:43 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fvictoria-police-join-hunt-for-rebels-bikie-boss-nick-martins-killer%2Fnews-story%2F9e7a1e2bacd894ad35c5d4c0cfdbba3b&memtype=anonymous&mode=premium&nk=bf9900401f92a922f10c5ebf966f5371-1607974961
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/news/victoria/swimmer-spots-great-white-shark-in-shallow-water-near-pier/news-story/009073eae17357b3e40c0a401eaf5352
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fswimmer-spots-great-white-shark-in-shallow-water-near-pier%2Fnew...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fswimmer-spots-great-white-shark-in-shallow-water-near-pier%2Fnew...

0
1 KB

1018ms
1017ms

Other
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fswimmer-spots-great-white-shark-in-shallow-water-near-pier%2Fnews-story%2F009073eae17357b3e40c0a401eaf5352&memtype=anonymous&mode=premium&nk=56232578424676792e2d98e7b426017a-1607974961

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Mon, 14 Dec 2020 19:42:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3600
is-https: true
ssl: yes
content-length: 912
expires: Mon, 14 Dec 2020 20:42:42 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fswimmer-spots-great-white-shark-in-shallow-water-near-pier%2Fnews-story%2F009073eae17357b3e40c0a401eaf5352&memtype=anonymous&mode=premium&nk=56232578424676792e2d98e7b426017a-1607974961
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2 404 a67ca6cc42a36b30efcfe7ea8ebc14d1
www.heraldsun.com.au/uncategorized/covid-vaccine-move-a-step-too-far/promo/ 0
0 1599ms
1594ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/uncategorized/covid-vaccine-move-a-step-too-far/promo/a67ca6cc42a36b30efcfe7ea8ebc14d1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options: nosniff
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 0
x-xss-protection: 1
x-rq: ewr4 115 229 3098
server: nginx
date: Mon, 14 Dec 2020 19:42:41 GMT
vary: User-Agent
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
cache-control: max-age=60
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2funcategorized%2fcovid-vaccine-move-a-step-too-far%2fpromo%2fa67ca6cc42a36b30efcfe7ea8ebc14d1&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=a67ca6cc42a36b30efcfe7ea8ebc14d1&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 14 Dec 2020 19:43:41 GMT

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/sport/afl/teams/collingwood/eddie-mcguire-to-stand-down-as-collingwood-president-at-end-of-2021-season/news-story/4b6daedd278c7905413a8f11f9c26cae
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-stand-down-as-collingwood-pre...
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.a...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-stand-down-as-collingwood-pre...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-stand-down-as-collingwood-pre...

0
1 KB

210ms
210ms

Other
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-stand-down-as-collingwood-president-at-end-of-2021-season%2Fnews-story%2F4b6daedd278c7905413a8f11f9c26cae&memtype=anonymous&mode=premium&nk=c48d23d26bf1ab481c0c560dd5a2a494-1607974961

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Mon, 14 Dec 2020 19:42:41 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3169
is-https: true
ssl: yes
content-length: 912
expires: Mon, 14 Dec 2020 20:35:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-stand-down-as-collingwood-president-at-end-of-2021-season%2Fnews-story%2F4b6daedd278c7905413a8f11f9c26cae&memtype=anonymous&mode=premium&nk=c48d23d26bf1ab481c0c560dd5a2a494-1607974961
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2 200 collingwood
www.heraldsun.com.au/sport/afl/teams/ 0
49 KB 2603ms
2599ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/sport/afl/teams/collingwood

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 115 246 3103
server: nginx
date: Mon, 14 Dec 2020 19:42:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:42 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fteams%2fcollingwood&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=collingwood&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/sport/afl/teams/collingwood/collingwood-says-afl-trade-radio-added-to-hysteria-about-adam-treloars-trade/news-story/79691134198780fc4d2d3be4112fc0a9
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Fcollingwood-says-afl-trade-radio-added-to-hyst...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Fcollingwood-says-afl-trade-radio-added-to-hyst...

0
1 KB

230ms
229ms

Other
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Fcollingwood-says-afl-trade-radio-added-to-hysteria-about-adam-treloars-trade%2Fnews-story%2F79691134198780fc4d2d3be4112fc0a9&memtype=anonymous&mode=premium&nk=738700f69b4387d67f1c419a8da986bc-1607974961

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Mon, 14 Dec 2020 19:42:41 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3016
is-https: true
ssl: yes
content-length: 912
expires: Mon, 14 Dec 2020 20:32:57 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Fcollingwood-says-afl-trade-radio-added-to-hysteria-about-adam-treloars-trade%2Fnews-story%2F79691134198780fc4d2d3be4112fc0a9&memtype=anonymous&mode=premium&nk=738700f69b4387d67f1c419a8da986bc-1607974961
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2 200 coronavirus
www.heraldsun.com.au/ 0
47 KB 2573ms
2569ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/coronavirus

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 47021
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 115 233 3111
server: nginx
date: Mon, 14 Dec 2020 19:42:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Mon, 14 Dec 2020 19:42:42 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=coronavirus&session=2e8d3f1980b8629f51f65ae881da0b29
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/coronavirus/victorian-governments-missed-opportunities-contributed-to-deadly-second-wave/news-story/052eab6d442768db31cd1cb1ba70fb8e
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fvictorian-governments-missed-opportunities-contributed-to-deadly-sec...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fvictorian-governments-missed-opportunities-contributed-to-deadly-sec...

0
1 KB

984ms
983ms

Other
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fvictorian-governments-missed-opportunities-contributed-to-deadly-second-wave%2Fnews-story%2F052eab6d442768db31cd1cb1ba70fb8e&memtype=anonymous&mode=premium&nk=c0667568cffaa12e76fc45450685daa8-1607974961

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Mon, 14 Dec 2020 19:42:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3547
is-https: true
ssl: yes
content-length: 912
expires: Mon, 14 Dec 2020 20:41:49 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fvictorian-governments-missed-opportunities-contributed-to-deadly-second-wave%2Fnews-story%2F052eab6d442768db31cd1cb1ba70fb8e&memtype=anonymous&mode=premium&nk=c0667568cffaa12e76fc45450685daa8-1607974961
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/news/victoria/victorias-public-servants-told-to-avoid-saying-wife-husband-in-lgbtiq-inclusive-language-guide/news-story/86db0d7d9a4f1b37836c75a3e13b7c2a
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fvictorias-public-servants-told-to-avoid-saying-wife-husband-in-l...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fvictorias-public-servants-told-to-avoid-saying-wife-husband-in-l...

0
1 KB

162ms
161ms

Other
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fvictorias-public-servants-told-to-avoid-saying-wife-husband-in-lgbtiq-inclusive-language-guide%2Fnews-story%2F86db0d7d9a4f1b37836c75a3e13b7c2a&memtype=anonymous&mode=premium&nk=3df598c181bbe27735e38076739fa3af-1607974961

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Mon, 14 Dec 2020 19:42:41 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1192
is-https: true
ssl: yes
content-length: 912
expires: Mon, 14 Dec 2020 20:02:33 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fvictorias-public-servants-told-to-avoid-saying-wife-husband-in-lgbtiq-inclusive-language-guide%2Fnews-story%2F86db0d7d9a4f1b37836c75a3e13b7c2a&memtype=anonymous&mode=premium&nk=3df598c181bbe27735e38076739fa3af-1607974961
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/business/aspiring-firsthome-buyers-urged-to-act-soon-before-price-rise/news-story/11781d3c6b4da2e06dc3b8091113b13b
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fbusiness%2Faspiring-firsthome-buyers-urged-to-act-soon-before-price-rise%2Fnews-st...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fbusiness%2Faspiring-firsthome-buyers-urged-to-act-soon-before-price-rise%2Fnews-st...

0
1 KB

1014ms
1013ms

Other
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fbusiness%2Faspiring-firsthome-buyers-urged-to-act-soon-before-price-rise%2Fnews-story%2F11781d3c6b4da2e06dc3b8091113b13b&memtype=anonymous&mode=premium&nk=2096c68f000ab8a627e184b8c8f45101-1607974961

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Mon, 14 Dec 2020 19:42:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3530
is-https: true
ssl: yes
content-length: 912
expires: Mon, 14 Dec 2020 20:41:32 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fbusiness%2Faspiring-firsthome-buyers-urged-to-act-soon-before-price-rise%2Fnews-story%2F11781d3c6b4da2e06dc3b8091113b13b&memtype=anonymous&mode=premium&nk=2096c68f000ab8a627e184b8c8f45101-1607974961
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2 200 comments-count Show response
mhr.talk.news.com.au/api/v1/ 1 KB
1005 B 1321ms
1223ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mhr.talk.news.com.au/api/v1/comments-count?ids=4b6daedd278c7905413a8f11f9c26cae,79691134198780fc4d2d3be4112fc0a9,052eab6d442768db31cd1cb1ba70fb8e,22280374d5ae0defe23fcd9ed83f0731,86db0d7d9a4f1b37836c75a3e13b7c2a,0b928e90d139e0a5f85c729769bdeb24,84c55e2ae5a92c7445b16d87ac72c78a,a6b16ab4804930c517850354d810e233,ad137d5b8578da019c0bcd33d6d70060,107b3450271081b9d3f3ce206a0fc17d,b49403aba806c948a70af240744c9caa,bfd903d7620a0cd6213bb8e385a353d5,6e8d365785666fe85cd65c9fb9cf0e56,9e0232abe719d65efe699737bddeb884,72631084ec2f487077ed0268596deb06,23a1d9cbd99f4c0ed1fceac7510703f1,f2b4093c7bafdcde3912e454442a1edd,52d800ca7f01c83ae79bbc6cc2e14d16,06a0363a73c97259892f814cda91770d,4b5c33acc864962ffc6284fc0e897d6c,de70f5397d626056929ecb5f9060cf19,474b60170b6a3ab6385ce65acab14408,67ed2cc4bedbaaab86d77ea7c383ec4b,22d48f7046fb62cf50bde889c6dd1ab9,b26d7b0cf1b72a490f5e770588681a59,b55a5479218890624c21285bdc5f0f1b,e34c226ceb2e418cf0d63557679e6066,73aad9593a380c1cfb3510c9e90073df,03cdad7ea3c5805974481cf40fd8775d,d572d368f032587e67527df8f8ffd167,a5f74caff404ad0a5269ca6884695fe0,f716db4b1b77ae62dcb626383d927126

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx/1.16.1 /

Resource Hash

d875219a011d6d5636fa9b38227f771f57a4ee69ba6617406ed8c15573ed704d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.16.1
etag: W/"4b2-HefPclLCYzFOAIpa50MkeNOBrss"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
access-control-allow-origin: *
date: Mon, 14 Dec 2020 19:42:40 GMT
x-talk-trace-id: 86f1bda0-3e44-11eb-87e8-cb4e44a088b1
vary: Accept-Encoding
content-length: 690
x-xss-protection: 1; mode=block

GET
H2 200 3000 Show response
www.heraldsun.com.au/wp-json/api/weather/ 2 KB
2 KB 385ms
385ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-json/api/weather/3000

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

16f44dcf26fe1b334e245dfa367de811f99b4018eff8b9b6e03faadc45f6a0ce

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options: nosniff
is-https: true
content-length: 1623
x-rq: ewr4 116 215 3094
allow: GET
expires: Mon, 14 Dec 2020 19:43:14 GMT
server: nginx
date: Mon, 14 Dec 2020 19:42:39 GMT
vary: User-Agent
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=35
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 e3ff166f31301bfac4bf59db14f4791d
content.api.news/v3/images/bin/ 4 KB
5 KB 307ms
306ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/e3ff166f31301bfac4bf59db14f4791d?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 43fc6a366e88947335c17d8a4c2e8597d6ec23a4bd471d9ed93c6ca8b34bd970

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: e3ff166f31301bfac4bf59db14f4791d
date: Mon, 14 Dec 2020 19:42:39 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 2972411b4e165980a0ee95b8c659e001-e3ff166f31301bfac4bf59db14f4791d-150
x-serial: 682
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5154842
last-modified: Mon, 14 Dec 2020 11:37:53 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 4464
expires: Fri, 12 Feb 2021 11:36:41 GMT

GET
H2 200 b9e920ab4df2ff120ec416c231607883
content.api.news/v3/images/bin/ 7 KB
7 KB 301ms
300ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/b9e920ab4df2ff120ec416c231607883?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3c72f04928c99f038b7f23fc7a76db519d918f59a3f921acbc3dd052fe28a57f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: b9e920ab4df2ff120ec416c231607883
date: Mon, 14 Dec 2020 19:42:39 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: f0f53999ec90829b375f8bf721190ed5-b9e920ab4df2ff120ec416c231607883-150
x-serial: 387
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5153360
last-modified: Mon, 14 Dec 2020 11:13:31 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 6905
expires: Fri, 12 Feb 2021 11:11:59 GMT

GET
H2 200 862b9767823b592cf0012bb9e010e185
content.api.news/v3/images/bin/ 4 KB
5 KB 306ms
305ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/862b9767823b592cf0012bb9e010e185?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 98f8a2c98ac83d43fdbc6aae7d89cede6d06fec4e812743a26c8ba4d5517f9a7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 862b9767823b592cf0012bb9e010e185
date: Mon, 14 Dec 2020 19:42:39 GMT
last-modified: Mon, 14 Dec 2020 06:54:12 GMT
server: Akamai Image Manager
etag: e6d3d52dfeec7a264b295166111a087c-862b9767823b592cf0012bb9e010e185-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5137935
access-control-allow-headers: x-newsapi-api-key
content-length: 4473
expires: Fri, 12 Feb 2021 06:54:54 GMT

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame F8BF 0
0 473ms
368ms Document
text/html 184.30.216.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=mIm8w6yOfv3pBg7MKdBPTgjcS6iUdaZO&nonce=eHYRqoIusaqFg4D5fghM4CePAwf8XGTm&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.216.184 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-216-184.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=mIm8w6yOfv3pBg7MKdBPTgjcS6iUdaZO&nonce=eHYRqoIusaqFg4D5fghM4CePAwf8XGTm&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 4a6fb0352a9293ed
ot-tracer-traceid: 6671e6b2714d91d0
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 12403-1607974960.193-2.16.110.188-1455-564893743-14-0.000
x-auth0-requestid: aca7e41229109fbd79ed
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1607974961
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 534 0 pmb=mTOE,3
expires: Mon, 14 Dec 2020 19:42:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
content-length: 841
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A869c98c0-3e44-11eb-9f81-eb8e108e8b2e.A92h34e%2B6jmapdo1NT3GBysA4MuohH%2BdCmVhxYP%2Fxrw; Max-Age=31557600; Path=/; Expires=Wed, 15 Dec 2021 01:42:40 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A869c98c0-3e44-11eb-9f81-eb8e108e8b2e.A92h34e%2B6jmapdo1NT3GBysA4MuohH%2BdCmVhxYP%2Fxrw; Max-Age=31557600; Path=/; Expires=Wed, 15 Dec 2021 01:42:40 GMT; HttpOnly; Secure ak_bmsc=E32B22E474D905767F0F07B82D8B9D1A02148423D721000030C0D75FCADDD541~plzf00v+RMRMDScwxjLd4F7boUcFE9hJ0Gl0k7FKDXA6ObVNF7pFnXJyO+TejFWYy9DCV+6JaX6u8I7G3XLzujWAW6/LmfK8yC8pBKwnOVUNVPCUY1hjkEcjuxsZFbMbcz37o6Je1seNi0wwvgBFa54Dwwvrr/1t9aAt1ZGAoyRMUmY5UWzUcVwy2iYlrnKbALu3N7geurB7Lwr1LtCPDpjVEKjh1v37GvkAHqaOtczjW6TRgMrtW36Cui+P8OxxmT; expires=Mon, 14 Dec 2020 21:42:40 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=907596A9F0A9B467960061FA20C88808~iS0ha09tOY3m8yvfOEl95QWL1IYg8qpZ6CJG/x+LAtYQ592uduPhK75MnUq6SzkwS+rnr9cJyt1FTwCqC0sdSHusjfL6NhAHzadb+3Kj39PCXIP+akvP8UP6RRTD7pKXbCSCzVqi5ONs/JCav8+jmsq5nuicBXxMIm4u9t4P6kWdtS/nSRHCecrNN2xzAe2L/1LmPo5h89PH+iK04qfvSl1aHruqHOpXhEgvTIjCxrrUvltu8SVXilmmdidBa2Op; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=06576550CDCC527DC43AC65D6E1DF3DF~YAAQI4QUAvEOyV12AQAA8LzGYgqfEn1nCMvEEYj/JfO56oBUfegXRXK6gYzBWqATUAR/ZniTAApgER710labAYzX5IDy2gdjZvLPnGq85Pbv6aazBN7RlHan6YpVoOBFI63rMOA4BEpLvL8msePM4MZUBOOmrhC9EWiyHRbcdF0X9sUJMenZsh1R+MJXGuz+HHMdlkS0ZFWzURU=; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 14 Dec 2020 23:42:40 GMT; Max-Age=14400; HttpOnly _abck=8C17D4CC44101A581DE41E22CDAD6EC2~-1~YAAQI4QUAvIOyV12AQAA8LzGYgVsdKjsbi1+B6p7BYNtUk1s6ue08EZ9mF0d0Kqk1slB1034BJuLgE4ZQwLS9tUx5s/4+yjTEL1qQnUJqAgCGNITjA8Qh2bGwrLQvklB47Afc7ypIYM25spIbG+Bw5lUEui+owdl/A4I5mykozOM+sc+YLoWfCdDmsfv5AZdkDN6WHv3Mn/e2U9Ln3tEyPvh1OL+oRtKmen6fePM/KdXNRfj/S+8XHibVYWIu3tmNLzwNDCWL51q3ysZjQJ7/B8p8nJmIgrWJitiUTVC6ZU7Js6Iw20z+CoHq7lGJpcm4v/gV2k=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 14 Dec 2021 19:42:40 GMT; Max-Age=31536000; Secure

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 198ms
84ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91d684c672c0a1dfd501546262b91d820d8c25bf5ff2968605c50123b5ebffe6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 00:03:34 GMT
server: AkamaiNetStorage
etag: "5f72e6468427e025c6b5dca9f8b47f95:1606176214.729874"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1234
expires: Mon, 14 Dec 2020 19:47:40 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 70 KB
19 KB 202ms
87ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6cdc46bd741ea434a62afefedad537b39f6ca9b52aea4f5828a2b2f27c419882

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 00:03:32 GMT
server: AkamaiNetStorage
etag: "2a1443c2f1e11b73ae7adcc42370eb38:1606176211.994101"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 18834
expires: Mon, 14 Dec 2020 19:47:40 GMT

GET
H2 200 indies-loader.js Show response
ts2020-indies-client.web.app/ 7 KB
3 KB 144ms
34ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ts2020-indies-client.web.app/indies-loader.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 17 Sep 2020 07:41:38 GMT
x-timer: S1607974960.044375,VS0,VE1
etag: "16a0649956d88d08059c392d3f4b3b1b1b6ee7a364d1e3444626bf6439417ed3-br"
x-served-by: cache-ams21060-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Mon, 14 Dec 2020 19:42:40 GMT
accept-ranges: bytes
content-length: 2338
x-cache-hits: 1

GET
H2 200 js-vidora-client.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 172ms
170ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2ba257240ffc08c6b68d4bca0a95796e0244b065df669aaa532f81064f4673b4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2885
x-rq: bom2 118 117 3092
last-modified: Sun, 22 Nov 2020 23:27:33 GMT
server: nginx
etag: W/"5fbaf3e5-19e5"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 8 KB
3 KB 43ms
42ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c56a21524db6a9ae3e1969698a146013f95b2fab9ac4ed167048d7e5d3c0830

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: zMWJo1PVj_h5BEu57MrR0ouiGawOeH2Y
content-encoding: gzip
etag: "2f4d244e58c3b6e32e449819d4fe0da1"
age: 6061
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2983
x-amz-id-2: xce8439fzVRa9kzFr33TDeKOh2SuchwhrXrbsVji/E62VCnGE/qqGcVC/69wrhdZCk3hurJtfNc=
x-served-by: cache-hhn4077-HHN
last-modified: Sun, 13 Dec 2020 10:01:26 GMT
server: AmazonS3
x-timer: S1607974960.027945,VS0,VE0
date: Mon, 14 Dec 2020 19:42:40 GMT
vary: Accept-Encoding
x-amz-request-id: DB81C66271EA3CFD
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 85
x-cache-hits: 60806

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 3 KB
1 KB 43ms
42ms Stylesheet
text/css 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 8494
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: F511ZOU+f6Q+sqbWMumRisyTrwRpkm3FWMsmLIsnKa/IwVxkrGRtPSPQIlc/TyTY8rykuA1eNio=
x-served-by: cache-hhn4077-HHN
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1607974960.027974,VS0,VE0
date: Mon, 14 Dec 2020 19:42:40 GMT
vary: Accept-Encoding
x-amz-request-id: 6H4P7X5VCY1X4JBG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 85
x-cache-hits: 81123

GET
H2 200 distance-from-article.20201214-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 52ms
43ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20201214-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8eecac242b66125024559089a5085b56b8e5bf78bc9bb664480a72077c8d8ba

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 3tn8icPi.c_xWsAY8qIZQm2GkBZbK3y5
content-encoding: gzip
etag: "8b7d19dc7c96ad1fb6b9b3dfd0147b4a"
age: 28762
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 964
x-amz-id-2: /KMG0dXzQSs/yGCMf94ZFbAQGyK/d56bKUBw7BzFN9uPN6EZMQ1K7zUqUrRL4GsKjxwloiYqN3k=
x-served-by: cache-hhn4077-HHN
last-modified: Mon, 14 Dec 2020 11:34:40 GMT
server: AmazonS3
x-timer: S1607974960.040557,VS0,VE0
date: Mon, 14 Dec 2020 19:42:40 GMT
vary: Accept-Encoding
x-amz-request-id: 9A953035A6285559
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 85
x-cache-hits: 21229

GET
H2 200 article-detection.20201214-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 52ms
43ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20201214-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 751d3c6aaa3629df3f420185c654ce47ee59ac60d27f8b318b4ad9cf4a088d0d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: crI2Bib5ToDWaH4CbRZgvhAuQZWiV8VW
content-encoding: gzip
etag: "3b933c1dc20d66fdb3d74c41fe42220a"
age: 28762
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 864
x-amz-id-2: v0RNhedwcVygXSt+wExGy3LkQEtHyZSfGOM8OWt9Bngt+ghmuwdCEsAvu1o0zebj8/rjhu37yz4=
x-served-by: cache-hhn4077-HHN
last-modified: Mon, 14 Dec 2020 11:34:47 GMT
server: AmazonS3
x-timer: S1607974960.040756,VS0,VE0
date: Mon, 14 Dec 2020 19:42:40 GMT
vary: Accept-Encoding
x-amz-request-id: C84F97CB0B7968E1
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 85
x-cache-hits: 21276

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 70D0
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=51f4630a-3e35-4ac5-8f5e-6ce7e14983aa
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=51f4630a-3e35-4ac5-8f5e-6ce7e14983aa&tbid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&query=taboola_hm%3D51f4630a-3e35-...

0
67 B

53ms
51ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=51f4630a-3e35-4ac5-8f5e-6ce7e14983aa&tbid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&query=taboola_hm%3D51f4630a-3e35-4ac5-8f5e-6ce7e14983aa&isDirect=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1607974960.383189,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4077-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=51f4630a-3e35-4ac5-8f5e-6ce7e14983aa&tbid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&query=taboola_hm%3D51f4630a-3e35-4ac5-8f5e-6ce7e14983aa&isDirect=0
tbl-x-upstream: 10.40.20.14:10213
date: Mon, 14 Dec 2020 19:42:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 1846

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 70D0 0
239 B 175ms
36ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 70D0
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=r0frXDnSGsFl&ev=1&orig=trc&pid=562107

0
216 B

31ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=r0frXDnSGsFl&ev=1&orig=trc&pid=562107
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.20.14:10213
date: Mon, 14 Dec 2020 19:42:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 1850

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=r0frXDnSGsFl&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-659d447f4f-wrmf8
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 70D0 43 B
693 B 154ms
57ms Image
image/gif 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:40 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.234:80
AN-X-Request-Uuid: 90aa070d-92a7-4e71-8e4a-4268505ababe
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 70D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEByadlISMaCr2oG_3ILF4UA&google_cver=1

0
55 B

56ms
56ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEByadlISMaCr2oG_3ILF4UA&google_cver=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 14 Dec 2020 19:42:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1607974960.200873,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19127-FRA

Redirect headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEByadlISMaCr2oG_3ILF4UA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 70D0 42 B
885 B 124ms
29ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af:$UID
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:40 GMT
X-lat: Pug22063:0:690
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 70D0
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af

170 B
201 B

15ms
15ms

Image
image/png

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af
tbl-x-upstream: 10.41.22.84:10213
date: Mon, 14 Dec 2020 19:42:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 1837

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 70D0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=697c6fe6-0a95-4b79-92bb-b27b1e481899

0
54 B

43ms
43ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=697c6fe6-0a95-4b79-92bb-b27b1e481899
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 14 Dec 2020 19:42:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1607974960.378928,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19127-FRA

Redirect headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=697c6fe6-0a95-4b79-92bb-b27b1e481899
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 70D0
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

33ms
33ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:40 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:40 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 70D0 49 B
406 B 215ms
154ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-tqshw
expires: -1

GET
H2

200

rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame 70D0
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
224 B

18ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.20.9:10213
date: Mon, 14 Dec 2020 19:42:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 1862

Redirect headers

Location: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 70D0 43 B
697 B 135ms
38ms Image
image/gif 185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:39 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 70D0 42 B
233 B 299ms
90ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:40 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 200 put
e1.emxdgt.com/ Frame 70D0 43 B
124 B 178ms
30ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 70D0
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=56e9377a-ea33-4e47-b620-a3ff7d7380dd

0
225 B

23ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=56e9377a-ea33-4e47-b620-a3ff7d7380dd
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.20.14:10213
date: Mon, 14 Dec 2020 19:42:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 1852

Redirect headers

pragma: no-cache
x-errorlevel: 0
date: Mon, 14 Dec 2020 19:42:40 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=56e9377a-ea33-4e47-b620-a3ff7d7380dd
cache-control: no-cache
server-processing-duration-in-ticks: 2178
content-type: text/html; charset=utf-8
content-length: 222
expires: Mon, 14 Dec 2020 00:00:00 GMT

GET
H/1.1

200

2.gif
id5-sync.com/cq/464/124/6/ Frame 70D0
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOPGg10Ayph2hSMGefomFb1fQ3Wiq1yxf29j8Nhg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOPGg10Ayph2hSMGefomFb1fQ3Wiq1yxf29j8Nhg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=83364d96-886e-4ee2-b6a0-58813fb1c22a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

43 B
1 KB

26ms
25ms

Image
image/gif

54.36.109.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/464/124/6/2.gif?puid=83364d96-886e-4ee2-b6a0-58813fb1c22a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.183 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p08.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 19:42:39 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/cq/464/124/6/2.gif?puid=83364d96-886e-4ee2-b6a0-58813fb1c22a&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
date: Mon, 14 Dec 2020 19:42:40 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 70D0
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Sc7ntTfuDOaixkzMMcDXXw

0
216 B

20ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Sc7ntTfuDOaixkzMMcDXXw
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.24.10:10213
date: Mon, 14 Dec 2020 19:42:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 7236

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Sc7ntTfuDOaixkzMMcDXXw
date: Mon, 14 Dec 2020 19:42:41 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 70D0 35 B
380 B 404ms
97ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Mon, 14 Dec 2020 19:41:48 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 70D0 0
155 B 285ms
92ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&_r=9861728
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 14 Dec 2020 19:42:40 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 70D0
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=4b6385b0-91ba-4540-bd23-43b0248762a5
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=4b6385b0-91ba-4540-bd23-43b0248762a5
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a3608f9d-6b27-4b96-9f29-cc384b88c323&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4b6385b0-91ba-4540-bd23-43b0248762a5

0
225 B

21ms
21ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4b6385b0-91ba-4540-bd23-43b0248762a5
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.30.18:10213
date: Mon, 14 Dec 2020 19:42:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 1862

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4b6385b0-91ba-4540-bd23-43b0248762a5
date: Mon, 14 Dec 2020 19:42:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 0
275 B 20ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=20%3A42%3A40.001&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-midrail-native&id=2168&cv=20201214-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 1855
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.20.14:10213

GET
H2 204 social
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
406 B 25ms
24ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=dd4b0781b4ebb074179105210e5e2a2a&sd=v2_055c801829b523f2ea1790895fe4bf2c_3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af_1607974959_1607974959_CIi3jgYQgPNHGNLympbmLiABKAEwoQE4l-oLQJWXEEj-0toDUP___________wFYAGAAaOKmqpGyrZficA&ui=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&pi=/&wi=873729681997272865&pt=home&vi=1607974959442&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=20%3A42%3A40.011&id=8673&llvl=1&cv=20201214-6-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 1857
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.111:10213

GET
H2 204 supply-feature
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
235 B 53ms
53ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=dd4b0781b4ebb074179105210e5e2a2a&sd=v2_055c801829b523f2ea1790895fe4bf2c_3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af_1607974959_1607974959_CIi3jgYQgPNHGNLympbmLiABKAEwoQE4l-oLQJWXEEj-0toDUP___________wFYAGAAaOKmqpGyrZficA&ui=3fa125f4-b131-4830-a6ad-ef9b34cc51aa-tuct6d145af&pi=/&wi=873729681997272865&pt=home&vi=1607974959442&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A1088.5%2C%5C%22articleClasses%5C%22%3A%5C%22site-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22SECTION%5C%22%2C%5C%22threshold%5C%22%3A%5C%22261%5C%22%7D%22%7D&tim=20%3A42%3A40.064&id=9067&llvl=1&cv=20201214-6-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1607974960.098646,VS0,VE9
x-served-by: cache-fra19127-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame E096 0
0 396ms
396ms Document
text/html 184.30.216.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=bIttOPlaXYTgBRkpxaGTGcm4Z4feiBHf&nonce=44zcoedCwhDI7EEwEnV39_xl-oJPvS8M&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.216.184 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-216-184.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=bIttOPlaXYTgBRkpxaGTGcm4Z4feiBHf&nonce=44zcoedCwhDI7EEwEnV39_xl-oJPvS8M&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 4130ab0b29dae150
ot-tracer-traceid: 32d0ce51732a36ed
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 14079-1607974960.275-2.16.110.188-1455-565030427-2-0.000
x-auth0-requestid: 12b631ea4a5d4b6de841
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1607974961
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 531 0 pmb=mTOE,3
expires: Mon, 14 Dec 2020 19:42:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
content-length: 837
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A86a85890-3e44-11eb-8461-17bdaa653056.yQC6qcx1U6a207uZ24SScy9zoJEuowp9Tw7I%2B6zfot8; Max-Age=31557600; Path=/; Expires=Wed, 15 Dec 2021 01:42:40 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A86a85890-3e44-11eb-8461-17bdaa653056.yQC6qcx1U6a207uZ24SScy9zoJEuowp9Tw7I%2B6zfot8; Max-Age=31557600; Path=/; Expires=Wed, 15 Dec 2021 01:42:40 GMT; HttpOnly; Secure ak_bmsc=1324F36428AE890D81E42DAD45580CC702148423D721000030C0D75F36B84D36~plW7cbJKBVPyrZn155/lajlpDPqrXx/lvJwIXc9SfiJn6hPk+gj51JV5Pw3OlVaySxoDZQHKK5bouRuuCF83XP83gERSW+uoy6HlzmaNJXiDLsF8uV3bw6aFWeDuJ7HtqJrNHd6aHNa3146ggQBoipOCq3RSNb142b5hiEjBMZ0GcSD5n/Zd7pVVxWwJ3N+Sjq/yHDAI5+1HyOFOveZCrlILgUYFSXctwkHYm1S1lRsd+7Ej2NFv3X/sEXCuwfh8mG; expires=Mon, 14 Dec 2020 21:42:40 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=9D7B288ACF7E4995C7F7D5B1ADF1BB2B~iS0ha09tOY3m8yvfOEl95e3iX6Bu1LKGN8ZF9aZlQpPjcUBT27wh71MlJK2K4WuKrvKLGAE066vltfWq/ucNrfptxBlHbeOOB/qZB/kS2mHxjgZg8OOAz45ZzCTFxZNPDeJ1y15VD+4plDfC1375pl22/rBxdQnBwr+fmvzw8VoKHVjV1HshBnrLpGfJPyQLQRCgMFYkdH9NJjOoVOjB3jUPrRd6ZLyRxnYGJG10a5xvlSNeuBXUTAUUjnOUWhA3; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=412AFFA957C9250D5C3FD5EE7E2C5D1C~YAAQI4QUAvUOyV12AQAAPr3GYgoX3I5fMi0iRi0Io5ulOUZJixH03hoKPnfJ/lTut7dh9BJI3CQak3NyBuM62Ici4ZOAcRET2aTCQzVuE8ck/2LR0lQna/UH8grN4ABp/jVe62uId6O4CBU4qK91G4sJOP38/zsQql2Tf4Fg03/O7fMO+xxK7gC8iBsmho9lZTLI7LGBIg3bEf4=; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 14 Dec 2020 23:42:40 GMT; Max-Age=14400; HttpOnly _abck=AE0EAF2E6E7C2520A704976FC6C4DA83~-1~YAAQI4QUAvYOyV12AQAAPr3GYgW/R2THwsqL4GfO7L5tBB32zC9L8IVMxVLD+2UPNpBSdQCLxeeHp55dc9V0nD2xFWIpZ9Ir5hU7NyJW36BgiFbQIrHXl1A3mGz4m1Zas1uQ8kcPCgCq+weLPpCCU13uC4p8Qtw9ELYOfahtEK2U5deFDpXx+fGByuo1U+v69UtZJ4oukUTHUCmRY7lZKvqCUimCBnH1oNqaNd8j+pck/jOUJHqFbNrbTYaFH+7xeGUyymAbHo4CzgkH3rO8ZQrm88K7T8dpIOIkv/t6/2edjZPSVXFs4yMKW3mwl76d4+tmSpo=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 14 Dec 2021 19:42:40 GMT; Max-Age=31536000; Secure

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 8 KB
4 KB 63ms
15ms Script
application/javascript 2600:9000:2104:3000:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:3000:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 15:14:56 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 14:24:21 GMT
server: AmazonS3
age: 16065
etag: "09285b59e7b4661ace266ee756c7b3f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: VZpCM03dqG3AXVA_vkg1W6-5YGNq9ELKR8pmGfFisnaRJ4klOKfprw==

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame 6BC5 0
0 381ms
380ms Document
text/html 184.30.216.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=_fR~hUFnwVav--T8pG7G.KtmfquIHwtr&nonce=FIt_mN6qwTQ8aF03a~Ta2-FsHk9m6NIU&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.216.184 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-216-184.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=_fR~hUFnwVav--T8pG7G.KtmfquIHwtr&nonce=FIt_mN6qwTQ8aF03a~Ta2-FsHk9m6NIU&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 5a0a4ef61c8b35f9
ot-tracer-traceid: 71a2ebac42ba3805
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 12203-1607974960.300-2.16.110.188-1455-564877127-2-0.000
x-auth0-requestid: 441d37beaa9b18d2ee26
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1607974961
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 532 0 pmb=mTOE,3
expires: Mon, 14 Dec 2020 19:42:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
content-length: 842
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A86ac9e50-3e44-11eb-9f12-51b56347fbcd.K3WYAPHnhGIzlZ5NNAH%2FqLfkyRW3BWchTEcJzAjYc1A; Max-Age=31557600; Path=/; Expires=Wed, 15 Dec 2021 01:42:40 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A86ac9e50-3e44-11eb-9f12-51b56347fbcd.K3WYAPHnhGIzlZ5NNAH%2FqLfkyRW3BWchTEcJzAjYc1A; Max-Age=31557600; Path=/; Expires=Wed, 15 Dec 2021 01:42:40 GMT; HttpOnly; Secure ak_bmsc=7EBCFAE019DE5AA9A53E130434B89CCD02148423D721000030C0D75F00569A16~plPtNmX1iqNKS5M4OSvwKTrSIvkW55hPGsTozIJ8Rz/a12IKSYCUWFUCICIll7rmniJIqxYpy42azf5Dube0set6e83FSdkmAmTeoh605U+q2OPM55DCjSzDB1JTLfnxtsko53p2gzBzT0Y1G5wWiatUelaC6CMNS0rSsDcj+3qs+r+ADWfZFV9doRtQ44d6qJxJDWzrJIUeTRteYLV7MUYmAtEUzfvtq+UzDGzVHC6AlJd5y46Mf0DAFmCpR6z/9J; expires=Mon, 14 Dec 2020 21:42:40 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=4DC313A7FBFE1C85C2BCA5152E5406C8~iS0ha09tOY3m8yvfOEl95cz1kybAZ66ocFtfn9hY0eYhTp8wegKamF8NeqYUNNjOd9sPlMvmjlhMF3CJNCxzhMimvQnlKTORPicb8zrvfOaqKZEk21S8DFDmBWRFtl9oO3TUAJdmJkV9DT0Ud0JXgwFuxV+AbTCpnC/Mv1uOpzLhJEvhtnsWdXPa4OtN4Ja25m2xlkVZuc+WutdG7iOGTnaYm4wax6La4IkYwI95XEFN7vQacJbwedAFlgpxCYO3; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=505E936490B583E59F9D04404DB6FC3D~YAAQI4QUAvcOyV12AQAAXb3GYgqJ/xvB5Os7OjYK3UlHLnQ5xaURyYV7KC8gIJqN8lBOYtnJa39i5Hyvhc4k1b/sRyLwQaFlyj9xyq+aM1qAbSC4wdJgXr8LJous4NMIkgHSzFadgTo2gPHdxbD6X2rNJkMGvPv41W1/kEK1n2XWPlqw+2ZKwT//e2OAjSd8xQp4lmZxpAHxOyE=; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 14 Dec 2020 23:42:40 GMT; Max-Age=14400; HttpOnly _abck=AE71D5BDEF490481F77617E6E55E932B~-1~YAAQI4QUAvgOyV12AQAAXb3GYgXTzCDJwXhbetpvZbVxUqm9KFQn1Z0UM6aSyUbts66+Gjl/hqRmNOh7pwRUTmB+O+NZwIPoYCUHmwWZxVtuZuAnAiXctjgA5mb43k814y69TdnlFC+s2ywAjXfPmaWP8U2cWMsf1J2XtxtISMa8Fp6JTctT25wdNeihM/mcnl9zhaxCXnPE0EwNHVYJclIMVj2InUJd6R+4wk6mbXHoYiCgtXNopLc9aVVE6M0ASGDJsy5urO6YW7E4K021n0IQsL9yBBtzDUVWJ6U3TozxIvUqoDFGpRl0L0pjVWj+gq6jJl0=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 14 Dec 2021 19:42:40 GMT; Max-Age=31536000; Secure

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 37ms
37ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16079749601420.2298858504514929
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7eab82ead1480897c3dedd5c6b4ef4ec553efacdca1ce23c3acd6bd8e9621046

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 832
expires: Mon, 14 Dec 2020 19:42:40 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 35ms
35ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
cache-control: max-age=41880
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 B7670439;dcadv=4149947;sz=1x2;ord=777534970119.7682 Show response
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 16 KB
6 KB 58ms
57ms Script
text/javascript 172.217.16.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=777534970119.7682?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f166.1e100.net

Software

cafe /

Resource Hash

66694965aa13afd3d779657cf79e28f57663fc48bd2392c8eb5eaf6c7b8070a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5801
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
24 KB 80ms
22ms Script
application/x-javascript 2600:9000:206e:1000:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:1000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:19:41 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 02:31:43 GMT
server: nginx
age: 1379
etag: W/"5f86630f-112ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: zI6Sa0O29OgrwJYy2C_secWPd61kxA5X8Ik1raudOdwhXuf3VXcRpw==
expires: Mon, 14 Dec 2020 21:19:41 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 177 KB
61 KB 72ms
72ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "032ddabb406fd4179075624c01a76c5d:1606693368.080684"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=49172
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 98 KB
29 KB 43ms
41ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7aa0de94f2a1424b10a2a72a14372c7ebd96a41a96cc86aff80bdd7e1f2a3782

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "9fe78c0aa76460a3c0378bcb80647421:1607915792.033366"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=27182
content-type: application/x-javascript
content-length: 29304

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 96ms
33ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5a2e775be063c9500eb603fc4795e53e52bae4c9b07eeed597fdac1e1efd87f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "724 / 831 of 1000 / last-modified: 1607948004"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18868
x-xss-protection: 0
expires: Mon, 14 Dec 2020 19:42:40 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 327 KB
98 KB 103ms
101ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "079b5880b9ed74f5d265d6b9199a2e85:1601422697.718452"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=39256
content-type: application/x-javascript

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 21 KB
9 KB 38ms
36ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ebaf330ad588600b4b748410b4f77f3cd9c4abc18e3a240156bc6ac9814cf896

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "25edec9c399349e0480c59ebca3d0a23:1607918432.510353"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=29883
content-type: application/x-javascript
content-length: 8648

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

62ms
24ms

Script
application/javascript

2600:9000:2104:6000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Dec 2020 20:13:22 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 84559
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: duXwP1knu-5q099B7OhvqYTrZyNlroyPCYZRyhyvpMfbH6WC8L_edQ==

Redirect headers

date: Mon, 14 Dec 2020 19:42:40 GMT
via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: lW7P1hfU-pvtFm5oTQzvfmUh-IBt9M9-5lDUj7M-U7TRaWc8NtY71Q==

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 139ms
49ms Script
text/javascript 13.32.6.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.6.63 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-6-63.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53c25ccb7181178c52c32fdf5e58a55d730bbfe8e45db600886adfb33d88411b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 19:01:31 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 05 Nov 2020 07:14:18 GMT
Server: AmazonS3
Age: 2470
ETag: "ae1b1b3c735b9c3894bc20532056e9de"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 0b727ed0f0558ba8e12453bfc7ff4907.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: i9YMUx6f-ZP9IIJOfaiElSVb4QIc3gOtuDsxvSz3dhFwyzkwQcPToQ==

GET
H2 200 utag.975.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 68ms
67ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.975.js?utv=ut4.46.202008240621
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2fa62fdf8e026049d48ee5b0227b6cde543ff47ae4d3a7ee43b360f9d154305f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
last-modified: Tue, 01 Oct 2019 02:56:54 GMT
server: AkamaiNetStorage
etag: "1411faee056be1abaeee38ce4f2bded2:1569898614.604449"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1287
expires: Tue, 29 Dec 2020 19:42:40 GMT

GET
H2 200 utag.985.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 2 KB
1 KB 68ms
68ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 04:49:47 GMT
server: AkamaiNetStorage
etag: "a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 900
expires: Tue, 29 Dec 2020 19:42:40 GMT

GET
H2 200 ggcmb510.js Show response
seccdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 65ms
16ms Script
application/javascript 2600:9000:2104:b800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:b800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: CeKWdfuThsyzKr0NmnwAM5a0VYitilJV
content-encoding: gzip
etag: "afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 3234
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 14 Dec 2020 18:48:46 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: pbdNGpy0iaVjyijpF1PmQogBDeAzRJ_KNA4EdmXqUaZRZD4CkcpU4g==

GET
H2 200 hotjar-465845.js Show response
static.hotjar.com/c/ 4 KB
2 KB 191ms
105ms Script
application/javascript 65.9.73.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-465845.js?sv=6

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.9 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

55e3f13f2d07653ad7b8ea7ef3e5e92c8a5e06404788457a4e67d95d855d0a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
etag: W/fdcd2c18f122da1915a0e0bd75b86cc9
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1661
via: 1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
x-amz-cf-id: StxE6A10fT9QSQh3wDMwbr1HzhVfj3N6nrgQji_dMhcw8NEeWbRsvQ==

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 79ms
26ms Script
application/javascript 2.17.176.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.17.176.249 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-176-249.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=627
accept-ranges: bytes
content-length: 15848

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
243 B 50ms
49ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202011240003&cb=1607974960255
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 22
expires: Mon, 14 Dec 2020 19:52:40 GMT

GET
H2 200 _error
uconnect.tealiumiq.com/ulog/ 43 B
455 B 96ms
30ms Image
image/gif 35.158.80.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uconnect.tealiumiq.com/ulog/_error?utid=newsltd/hwt/202011240003&e0=ge%3A%3A4%3A%3A%2F%2Ftags.tiqcdn.com%2Futag%2Fnewsltd%2Fhwt%2Fprod%2Futag.js%3A%3A_gaq%20is%20not%20defined
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.80.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-80-187.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:40 GMT
x-serverid: uconnect_i-058727ddd7f02da2a
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: _error::4:uconnect
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
x-error: _error is not supported
content-type: image/gif
x-ulver: 65ed533ac5b7460579a0f854b35565150511cdb2-SNAPSHOT
content-length: 43
x-uuid: 2080feff-4d8c-44dc-afd3-4e696d23ff77
expires: Mon, 14 Dec 2020 19:42:40 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 71ms
26ms Script
application/javascript 65.9.73.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Dec 2020 13:19:21 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 368600
ETag: "a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: KAKREbmpmCV7hg1q6SO4Bs_M2jfTtQIZguxXtk3doBQ2S0saGz8hlw==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607974960286
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607974960286

5 KB
2 KB

41ms
41ms

XHR
application/json

108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607974960286

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5a0bbf013e886a3e45a8258884e07f1f28d0b0957c9142a5359a7b8105779d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-0b2a9f32f.edge-irl1.demdex.com 5.80.1.20201111130852 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: thqt4EnAR5k=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1534
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.heraldsun.com.au
X-TID: gJRvCyuVTz8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607974960286
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK Cookie set dest5.html
newscorpau.demdex.net/ Frame 6738 0
0 151ms
36ms Document
text/html 54.194.171.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.171.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=21333485245962850940718422150944564211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 19 Nov 2020 14:56:38 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=21333485245962850940718422150944564211;Path=/;Domain=.demdex.net;Expires=Sat, 12-Jun-2021 19:42:40 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: DUu1HTGSSwk=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
metrics.heraldsun.com.au/ 48 B
516 B 445ms
35ms XHR
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=21312234277584977240716305882751824617&ts=1607974960516

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

c4a59d885c11b81aa6e054e845be26c151f7de4a5f227197f48562d387a8b73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-f7bfdfcfd-brkc9
vary: Origin
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X9fAMAAAAKG1qh-H
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=21333485245962850940718422150944564211
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9fAMAAAAKG1qh-H

42 B
915 B

71ms
33ms

Image
image/gif

108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9fAMAAAAKG1qh-H

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-0415ad50a.edge-irl1.demdex.com 5.80.1.20201111130852 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: fDzNOKZlRjg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9fAMAAAAKG1qh-H
Date: Mon, 14 Dec 2020 19:42:40 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/ 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=777534970119.7682?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 18:22:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2649
x-xss-protection: 0
server: cafe
etag: 804181672847865866
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 18:22:15 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
56 B 54ms
52ms Other
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubYrRiT4nceLOcZvxyLWSlsGuv75eAU42BMztbET-Acr2yOmkNIoXgQUPiQe-Lj64oqQJoOwigIftNp9oJXclOvrmU8z0yHxHYWo1gM1eKxIlit9kQxi9F2WSH7qtx54dT&sig=Cg0ArKJSzHPsoo0RRBWLEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20201203.49533&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=777534970119.7682?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 337ms
113ms Image
image/gif 18.205.230.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CngQoDDPMdJxCop0V_&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9864&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=5192&t=C0hJqYi9mj__PFnpBHh4nKDDKhZC&V=121&i=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-60&_acct=anon&sn=1&sv=C_TrjBn6vnoUToWIpsxpWDAj5tI&sd=1&im=06030402&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.230.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H3-Q050 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 89ms
55ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Mon, 14 Dec 2020 19:42:40 GMT

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 15 KB
1 KB 105ms
37ms XHR
application/octet-stream 2.17.176.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.17.176.249 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-176-249.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s9D81rRzINXxbJe2GpsceLRJAdvlBAld
content-encoding: gzip
last-modified: Mon, 30 Nov 2020 08:14:17 GMT
server: ATS/7.1.0
x-amz-request-id: 91CCD212DE681D6A
etag: "622b99881112d32ffad4119cdad72daf"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=424
date: Mon, 14 Dec 2020 19:42:40 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1050
x-amz-id-2: iBCGCrVm2rh0e4Dbcl+LZwg/Vc4epDTrBHRHg7xApyxRHzmqwCj2QIDjbw1yRQEpjrSvZIT+l60=

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 61 B
359 B 749ms
749ms XHR
text/plain 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 0d65919743905ca954e12255f116be6594f5c6ec20fab63ad2295ae71da41658

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 61
mime-version: 1.0
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H3-Q050 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 21 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8761
x-xss-protection: 0
server: cafe
etag: 16638491572200565323
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Dec 2020 20:28:54 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 648 B
886 B 132ms
52ms XHR
application/json 54.77.207.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=c71f7dbf-a7e6-0ac4-3c4f-542bba152810&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dcb8120b9adc65a196186b78077bae839c686f1945cb59d4413e5739ddc1c556

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
x-server-name: app42.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 storageframe.html
secure-gl.imrworldwide.com/ Frame DF5B 0
0 129ms
128ms Document
text/html 2600:9000:206e:6600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:6600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-gl.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
vary: Accept-Encoding
date: Mon, 14 Dec 2020 19:42:41 GMT
server: nginx
last-modified: Tue, 08 Dec 2020 21:31:18 GMT
etag: W/"5fcff0a6-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 3430EMfxOCglkLVL5BzBW94CmLfu_RN0w9_dXaxkdQRjwIzIR0s0Qw==

GET
H2 200 modules.9dd23155c7d4a9746d0b.js Show response
script.hotjar.com/ 222 KB
59 KB 75ms
23ms Script
application/javascript 65.9.73.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9dd23155c7d4a9746d0b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-465845.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.11 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

af1f298c793498fe8d6ad4006cff127be33466755c69ba3f28c58c23d9ceed55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 14:00:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 279746
x-cache: Hit from cloudfront
content-length: 59490
access-control-allow-origin: *
last-modified: Fri, 11 Dec 2020 13:57:00 GMT
etag: "019b2097ab02dbafab8c376bea41ecc2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: dfqkk1efVYs4PZJAoiN983U3lAOkfpTwMMheGN4YuxWnCO0zWOjlig==

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 10 KB
4 KB 170ms
54ms Script
text/html 82.199.68.73
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=4567269568247956142&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D6166849100184473300$$&ns=0&rnd=46420925764296483
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: aef78a0650f1c89487e7834c0425b7c716b8baaa454787b890001305f24d7a26

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:43:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 2385
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 40ms
40ms XHR
application/json 108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=21312234277584977240716305882751824617&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%012e8d3f1980b8629f51f65ae881da0b29%011&ts=1607974960964

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cc78de41fff36532878acb8cac41a699e03b5179b8f486e7eabef64ebb85ca41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v086-05f582ca4.edge-irl1.demdex.com 5.80.1.20201111130852 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: zDI2eYRnSG8=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1535
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 5F72 0
0 388ms
79ms Document
text/html 65.9.73.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-465845.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
content-length: 851
date: Wed, 04 Nov 2020 19:00:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Wed, 04 Nov 2020 16:31:53 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: tk_-drrqv362Bw85gJmBrlq5DhuDTFhdD9agpHox_MKoI2--grdPYw==
age: 3458529

GET
H2 200 s65532156200647
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
440 B 33ms
32ms Image
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s65532156200647?AQB=1&ndh=1&pf=1&t=14%2F11%2F2020%2020%3A42%3A41%201%20-60&cid.&newsnkidcookie.&id=2e8d3f1980b8629f51f65ae881da0b29&as=1&.newsnkidcookie&.cid&vid=2e8d3f1980b8629f51f65ae881da0b29&mid=21312234277584977240716305882751824617&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D48&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=6%3A42%20AM%7CTuesday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cmac%20os%20x%7C10_14_5&c60=D%3Dv60&v60=48&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=no%20plugins&v77=D%3Dmid&v78=nl%7Cunknown%7Camsterdam%7C52.35%7C4.92%7Cgmt%2B1%7Cunknown&v79=nl&v80=2e8d3f1980b8629f51f65ae881da0b29-00000000000000000000000000000000-1607974960181-21097&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:40 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 15 Dec 2020 19:42:41 GMT
server: jag
xserver: anedge-f7bfdfcfd-ksf8z
etag: 3453099935226232832-4621687341848887294
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 13 Dec 2020 19:42:41 GMT

POST
H2 204 bulk Show response
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
207 B 34ms
33ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1607974961.031381,VS0,VE10
x-served-by: cache-fra19127-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
803 B 46ms
25ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 14ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 122 KB
14 KB 89ms
88ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4164171413481454&correlator=4491321938979700&output=ldjh&impl=fifs&hxva=1&scor=1761989645421089&eid=21068530%2C21069144%2C21068810&vrg=2020120801&co=1&npa=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201214&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D871b1838-3e44-11eb-a989-0a0c79e93e25%7Cpos%3D1%26id%3D871b1839-3e44-11eb-a989-0a0c79e93e25%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7Cpos%3D2%26id%3D871b183a-3e44-11eb-a989-0a0c79e93e25%7Cpos%3D1%26id%3D871b183b-3e44-11eb-a989-0a0c79e93e25%7Cpos%3D2%26id%3D871b183c-3e44-11eb-a989-0a0c79e93e25%7Cpos%3D1%26id%3D871b183d-3e44-11eb-a989-0a0c79e93e25&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3D2e8d3f1980b8629f51f65ae881da0b29%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26pvid%3D2e8d3f1980b8629f51f65ae881da0b29-00000000000000000000000000000000-1607974960181-21097%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1607974961&dt=1607974961075&dlt=1607974958993&idt=1921&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1123%2C1124%2C176%2C176%2C0&adys=28%2C467%2C8182%2C9222%2C3110%2C9864&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C300x0%7C300x0%7C1248x0%7C1248x0%7C1600x9863&msz=728x133%7C300x276%7C1248x276%7C1000x50%7C728x90%7C1x1&ga_vid=467989956.1607974961&ga_sid=1607974961&ga_hid=880918322&fws=640%2C640%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

db922613dfbf6989f3f04d56586bc94be9c0bf54cd72af1269936ffa51b0bddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14112
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234025560,138234092471,138234092456,138234082178,138234025461,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5af29a8e53f898387fd48b26683e156a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 49ms
15ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5af29a8e53f898387fd48b26683e156a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607974961098&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstr...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607974961098&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstr...

44 B
491 B

125ms
124ms

Image
image/gif

2600:9000:206e:6600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607974961098&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-f3e39f2afdbb85e67efe315e07ed97ec&tz=1&ja=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:6600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: VIE50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: gh0CX2-d80ATT1wMizcsw1-QgX4Qnw58Cu0gq8Z-oH_0WV_fpHAbUg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: VIE50-C1
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607974961098&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-f3e39f2afdbb85e67efe315e07ed97ec&tz=1&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: ZFGdmiSAmTFhqstUxrwVabxJB5h4xKryt08u8qBKdKxfohUrHwlAtw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame F3E0 4 KB
5 KB 34ms
33ms Script
application/x-javascript 65.9.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 04:59:16 GMT
Via: 1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 53006
ETag: "98d98b3499058b76d58073cf8ede2f10"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: bZDCtRRWqJBIh3cHFt_1ayV8Qko1YnU2r9pDYTWhdoBoiCplK-4VZw==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 1DE8 5 KB
2 KB 24ms
24ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 66950
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1607974961.153945,VS0,VE0
x-served-by: cache-fra19143-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 9433 965 B
761 B 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 19:42:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=25078
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 662C 96 KB
38 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2106309b539a1d5dd1b2f6e8b8bf24fb71082cb256f91b4b30f42239ef37ef03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38971
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame EBC6 4 KB
5 KB 55ms
33ms Script
application/x-javascript 65.9.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 04:59:16 GMT
Via: 1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 53006
ETag: "98d98b3499058b76d58073cf8ede2f10"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: AChD6FXCOC7tRb8kyACnTRacf9NTPRYPbzcxWDqut54UDv2tTx9Vow==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 4971 7 KB
3 KB 424ms
60ms Script
application/javascript 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 19:42:41 GMT
Content-Encoding: gzip
Age: 449
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2601
X-Served-By: cache-lga21945-LGA, cache-hhn4031-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
X-Timer: S1607974962.549920,VS0,VE0
ETag: W/"5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Dec 2020 19:35:03 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 2, 310

GET
H3-Q050

200

activityi;dc_pre=CM-n-sKdzu0CFQ7Auwgd7rEMXQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5993014848055.5625
8228261.fls.doubleclick.net/ Frame 8389
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5993014848055.5625?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CM-n-sKdzu0CFQ7Auwgd7rEMXQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=599301484805...

0
0

239ms
190ms

Document
text/html

172.217.16.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CM-n-sKdzu0CFQ7Auwgd7rEMXQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5993014848055.5625?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f166.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CM-n-sKdzu0CFQ7Auwgd7rEMXQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5993014848055.5625?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkyRS7bYx64wu2fF1vOPsm2UPdjZ0bVeJ30FCDFXj084lloXo36614Zmxrh
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Dec 2020 19:42:41 GMT
expires: Mon, 14 Dec 2020 19:42:41 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 331
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Dec 2020 19:42:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CM-n-sKdzu0CFQ7Auwgd7rEMXQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5993014848055.5625?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

activityi;dc_pre=CJGf-sKdzu0CFTnKuwgd4k0Jsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5080838645805.13
8228261.fls.doubleclick.net/ Frame A1D6
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5080838645805.13?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJGf-sKdzu0CFTnKuwgd4k0Jsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=508083864580...

0
0

152ms
103ms

Document
text/html

172.217.16.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CJGf-sKdzu0CFTnKuwgd4k0Jsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5080838645805.13?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f166.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJGf-sKdzu0CFTnKuwgd4k0Jsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5080838645805.13?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkyRS7bYx64wu2fF1vOPsm2UPdjZ0bVeJ30FCDFXj084lloXo36614Zmxrh
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Dec 2020 19:42:41 GMT
expires: Mon, 14 Dec 2020 19:42:41 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 328
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Dec 2020 19:42:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJGf-sKdzu0CFTnKuwgd4k0Jsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5080838645805.13?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame CE28 96 KB
38 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-820018408

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e99772ee3b4111414156aa8b0d3cc59a03e9d6512b6b701ba7e96cd646e78b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38968
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 2A24 30 KB
12 KB 37ms
36ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame DAB2 43 B
609 B 3644ms
311ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:44 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 9270
Redirect Chain

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

43 B
1 KB

126ms
33ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid: 61ccd007-e8c7-4166-a05e-b31cb9027dc5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.44:80
AN-X-Request-Uuid: 6bc020c1-2a8d-4109-bb23-e9723ee8d2f6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

0
1 KB

110ms
22ms

Image
application/javascript

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid: 313b9050-6e46-439d-a9be-866d489e8bfb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.116:80
AN-X-Request-Uuid: c73893b8-2316-46d9-a561-b1cf11358002
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

0
1 KB

107ms
51ms

Image
application/javascript

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.113:80
AN-X-Request-Uuid: b8a9a59e-e6c3-441d-814c-e693eb23a252
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid: b613a772-c3ba-450c-a118-b25770a95cd6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2DB2 0
0 52ms
52ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLW0UQR5DzSf3F4I39cqyW9cE8DABuVZKhWLdLykej-Krxt49jQE3l6LSVNOfVkHL098FBQSlApobB8nRy8C6Drf9_fQlUx4HOPAXe5u1yWWqEKoBN69B9j3sQzD2LTtSYxqZq4cPkHGIl8J42lFKHEQiljpx7dDR-8NQe7MMMULecR03iFpDyTUSgvE8VJwbvZ4isgO-WyMiaDNGBhBRBiTx_9DuGzzP4XG7L5QF8z9nh8hvSBXsEdkw0SYRacP3w6mREPEHZ&sig=Cg0ArKJSzHQSN5mV6bkeEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 2DB2 18 KB
7 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 12:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 12:50:02 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 2DB2 3 KB
1 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 12:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 12:49:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DB2 76 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2DB2 0
0 16ms
16ms Image
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfeH3esP1n71q8QHmoykPibfQD5IwvcODauwgNjAz3U61dX9fEFodQk8641jFv9rXD9WWv
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 2DB2 68 B
232 B 52ms
37ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 13:29:15 GMT
x-content-type-options: nosniff
age: 195206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Dec 2021 13:29:15 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A1A2 0
0 54ms
54ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNbEzvU7entCYOYi9kGNtjSIeHrMN0U2Q3_cQ4BwSXOf-rdFWIwyR2yHtpkR7_yDNdm8rkJZc4Is6QZOsPqGPdwSiGkI0NHi7rCY44Rfe-32tylHvxeoPwXUPG_-FkFjx-r1wfn-u38hLZ3cpOxrNCgnctqXbgeMvsYSt_8ii1z6pXKxsnjCGKUk_To3nkherjMumgc6axMz4482Bxv72IQFPb49JBeklZxDec16vCqFTr7laDSNpx4YcBV7_C3bikQmKylL7O&sig=Cg0ArKJSzASkQGkgANzQEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame A1A2 18 KB
7 KB 32ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 12:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 12:50:02 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame A1A2 3 KB
2 KB 31ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 12:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 12:49:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1A2 76 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame A1A2 68 B
169 B 48ms
37ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 22:35:36 GMT
x-content-type-options: nosniff
age: 594425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 22:35:36 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 876B 0
0 45ms
41ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszh5QMno03PJou5e8IeOTsnlb04R9VxUTmuxzxPpRl9mvGc_aVGaBowaM9I2ERsYyfJT3efuScrFKlX2RrvhZLlJXTPU03409z08ZptUysT9K49KW1c35X_mFjSzrIgTR6kWnXbFd88WPGe8BanU6A3mziiqHZT8PRp_WzX6yurhf1tub_NXQUFTZndIa4RX4p8MVsQZ4ZiZshl1eA16OroCIPFGZbKDMcl7hnHFFqohkkVL16RLPClMq7or7IVcRrZRbHuTG7&sig=Cg0ArKJSzIGP3g5pNtT2EAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 876B 68 B
94 B 32ms
29ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 22:35:36 GMT
x-content-type-options: nosniff
age: 594425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 22:35:36 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 876B 18 KB
7 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 12:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 12:50:02 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 876B 3 KB
1 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 12:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 12:49:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 876B 76 KB
29 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 876B 0
0 33ms
29ms Image
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIieCnBJ4qeOw03mSGG3ob4mYaolfTbcuPht25YKpf6jPezyztqJfi5PXBUCwwI-g_Bvmi
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB39 0
0 42ms
42ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPfGAUFPQ7gWMjJx6_8JAEdYyJnZqytQIuhiqObqntMJP3DFvhtn7iJLtrk__uRznpAgVM0QYlBRxjGD7HVfuMPYji53v9rXYUSKinZMK1go0r9WN3xe5I3eC1iY65dp4h5zEwIwRm2_OQW1qhj_sQTb2C5rKEFxPrWB-9CBs4M1C8YPzFPuyYbsv0DbyhuH5WUH_lehTj9qIOtDRHjE79LNikhDgVEnJHA44GAJT4CuvpeIMdiPaIAMcHe2v5BAdWGWfCY5gg&sig=Cg0ArKJSzLbN5H00u450EAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame CB39 18 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 12:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 12:50:02 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame CB39 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 12:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 12:49:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB39 76 KB
29 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H3-Q050 200 13503232906761715217
tpc.googlesyndication.com/simgad/ Frame CB39 3 KB
3 KB 26ms
25ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13503232906761715217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 13:39:43 GMT
x-content-type-options: nosniff
age: 280978
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3270
x-xss-protection: 0
last-modified: Wed, 23 May 2018 04:43:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Dec 2021 13:39:43 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DFFE 0
0 47ms
42ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZ3L2zXH8mhIWjCya51Lc0nQDdi1me3lL2_wqevv39sRCFqgEIQTcTasU9T9t_q7WUVCQYJrdLRcAYQJ1AJaJZUnYy87N27dXPQYnspoXseTyPnC-dSDrMrpQJqsCQjo-L5c0GxMnD4tCaiPrlLpJSHKkM3k9iH4mKphFctir8X84wwZGhufnBJG3O0ZTLil-NbF4Qot0vK0Arvjpc6WkwTIQbKN8x1tgJFG06o0zXv1KjTvu13CrJFhcZsUlDg_15NCRXRHE7&sig=Cg0ArKJSzF30J6J7hyStEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=2e8d3f1980b8629f51f65ae881da0b29-1607974956

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame DFFE 68 B
94 B 22ms
20ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 13:29:15 GMT
x-content-type-options: nosniff
age: 195206
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Dec 2021 13:29:15 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame DFFE 18 KB
7 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 12:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 12:50:02 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame DFFE 3 KB
1 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 12:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Dec 2020 12:49:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFFE 76 KB
29 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame DFFE 0
0 44ms
14ms Image
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThbiBm-leRVtv5pE4rFWKcRL7Uwsvel8ZghS-goStWBS3pbh5SYu0gaXPFd87nKuDszUon
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 69ms
42ms Script
application/javascript 2600:9000:2104:6000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: a9yv6FoqUOJEHV8JhhsvdvrSixeG3nZZ
content-encoding: gzip
etag: "931051f801612c3a0e2782961ac3d56c"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 3131
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 14 Dec 2020 18:50:31 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: j25ZOX7e3xFs5An4Z3MfEahol0Uz6mjOCmb-eYEVb5JwH8pZ1E5GWQ==

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 9433 3 KB
2 KB 39ms
13ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 19:42:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:29:41 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=11274
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 adsct
t.co/i/ Frame 1DE8 43 B
170 B 138ms
137ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Mon, 14 Dec 2020 19:42:41 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 390b25254ab62c2860151f678a043e25
x-transaction: 00abdd2b007c1306
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 662C 30 KB
12 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 2A24 2 KB
1 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1607974961277&cv=9&fst=1607974961277&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b86b3755f5e94b951b89e2639504a9c89f4668df829fa7c63d2225ea6b5716c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 969
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A1A2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 007677223219409bd154cfc5ecfad6b9fd6b5ee641f3933f49c5a3d409762542

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 1AC5 46 KB
13 KB 493ms
110ms Script
application/javascript 54.77.207.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1866880806&custom=homepage&custom3=168400391&adsafe_par&impId=871b1839-3e44-11eb-a989-0a0c79e93e25
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c458b849e569b3ca6d4380d2f2f33ce738dfdd2efc0c8eb641c1231a5781bde6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-server-name: app20.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 2DB2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83757da3811545954d6cef42f43f8811a71d334821a4cc27cbcf6f6ac96ba404

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 31C5 46 KB
13 KB 519ms
142ms Script
application/javascript 54.77.207.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=817476037&custom=homepage&custom3=168400391&adsafe_par&impId=871b1838-3e44-11eb-a989-0a0c79e93e25
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b796c8f47371ad18735c4cacc482a73848a057f91f05fdb51ffc38018dc7fabd

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-server-name: app41.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame CE28 30 KB
12 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
DATA 200
OK truncated
/ Frame 876B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 945998a43adbb8d75feb5502e4159621efe8a89608c8f63f2157678b544eb346

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 7154 46 KB
13 KB 455ms
128ms Script
application/javascript 54.77.207.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1929640578&custom=homepage&custom3=168400391&adsafe_par&impId=871b183a-3e44-11eb-a989-0a0c79e93e25
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6f1c314b380c34ca12da85c6940d18d9a76df9109db9b1379aa24db82181bc70

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-server-name: app14.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB39 0
22 B 55ms
55ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQEGMIynin8mTpW6LWpXfc47rlaVQbwk3xuX6XMz7S1JaQ94Q36WiMXYDi2-VEfOxLUYz1oC2OwU2bcfqYLq5lGhl8dOqGErxxV4RVLziQIqI4fBHTiasm-LNVvcHQ8n93VxUinBCCR-9oLPN1woy2IJCv5JXHV41uhPlH3IOqlyRu8XWDdL9y5TLu4FjHwJ2cQdkmcPVi5hWyrp2OpLP4tNDUyBqzSeVGphgPOjQvXJni2Ixr2rBldTS1m7eSnlllJn_njjNXxOk&sig=Cg0ArKJSzGENzC4u0KloEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CB39 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18e10eaea2fd0677f5bca0dd9c3ad10320c4131b62247441c89547727a293fda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame B8D5 46 KB
13 KB 398ms
83ms Script
application/javascript 54.77.207.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=171174258&custom=homepage&custom3=168400391&adsafe_par&impId=871b183b-3e44-11eb-a989-0a0c79e93e25
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 325e0707f13a8f6fbee133bee8a18c507ddfd16efd810acba694e5ce6195b56a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-server-name: app31.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame DFFE 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61face5df6511fc28385fc22e99658cfd5f3c23d21a0f2f440dab23d6409d346

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 9331 46 KB
13 KB 461ms
151ms Script
application/javascript 54.77.207.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1445167679&custom=homepage&custom3=168400391&adsafe_par&impId=871b183c-3e44-11eb-a989-0a0c79e93e25
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6361112047421787e10603e842e8eb866d789890f717416855ad73422b73d316

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-server-name: app42.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A1A2 0
22 B 81ms
80ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujrB2wCYoWJrMX5RQGGh0mdQN3Rl70be-31XFZcXiwsgegIbenleZ9lCMPP9yqJBdwwADYQII_3eoxGUg95OAn7ubPe-RZAtE4ORGRDS9Er6uLUO--oUb__vEMzjYSRVLjQ-Jq2iVEQxY3-20ylzI2ZzkUb3YWPqrF8yFaE2YqO_BRISJ7BBw54ubLJvJ8uXN5LcS1qrp49JKn2wIWlTyGbLu2sdhx1puCyPDb2XSnIWvDsU2tZQslcUmaMkOMD-XuOlxs7JFAcBs&sig=Cg0ArKJSzH-_z4VkDJoCEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 876B 0
22 B 73ms
73ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNUuPHafXUJ27duLL4by_EhiSg8UbKAQxiTWWCrz5M3i6FPgGl8TKMLLEZXBLISjqwko6kE-Qu0I1BUivAC_HanKQSOjMbr5h82e0OJk5C__vW7FtVjmswe6tluBNrvyGVbHkkTOcTkgWsqd2ZnWNMYW0AS619eaK0uh6o9JhrQLPR0efqWcc2iBLODRU7G8RhC_exmjAl_iyV9h3tm9XXsRSEvwBlYvzZXssYwJLPXfYI1Ua1WxoM9QAsnSzIfRpthnIXUphGItk&sig=Cg0ArKJSzK8LqzxJ7uRmEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2DB2 0
22 B 72ms
72ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-WnhROnZtqqwhOX4PXoLH1cPqV8Yy7cANYTefuknp0qSrCtpixh4SAFGSoqAOu9SWWNL0EygOcAWHXNYHsQde_gHOkwe_3boUiBw69l0h8mRjNniAOdisnmIDfIERV_liYlfsAPdCPQpWggeCZH-XjL68nZxgCb9Q4ag-yT72PvKLrCrt6DQBqHGxSJDf4rvHnG2zStmD9Bol_Sys4i-2dxR-HY2LTFIn1x2Bvp4ompGSXkCfd_4oqrHW5OQrRVyrLKw2ohnbFp0&sig=Cg0ArKJSzPaupWqHjlViEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

collect
px.ads.linkedin.com/ Frame 9433
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607974961384
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1607974961...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607974961384&liSync=true

0
57 B

181ms
181ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607974961384&liSync=true
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: tFSbWrWsUBYAIcYeYysAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: poDcUrWsUBZQgysH6ioAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: A7A32A4B91554539984BA2F5B25642A3 Ref B: FRAEDGE1408 Ref C: 2020-12-14T19:42:41Z
x-frame-options: sameorigin
date: Mon, 14 Dec 2020 19:42:41 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607974961384&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DFFE 0
22 B 69ms
68ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk90LGEITZOMU34fm82vwLzlTL464NCKXw37cc1isWPY_poluQN59GMhspnmnCtWWLbS0kGHlKDAES6vnJMwRInCmc7UuxWvSG1s_Jwn1ZDVHuO2gVSXBW6yPFGmEVYi5E36AoGkAhsLbnV-Y9MArogsHEuiSkHlSioQBrWpCOM0tog8CvgPr5gO6GmBIYKlr5ZQhOjr7zjZhDqcY7pIp0nzARRjchM3GaO-O6EFCYrcBoo34nZ591-gv7PJPZEuUlqvKO5VfOAl4&sig=Cg0ArKJSzK5rYvNDLZYQEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 662C 2 KB
1 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1607974961392&cv=9&fst=1607974961392&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46978ef096532138a7e8bc9b6b8b4df825c86880d2be04b44528a1c0f0a49edc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1011
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 52ms
51ms Script
application/javascript 2600:9000:2104:6000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33a501cd209d877bfd8058b1a455c94153f7b6905cbd05c7dd20bb4705c6ee45

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: AAHTu.sthlK12JA3e.ZSvDdT.130upX7
content-encoding: gzip
etag: "661de017ab8d0802eb20fc63e0456414"
last-modified: Mon, 14 Dec 2020 07:18:03 GMT
server: AmazonS3
age: 207
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Mon, 14 Dec 2020 19:39:15 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: VRvgrcoY1jYSY6FHr8fk16f2WU97HT42U9t1Ol0nO-6R_Qhq_7JGMw==

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame CE28 2 KB
1 KB 147ms
146ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1607974961403&cv=9&fst=1607974961403&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

655a6828be460d9a354c7074262ad2dbf394112273fe6201b59b8b482235110f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1010
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame 2A24 42 B
488 B 44ms
44ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1607974961277&cv=9&fst=1607972400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=835286453&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859754747/ Frame 2A24 42 B
108 B 38ms
38ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859754747/?random=1607974961277&cv=9&fst=1607972400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=835286453&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 173 KB
50 KB 18ms
17ms Script
application/javascript 2600:9000:2104:6000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8pyu2AVizz7qLhkNLlydOCakgrumnPjD
content-encoding: gzip
etag: "2a3ec0074402cc8fa654f381bebd2e04"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 2853
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 14 Dec 2020 18:55:09 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 9gp_2pANY0mUMJcr0jrpQR5dE6Rln3UhomVG3DTRdcKxRj5nhmk5SA==

GET
H2 200 campaigns Show response
resourcesssl.newscdn.com.au/indies/ 7 KB
2 KB 52ms
51ms XHR
application/json 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by: Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash: 4ec4545ad59e9dbde642d7a701d279ab2de4bc182633de2375ef01d6c2dfff24

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Dec 2020 19:42:41 GMT
content-encoding: gzip
etag: W/"1b42-FbvaI/QTap9x4FONUUHcFmNCkck"
x-powered-by: Express
x-cache-hits: 0
content-length: 1839
x-served-by: cache-dca17775-DCA
server: Google Frontend
x-timer: S1607927222.528106,VS0,VE302
x-i: true
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: c490feaebef554b675f1afa4f6a2d411
cache-control: private, max-age=557020
function-execution-id: 82dowlvzd5jx
accept-ranges: bytes
x-orig-accept-language: en-US,en;q=0.9
x-country-code: DE
expires: Mon, 21 Dec 2020 06:26:21 GMT

OPTIONS
H2 204 campaigns
resourcesssl.newscdn.com.au/indies/ Frame 0
0 351ms
351ms Other
text/html 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol: H2
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-type: text/html
function-execution-id: 8rkc61733mrk
server: Google Frontend
x-cloud-trace-context: 5e3f4620e145b30116abe317537025dd
x-country-code: DE
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
x-served-by: cache-dca17747-DCA
x-cache-hits: 0
x-timer: S1607974962.553355,VS0,VE213
cache-control: private, max-age=604800
expires: Mon, 21 Dec 2020 19:42:41 GMT
date: Mon, 14 Dec 2020 19:42:41 GMT
x-i: true

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 6C81 0
0 38ms
38ms Document
text/html 2600:9000:2104:6000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCVER=v1; IMRID=874de760-3e44-11eb-8af0-ab202430d3db
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
last-modified: Tue, 17 Nov 2020 14:36:23 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: fXiAi9JTI1XHMxGqL.0MvkCakB1rMXT9
server: AmazonS3
content-encoding: gzip
date: Mon, 14 Dec 2020 19:14:08 GMT
etag: "7fa83dfc7b78314b137e2eb13834daa7"
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: wc2CXTzZ0K5-7cKsPPEckR_D2cS5XEel95W_D69ZC2CGDc9KHKTbQQ==
age: 1714

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame 662C 42 B
66 B 36ms
35ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1607974961392&cv=9&fst=1607972400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=595571307&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/707564276/ Frame 662C 42 B
66 B 68ms
33ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707564276/?random=1607974961392&cv=9&fst=1607972400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=595571307&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/820018408/ Frame CE28 42 B
66 B 21ms
21ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/820018408/?random=1607974961403&cv=9&fst=1607972400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3929282313&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/820018408/ Frame CE28 42 B
530 B 24ms
24ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/820018408/?random=1607974961403&cv=9&fst=1607972400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3929282313&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 4971 42 B
355 B 54ms
54ms Image
image/gif 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1607974961580&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1607974961580&et=1607974961580&if=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Dec 2020 19:42:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 10.13.70.77:80
Content-Length: 42
Content-Type: image/gif

GET
H2 200 main.gr.19.8.149.js Show response
static.adsafeprotected.com/ Frame B8D5 176 KB
56 KB 121ms
43ms Script
application/javascript 2600:9000:20a5:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.149.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=171174258&custom=homepage&custom3=168400391&adsafe_par&impId=871b183b-3e44-11eb-a989-0a0c79e93e25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a5:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 16:29:23 GMT
content-encoding: gzip
age: 443599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Dec 2020 16:13:56 GMT
server: AmazonS3
etag: W/"7a5b536396630d4384ea30d5372afce3"
vary: Accept-Encoding
x-amz-version-id: 9Jd5zGDFPA.mRZ.RWVPZ582SkXlqlHka
via: 1.1 185768229530368be94556dcab1c486b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: OSL50-C1
content-type: application/javascript
x-amz-cf-id: czBsbz55NDI5Ho7eaVu4PD4XkmbWLfVR7n2K1_V0h6fTMjlKn2ftOg==

GET
H2 200 main.gr.19.8.149.js Show response
static.adsafeprotected.com/ Frame 1AC5 176 KB
56 KB 94ms
44ms Script
application/javascript 2600:9000:20a5:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.149.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1866880806&custom=homepage&custom3=168400391&adsafe_par&impId=871b1839-3e44-11eb-a989-0a0c79e93e25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a5:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 16:29:23 GMT
content-encoding: gzip
age: 443599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Dec 2020 16:13:56 GMT
server: AmazonS3
etag: W/"7a5b536396630d4384ea30d5372afce3"
vary: Accept-Encoding
x-amz-version-id: 9Jd5zGDFPA.mRZ.RWVPZ582SkXlqlHka
via: 1.1 185768229530368be94556dcab1c486b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: OSL50-C1
content-type: application/javascript
x-amz-cf-id: ZIW6-oeUOW09uGqj-cmQodJU1jx-5FS3WbW_J1iE47v5yxu42jkqUQ==

GET
H2 200 main.gr.19.8.149.js Show response
static.adsafeprotected.com/ Frame 7154 176 KB
56 KB 76ms
44ms Script
application/javascript 2600:9000:20a5:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.149.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1929640578&custom=homepage&custom3=168400391&adsafe_par&impId=871b183a-3e44-11eb-a989-0a0c79e93e25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a5:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 16:29:23 GMT
content-encoding: gzip
age: 443599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Dec 2020 16:13:56 GMT
server: AmazonS3
etag: W/"7a5b536396630d4384ea30d5372afce3"
vary: Accept-Encoding
x-amz-version-id: 9Jd5zGDFPA.mRZ.RWVPZ582SkXlqlHka
via: 1.1 185768229530368be94556dcab1c486b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: OSL50-C1
content-type: application/javascript
x-amz-cf-id: hIdIu3FdwYDvBM0YqgJBSMfQRH6vncln2ddT8sASlYfffGxT7xElQw==

GET
H2 200 main.gr.19.8.149.js Show response
static.adsafeprotected.com/ Frame 31C5 176 KB
56 KB 63ms
44ms Script
application/javascript 2600:9000:20a5:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.149.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=817476037&custom=homepage&custom3=168400391&adsafe_par&impId=871b1838-3e44-11eb-a989-0a0c79e93e25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a5:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 16:29:23 GMT
content-encoding: gzip
age: 443599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Dec 2020 16:13:56 GMT
server: AmazonS3
etag: W/"7a5b536396630d4384ea30d5372afce3"
vary: Accept-Encoding
x-amz-version-id: 9Jd5zGDFPA.mRZ.RWVPZ582SkXlqlHka
via: 1.1 185768229530368be94556dcab1c486b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: OSL50-C1
content-type: application/javascript
x-amz-cf-id: 4oylCdAedHT6F5AoErNpVsNTQ-uCbEoHaR4FuaHdfQQ2WY72ydMLbg==

GET
H2 200 main.gr.19.8.149.js Show response
static.adsafeprotected.com/ Frame 9331 176 KB
56 KB 52ms
44ms Script
application/javascript 2600:9000:20a5:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.149.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1445167679&custom=homepage&custom3=168400391&adsafe_par&impId=871b183c-3e44-11eb-a989-0a0c79e93e25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a5:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 16:29:23 GMT
content-encoding: gzip
age: 443599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Dec 2020 16:13:56 GMT
server: AmazonS3
etag: W/"7a5b536396630d4384ea30d5372afce3"
vary: Accept-Encoding
x-amz-version-id: 9Jd5zGDFPA.mRZ.RWVPZ582SkXlqlHka
via: 1.1 185768229530368be94556dcab1c486b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: OSL50-C1
content-type: application/javascript
x-amz-cf-id: Zq52LGEUePrrC-xvuCCu-lfNM5XhxQftereTveXfEqPwf03jUkheJQ==

GET
H2 200 style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 969 B
737 B 91ms
90ms Stylesheet
text/css 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/style.css

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "617866c501ae2baecee3c33975ca8125d4935302e86a88dedf91278f1aec543e"
last-modified: Wed, 09 Dec 2020 05:03:11 GMT
x-timer: S1607490656.986599,VS0,VE1
x-i: true
x-served-by: cache-dca17728-DCA
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=1050
date: Mon, 14 Dec 2020 19:42:41 GMT
x-cache-hits: 1
accept-ranges: bytes
content-length: 406
expires: Mon, 14 Dec 2020 20:00:11 GMT

GET
H2 200 main.js Show response
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 3 KB
2 KB 49ms
49ms Script
text/javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/main.js

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "799b8c406ecbbc260dc9ac71c011202326bd9a557b155ba1707af12579eded3c"
last-modified: Wed, 09 Dec 2020 05:03:11 GMT
x-timer: S1607490568.714474,VS0,VE1
x-i: true
x-served-by: cache-dca17736-DCA
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=949
date: Mon, 14 Dec 2020 19:42:41 GMT
x-cache-hits: 1
accept-ranges: bytes
content-length: 1276
expires: Mon, 14 Dec 2020 19:58:30 GMT

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 6D65 81 KB
22 KB 41ms
41ms Script
application/javascript 2600:9000:20a5:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a5:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 03:42:21 GMT
content-encoding: gzip
age: 1094421
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 185768229530368be94556dcab1c486b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: OSL50-C1
content-type: application/javascript
x-amz-cf-id: -Y_hOzGOJsghSgrwulvK3RHFyz6SZb9YRYZCAbFoO4LiEFKP2Qc2Mw==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 63ms
62ms Image
image/gif 54.77.207.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=171174258&custom=homepage&custom3=168400391&adsafe_par&impId=871b183b-3e44-11eb-a989-0a0c79e93e25&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:d0031f92-3706-1d22-8bbc-a536d532445c,c:wTRLcO,sl:outOfView,em:true,fr:true,mn:app31ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.9248.10.10,am:i,cc:795.9248.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjaX4or+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1i1|1j1|1k*.10507|1k1|1l1|1m|1n,idMap:1k*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:188,oid:8784af2c-3e44-11eb-9630-06cc0da90f4d,v:19.8.149,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:42 GMT
x-server-name: app38.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 233ms
42ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=d0031f92-3706-1d22-8bbc-a536d532445c&tv={c:wTRLde,pingTime:-2,time:213,type:a,im:{sf:0,pom:1,prf:{beA:404,beZ:405,mfA:572,cmA:573,inA:573,inZ:581,prA:581,prZ:586,si:592,poA:592,poZ:602,cmZ:602,mfZ:602,loA:610,loZ:613,ltA:616,ltZ:616}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:10,h:10,t:187}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:213,n:0,pp:0,pm:0},slEvents:[{sl:o,t:187,wc:0.0.1600.1200,ac:795.9248.10.10,am:i,cc:795.9248.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[40~0],as:[40~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjaX4or+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1i1|1j1|1k*.10507|1k1|1l1|1m|1n,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1],sinceFw:25,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt39ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 6475 81 KB
22 KB 40ms
40ms Script
application/javascript 2600:9000:20a5:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a5:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 03:42:21 GMT
content-encoding: gzip
age: 1094422
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 185768229530368be94556dcab1c486b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: OSL50-C1
content-type: application/javascript
x-amz-cf-id: 5vJ9ypE2pmXCVW76KArAfUr3CtCFqtmzZooYk8M6508prI6qhvVrgA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 56ms
55ms Image
image/gif 54.77.207.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=817476037&custom=homepage&custom3=168400391&adsafe_par&impId=871b1838-3e44-11eb-a989-0a0c79e93e25&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:45aca59f-72ff-c451-cb38-2136aeb527f3,c:wTRLdE,sl:outOfView,em:true,fr:true,mn:app41ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjaX4po+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h*.10507|1h1|1i1|1j1|1k1|1k2|1l1|1m|1n,idMap:1h*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:181,oid:8784d66b-3e44-11eb-a497-0ae4aba8ea09,v:19.8.149,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:42 GMT
x-server-name: app27.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 1AD8 81 KB
22 KB 36ms
36ms Script
application/javascript 2600:9000:20a5:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a5:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 03:42:21 GMT
content-encoding: gzip
age: 1094422
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 185768229530368be94556dcab1c486b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: OSL50-C1
content-type: application/javascript
x-amz-cf-id: gIfCGWbDx7QrFMYNvJG5Ip99Iwr1ln-ruwFDx_ApuAeyGd31uA0CbQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 52ms
51ms Image
image/gif 54.77.207.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1866880806&custom=homepage&custom3=168400391&adsafe_par&impId=871b1839-3e44-11eb-a989-0a0c79e93e25&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:14cf0d8b-8afe-abe9-b99e-5c5562c209e2,c:wTRLe2,sl:outOfView,em:true,fr:true,mn:app20ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjaX4oS+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1h2|1i*.10507|1i1|1j1|1k1|1k2|1l1|1m|1n,idMap:1i*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:236,oid:8784d5e3-3e44-11eb-af9a-02467abe7cd0,v:19.8.149,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:42 GMT
x-server-name: app21.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 185ms
40ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=45aca59f-72ff-c451-cb38-2136aeb527f3&tv={c:wTRLep,pingTime:-2,time:227,type:a,im:{sf:0,pom:1,prf:{beA:524,beZ:525,mfA:694,cmA:694,inA:694,inZ:696,prA:696,prZ:700,si:704,poA:704,poZ:709,cmZ:709,mfZ:709,loA:718,loZ:719,ltA:750,ltZ:750}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:180}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:227,n:0,pp:0,pm:0},slEvents:[{sl:o,t:180,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[56~0],as:[56~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjaX4oS+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h*.10507|1h1|1i.10507|1i1|1j1|1k1|1k2|1l1|1m|1n,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1],sinceFw:45,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 5F0F 81 KB
22 KB 36ms
36ms Script
application/javascript 2600:9000:20a5:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a5:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 03:42:21 GMT
content-encoding: gzip
age: 1094422
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 185768229530368be94556dcab1c486b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: OSL50-C1
content-type: application/javascript
x-amz-cf-id: gol0HR8zETDnQPtItCZ8NjT7Rbnzm6CWy-MVteWRX33DWstlx8yYIg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 58ms
57ms Image
image/gif 54.77.207.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1445167679&custom=homepage&custom3=168400391&adsafe_par&impId=871b183c-3e44-11eb-a989-0a0c79e93e25&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:75a24041-230b-67ae-8f4d-a16d4d24efcf,c:wTRLeI,sl:outOfView,em:true,fr:true,mn:app42ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.3127.1.1,am:i,cc:800.3127.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjaX4py+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1h2|1i1|1i2|1j1|1k1|1k2|1l*.10507|1l1|1m|1n,idMap:1l*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:236,oid:8785e7b7-3e44-11eb-a989-0a0c79e93e25,v:19.8.149,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:42 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame F720 81 KB
22 KB 39ms
39ms Script
application/javascript 2600:9000:20a5:6a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a5:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 03:42:21 GMT
content-encoding: gzip
age: 1094422
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 185768229530368be94556dcab1c486b.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: OSL50-C1
content-type: application/javascript
x-amz-cf-id: WfdVvtSwZJAHBu3mOkdOHCYQtUSgpeuKIvXG2P-fh3asU7TQo84VUA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 51ms
50ms Image
image/gif 54.77.207.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1929640578&custom=homepage&custom3=168400391&adsafe_par&impId=871b183a-3e44-11eb-a989-0a0c79e93e25&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:7ff14abb-45fb-65e1-3835-062a42b03b59,c:wTRLeY,sl:outOfView,em:true,fr:true,mn:app14ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.8217.1.1,am:i,cc:1274.8217.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjaX4pb+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1h2|1i1|1i2|1j*.10507|1j1|1k1|1k2|1l1|1l2|1m|1n,idMap:1j*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:276,oid:8784d678-3e44-11eb-9782-02c390e9b11a,v:19.8.149,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:42 GMT
x-server-name: app22.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 148ms
38ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=14cf0d8b-8afe-abe9-b99e-5c5562c209e2&tv={c:wTRLfe,pingTime:-2,time:310,type:a,im:{sf:0,pom:1,prf:{beA:498,beZ:500,mfA:726,cmA:726,inA:726,inZ:728,prA:728,prZ:731,si:734,poA:734,poZ:738,cmZ:738,mfZ:738,loA:768,loZ:769,ltA:808,ltZ:808}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:236}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:310,n:0,pp:0,pm:0},slEvents:[{sl:o,t:236,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[81~0],as:[81~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjaX4oS+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1h2|1i*.10507|1i1|1j1|1k1|1k2|1l.10507|1l1|1m|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3],sinceFw:74,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt39ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 151ms
36ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=75a24041-230b-67ae-8f4d-a16d4d24efcf&tv={c:wTRLfx,pingTime:-2,time:287,type:a,im:{sf:0,pom:1,prf:{beA:468,beZ:470,mfA:697,cmA:697,inA:697,inZ:699,prA:699,prZ:702,si:704,poA:704,poZ:710,cmZ:710,mfZ:710,loA:737,loZ:738,ltA:754,ltZ:754}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:236}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:287,n:0,pp:0,pm:0},slEvents:[{sl:o,t:236,wc:0.0.1600.1200,ac:800.3127.1.1,am:i,cc:800.3127.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[57~0],as:[57~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjaX4pb+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1h2|1i1|1i2|1j.10507|1j1|1k1|1k2|1l*.10507|1l1|1m|1n,idMap:1l*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168],sinceFw:51,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 159ms
33ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=7ff14abb-45fb-65e1-3835-062a42b03b59&tv={c:wTRLfA,pingTime:-2,time:313,type:a,im:{sf:0,pom:1,prf:{beA:462,beZ:464,mfA:729,cmA:729,inA:729,inZ:731,prA:731,prZ:735,si:738,poA:738,poZ:742,cmZ:742,mfZ:742,loA:763,loZ:763,ltA:775,ltZ:775}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:275}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:313,n:0,pp:0,pm:0},slEvents:[{sl:o,t:275,wc:0.0.1600.1200,ac:1274.8217.1.1,am:i,cc:1274.8217.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[45~0],as:[45~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjaX4pb+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1h2|1i1|1i2|1j*.10507|1j1|1k1|1k2|1l.10507|1l1|1l2|1m|1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22],sinceFw:37,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt39ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 167ms
31ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=d0031f92-3706-1d22-8bbc-a536d532445c&tv={c:wTRLfO,time:373,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:373,n:0,pp:0,pm:0},slEvents:[{sl:o,t:187,wc:0.0.1600.1200,ac:795.9248.10.10,am:i,cc:795.9248.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[200~0],as:[200~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjaX4or+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h.10507|1h1|1i.10507|1i1|1j.10507|1j1|1k*.10507|1k1|1l.10507|1l1|1m|1n,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 up
insight.adsrvr.org/track/ Frame DF4F 0
0 52ms
52ms Document
text/html 52.49.200.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.200.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-200-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=f73475bf-a0db-4017-b795-586539cb5fe6; TDCPM=CAESEgoDYWFtEgsIkojous6ckDkQBRgFIAEoAjILCOTWxOfknJA5EAU4AQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Mon, 14 Dec 2020 19:42:42 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 1DE8 31 B
279 B 159ms
159ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Mon, 14 Dec 2020 19:42:42 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 52ed90c26757b130e3d48a88cee01fb1
x-transaction: 001c294a00d0fb6b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 534C 0
0 61ms
57ms Document
text/html 52.49.200.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.200.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-200-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=f73475bf-a0db-4017-b795-586539cb5fe6; TDCPM=CAESEgoDYWFtEgsIkojous6ckDkQBRgFIAEoAjILCOTWxOfknJA5EAU4AQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Mon, 14 Dec 2020 19:42:42 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 77ms
29ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=45aca59f-72ff-c451-cb38-2136aeb527f3&tv={c:wTRLgo,time:350,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:350,n:0,pp:0,pm:0},slEvents:[{sl:o,t:180,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[179~0],as:[179~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjaX4oS+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h*.10507|1h1|1i.10507|1i1|1j.10507|1j1|1k1|1k2|1l.10507|1l1|1m|1n,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt39ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 89ms
31ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=14cf0d8b-8afe-abe9-b99e-5c5562c209e2&tv={c:wTRLgv,time:389,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:389,n:0,pp:0,pm:0},slEvents:[{sl:o,t:236,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[160~0],as:[160~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjaX4oS+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1h2|1i*.10507|1i1|1j.10507|1j1|1k1|1k2|1l.10507|1l1|1m|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 74ms
33ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=75a24041-230b-67ae-8f4d-a16d4d24efcf&tv={c:wTRLgy,time:350,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:350,n:0,pp:0,pm:0},slEvents:[{sl:o,t:236,wc:0.0.1600.1200,ac:800.3127.1.1,am:i,cc:800.3127.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[120~0],as:[120~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjaX4pb+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1h2|1i1|1i2|1j.10507|1j1|1k1|1k2|1l*.10507|1l1|1m|1n,idMap:1l*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt39ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 89ms
33ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=7ff14abb-45fb-65e1-3835-062a42b03b59&tv={c:wTRLgy,time:373,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:374,n:0,pp:0,pm:0},slEvents:[{sl:o,t:275,wc:0.0.1600.1200,ac:1274.8217.1.1,am:i,cc:1274.8217.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[106~0],as:[106~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjaX4pb+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1h2|1i1|1i2|1j*.10507|1j1|1k1|1k2|1l.10507|1l1|1l2|1m|1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 28ms
27ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=d0031f92-3706-1d22-8bbc-a536d532445c&tv={c:wTRLjZ,pingTime:-10,time:632,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607974962394||61aa10124dfd8da42231633c8fa9276d||71ff54ebddb1e090fbf173d96e2342c8||fed2083462e595fb3b75682f819b1bf3||43a607738d94fed3027049ef22f5a372||6328c097a45bfd217f4962b16f939819||08c87825004bc2e2865d8cdfa7c2aed7||a07613758b7c6a24ef6ecdfb9d74e441||1576000828}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

POST
H2 200 validate
assets.vidora.com/v1/ 0
312 B 264ms
264ms Other
application/octet-stream 2600:9000:2104:3000:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by: Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:3000:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 14 Dec 2020 19:42:42 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: cFXHNXWn53y_q1y9s5eTfxfkjhMujPTmd_nRrhKs3OZsLEnTbmdIeg==
expires: Mon, 14 Dec 2020 19:42:41 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 24ms
23ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=14cf0d8b-8afe-abe9-b99e-5c5562c209e2&tv={c:wTRLlE,pingTime:-10,time:708,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607974962394||61aa10124dfd8da42231633c8fa9276d||71ff54ebddb1e090fbf173d96e2342c8||fed2083462e595fb3b75682f819b1bf3||43a607738d94fed3027049ef22f5a372||6328c097a45bfd217f4962b16f939819||08c87825004bc2e2865d8cdfa7c2aed7||a07613758b7c6a24ef6ecdfb9d74e441||1576000828,sca:{spg:d0031f92-3706-1d22-8bbc-a536d532445c}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 32ms
32ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=7ff14abb-45fb-65e1-3835-062a42b03b59&tv={c:wTRLnm,pingTime:-10,time:795,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607974962394||61aa10124dfd8da42231633c8fa9276d||71ff54ebddb1e090fbf173d96e2342c8||fed2083462e595fb3b75682f819b1bf3||43a607738d94fed3027049ef22f5a372||6328c097a45bfd217f4962b16f939819||08c87825004bc2e2865d8cdfa7c2aed7||a07613758b7c6a24ef6ecdfb9d74e441||1576000828,sca:{spg:d0031f92-3706-1d22-8bbc-a536d532445c}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 23ms
23ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=45aca59f-72ff-c451-cb38-2136aeb527f3&tv={c:wTRLoy,pingTime:-10,time:856,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607974962394||61aa10124dfd8da42231633c8fa9276d||71ff54ebddb1e090fbf173d96e2342c8||fed2083462e595fb3b75682f819b1bf3||43a607738d94fed3027049ef22f5a372||6328c097a45bfd217f4962b16f939819||08c87825004bc2e2865d8cdfa7c2aed7||a07613758b7c6a24ef6ecdfb9d74e441||1576000828,sca:{spg:d0031f92-3706-1d22-8bbc-a536d532445c}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 31ms
31ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=75a24041-230b-67ae-8f4d-a16d4d24efcf&tv={c:wTRLqe,pingTime:-10,time:950,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607974962394||61aa10124dfd8da42231633c8fa9276d||71ff54ebddb1e090fbf173d96e2342c8||fed2083462e595fb3b75682f819b1bf3||43a607738d94fed3027049ef22f5a372||6328c097a45bfd217f4962b16f939819||08c87825004bc2e2865d8cdfa7c2aed7||a07613758b7c6a24ef6ecdfb9d74e441||1576000828,sca:{spg:d0031f92-3706-1d22-8bbc-a536d532445c}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:42 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 34ms
33ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=45aca59f-72ff-c451-cb38-2136aeb527f3&tv={c:wTRLwx,time:1351,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1351,n:0,pp:0,pm:0},slEvents:[{sl:o,t:180,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1180~0],as:[1180~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:25,fm:sjaX4oS+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h*.10507|1h1|1i.10507|1i1|1j.10507|1j1|1k1|1k2|1l.10507|1l1|1m|1n,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:43 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 32ms
31ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=14cf0d8b-8afe-abe9-b99e-5c5562c209e2&tv={c:wTRLx1,time:1413,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1413,n:0,pp:0,pm:0},slEvents:[{sl:o,t:236,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1184~0],as:[1184~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:26,fm:sjaX4oS+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1h2|1i*.10507|1i1|1j.10507|1j1|1k1|1k2|1l.10507|1l1|1m|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:43 GMT
X-Server-Name: dt39ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
528 B 51ms
49ms Image
image/gif 52.214.20.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=ublhlcc7hqeyyae8mj8busxwqhkhq1607974961&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,gxesbl8amb7cqnsssra7b88cfm1i61607974961&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16079749615057203&c30=bldv,6.0.0.563&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1607974961235&c3=st,c&c64=starttm,1607974963&adid=1607974961235&c58=isLive,false&c59=sesid,&c61=createtm,1607974963&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&c62=sendTime,1607974963&rnd=647184
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.20.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-20-184.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:44 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36a40f720f95e0cc9e0259f9942c365cc5a4a6be3019a754179fe918d05f8b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Dec 2020 19:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6455
x-xss-protection: 0

GET
H2 200 9ad4f61b818e26b84fff632509884d79
content.api.news/v3/images/bin/ 8 KB
9 KB 85ms
83ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/9ad4f61b818e26b84fff632509884d79?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c1242cd5577ab53191d8d2ae7b5400846f20cda2c922867916b6d6c560fb6908

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 9ad4f61b818e26b84fff632509884d79
date: Mon, 14 Dec 2020 19:42:44 GMT
last-modified: Mon, 14 Dec 2020 10:20:31 GMT
server: Akamai Image Manager
etag: 2e5b8a2ce694fb87bec55136b891fd62-9ad4f61b818e26b84fff632509884d79-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5150250
access-control-allow-headers: x-newsapi-api-key
content-length: 8640
expires: Fri, 12 Feb 2021 10:20:14 GMT

GET
H2 200 caf6f389ba617211b21fcbb5ddd42d2f
content.api.news/v3/images/bin/ 10 KB
11 KB 86ms
85ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/caf6f389ba617211b21fcbb5ddd42d2f?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6ed58c077470287394e92bc3468baaac3ba7e54de279906c88b2697fa5deaa0b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: caf6f389ba617211b21fcbb5ddd42d2f
date: Mon, 14 Dec 2020 19:42:44 GMT
last-modified: Mon, 14 Dec 2020 03:42:13 GMT
server: Akamai Image Manager
etag: 42f88febc2a60e4113ee3cd5a5fcee4f-caf6f389ba617211b21fcbb5ddd42d2f-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5123235
access-control-allow-headers: x-newsapi-api-key
content-length: 10724
expires: Fri, 12 Feb 2021 02:49:59 GMT

GET
H2 200 eb01cf9a25a4b043bb23621650510a36
content.api.news/v3/images/bin/ 9 KB
9 KB 93ms
91ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/eb01cf9a25a4b043bb23621650510a36?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a2bafb253e95298abf7b692d498491ce5c9f68212dacc824b9a4ce3b7b914247

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: eb01cf9a25a4b043bb23621650510a36
date: Mon, 14 Dec 2020 19:42:44 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 11deb0ba33d2f5567acb1065469dcf35-eb01cf9a25a4b043bb23621650510a36-320
x-serial: 79
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5126511
last-modified: Mon, 14 Dec 2020 03:44:14 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 8862
expires: Fri, 12 Feb 2021 03:44:35 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 19:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 14 Dec 2020 19:42:44 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame EB8E 0
0 7ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 14 Dec 2020 18:55:33 GMT
expires: Tue, 14 Dec 2021 18:55:33 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2831
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 a655102e489fb0e9ed75c20559c89229
content.api.news/v3/images/bin/ 11 KB
12 KB 75ms
75ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/a655102e489fb0e9ed75c20559c89229?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: fcd9ab1c0dc641633a0da4c080985862f7cab586f1ceebb267bc31422d9a76d9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: a655102e489fb0e9ed75c20559c89229
date: Mon, 14 Dec 2020 19:42:45 GMT
last-modified: Mon, 14 Dec 2020 09:15:04 GMT
server: Akamai Image Manager
etag: 70836dfedc319976dfd1b7c194ac46ea-a655102e489fb0e9ed75c20559c89229-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5146298
access-control-allow-headers: x-newsapi-api-key
content-length: 11460
expires: Fri, 12 Feb 2021 09:14:23 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
137 B 16ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120801&jk=4164171413481454&bg=!cnGlcVHNAAXKjztBylho3tCZYHUsQAIAAABgUgAAACxoAQcKAIuAXUbsMD6DO86HZDp5bIMdpkBZkQe8zzS3KA6t9vqpmWtCrwFO7GWzLaX5RpXlRGVjRIMdOhqOZZcDtmJ9VVM7WMXuvjm667MCPlE7eotHV2xvVyoxabkiJ8SKl1HwSwSMRwzfCH6eAq_iIAO13-A8HxA7DsElinwOhLt1pdZrs5bxCgP5OByka4CGmQG97dwV_snmJ0UhKIYhnq0ua0TWnA-kQk5E7e74QYLn_i4MFyFDLXndRhDZRIuXUQLvIu9PMYVhe7UfbfuJmrEKTD7l_AS0cJ2DNWFCyrA-307GKIHLFYgltCNQfdVeG1NY9VwqxbmSgzriyCwv8Kl9W5YWnnQLcNgwzH5JXEtxbMv68m94ugQ5bLMMXq0VUe9LLzLPH9HG4GAb1oGpdjO6qGUI02pg50Mxhg3iQm9xw5hXKgXOf2Ala4D7FN0LGENuYvDUQoxXE1S-vImQoucoQsTJoyrvcNzcRvtid4-JMWIw8YPiCAcxIV_fh9w-rdsU1t3oepSj2GERMX_VIdeZw8DZPcbr1LhUMtolGE3C4vqyE9Mi-3a-iGh-HEZsw5LHKBx8FgBjmJX2jth9K1yMSSOpwhRqWAs6d7YAEm4dHdrExoskZnArHxpe4wi4wk8pzMHQFiapjpEx3fg1Tw6lQrC9CRrDvVLxUQoV4GXZEJCBzGDKjyl7qaJO8hf_1S_Ig2H0Qr9CwzcUW8ndoalR9FXs5UPFOet6_QmoM2erHeyTOQtIBNiW0ttwKqXILr5TZCIBbkqR3DHyF5e6vQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 41ms
40ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=45aca59f-72ff-c451-cb38-2136aeb527f3&tv={c:wTRMz0,time:5348,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5348,n:0,pp:0,pm:0},slEvents:[{sl:o,t:180,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5177~0],as:[5177~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:39,fm:sjaX4oS+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h*.10507|1h1|1i.10507|1i1|1j.10507|1j1|1k1|1k2|1l.10507|1l1|1m|1n,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:47 GMT
X-Server-Name: dt39ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 38ms
37ms Image
image/gif 104.244.39.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=14cf0d8b-8afe-abe9-b99e-5c5562c209e2&tv={c:wTRMzB,time:5417,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5417,n:0,pp:0,pm:0},slEvents:[{sl:o,t:236,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5188~0],as:[5188~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:35,fm:sjaX4oS+11|12|13|14|15|16|17|18|19|1a|1b1|1c1|1d|1e|1f|1g|1h1|1h2|1i*.10507|1i1|1j.10507|1j1|1k1|1k2|1l.10507|1l1|1m|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Dec 2020 19:42:47 GMT
X-Server-Name: dt17ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 114ms
113ms Image
image/gif 18.205.230.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CngQoDDPMdJxCop0V_&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=9932&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=5192&t=C0hJqYi9mj__PFnpBHh4nKDDKhZC&V=121&tz=-60&_acct=anon&sn=2&sv=C_TrjBn6vnoUToWIpsxpWDAj5tI&sd=1&im=06030402&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.230.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Dec 2020 19:42:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: heraldsun.digitaleditions.com.au
URL: http://heraldsun.digitaleditions.com.au/

Verdicts & Comments Add Verdict or Comment

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imrworldwide.com/	1970-01-20 00:01:10	Name: IMRID Value: 8924ca41-3e44-11eb-a620-4547972e71e1
.imrworldwide.com/	1970-01-20 00:01:10	Name: SSCVER Value: v1
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: hs%257Chome%257Chomepage%257Chomepage%2C12%2C12%2C1200
.heraldsun.com.au/	1969-12-31 23:59:59	Name: tp Value: 9932

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbnails-midrail-native
console-api	log	URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18) Message: UTRACK loaded (from tealium)
console-api	log	URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3) Message: vidora-client 1.3.3 68d5ea1ec45c96bafd89f1a57b8aa2345fbf87f3
console-api	log	URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1) Message: %c Vidora API finished initializing! background: #222; color: #b9da52
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32) Message: a: 0.002197265625 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5af29a8e53f898387fd48b26683e156a.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.nl
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
bh.contextweb.com
bs.serving-sys.com
bttrack.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dt.adsafeprotected.com
e1.emxdgt.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heraldsun.digitaleditions.com.au
ib.adnxs.com
ice.360yield.com
id5-sync.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s1.rui.au.reastatic.net
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
script.hotjar.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.hotjar.com
sync-t1.taboola.com
sync.taboola.com
t.co
tags.news.com.au
tags.tiqcdn.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
uconnect.tealiumiq.com
use.fontawesome.com
vars.hotjar.com
widget.perfectmarket.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.heraldsun.news.com.au
www.linkedin.com
www.news.com.au
www.storygize.net
x.bidswitch.net
heraldsun.digitaleditions.com.au
104.244.39.20
104.244.42.131
104.244.42.197
104.75.88.116
104.75.88.206
108.128.13.248
13.32.6.63
141.226.224.32
141.226.228.48
15.237.136.106
151.101.113.108
151.101.113.44
151.101.114.217
151.101.12.157
151.101.13.44
151.101.193.181
151.101.65.195
172.105.220.23
172.217.16.166
172.217.21.226
172.217.23.130
174.137.133.49
178.250.0.163
18.195.155.181
18.205.230.34
184.30.216.184
185.33.221.91
185.64.189.110
185.86.139.115
192.132.33.46
198.148.27.139
2.16.186.90
2.17.176.249
2.18.233.28
23.111.9.35
23.37.53.17
23.37.61.47
2600:9000:206e:1000:18:1fcd:34e:d2a1
2600:9000:206e:6600:1e:a43d:b640:93a1
2600:9000:20a5:6a00:8:48e:53c0:93a1
2600:9000:2104:3000:4:77d:a0c0:93a1
2600:9000:2104:6000:2:42d9:3100:93a1
2600:9000:2104:b800:2:42d9:3100:93a1
2600:9000:211a:8e00:1e:c291:240:93a1
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::2008
2a00:1450:4001:817::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:824::2004
2a00:1450:4001:825::2001
2a02:26f0:6c00:296::25ea
2a04:fa87:fffd::c000:42d0
2a05:f500:11:101::b93f:9005
3.127.129.22
35.158.80.187
35.227.202.26
37.252.173.62
52.214.20.184
52.37.186.218
52.49.200.205
52.57.142.16
52.58.161.11
52.95.128.187
52.95.134.70
54.194.171.8
54.195.113.118
54.36.109.183
54.77.207.73
65.9.73.11
65.9.73.36
65.9.73.42
65.9.73.9
65.9.78.118
69.173.144.165
72.251.249.9
82.199.68.73
99.81.11.244
007677223219409bd154cfc5ecfad6b9fd6b5ee641f3933f49c5a3d409762542
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3
07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
0abeec6125f9e84e6bdb0a3d0ec88f5c9364aec0f2fd73e5ad1e557fdb5ba410
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c56a21524db6a9ae3e1969698a146013f95b2fab9ac4ed167048d7e5d3c0830
0d65919743905ca954e12255f116be6594f5c6ec20fab63ad2295ae71da41658
1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c
120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7
16f44dcf26fe1b334e245dfa367de811f99b4018eff8b9b6e03faadc45f6a0ce
18e10eaea2fd0677f5bca0dd9c3ad10320c4131b62247441c89547727a293fda
1b94033b131d99d3541f5da66f004d4a49e491c20c28e82635554e155a3b2293
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
2106309b539a1d5dd1b2f6e8b8bf24fb71082cb256f91b4b30f42239ef37ef03
27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38
27b84d365ac2c0bf6a2222e0f592f6d8bc4aec62dea1896f6267c40d9369cc8b
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2ba257240ffc08c6b68d4bca0a95796e0244b065df669aaa532f81064f4673b4
2fa62fdf8e026049d48ee5b0227b6cde543ff47ae4d3a7ee43b360f9d154305f
325e0707f13a8f6fbee133bee8a18c507ddfd16efd810acba694e5ce6195b56a
33a501cd209d877bfd8058b1a455c94153f7b6905cbd05c7dd20bb4705c6ee45
36a40f720f95e0cc9e0259f9942c365cc5a4a6be3019a754179fe918d05f8b69
386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
3c72f04928c99f038b7f23fc7a76db519d918f59a3f921acbc3dd052fe28a57f
3d2b3ea6223a753292e252a6543d80fe52e293f946d2986656b32d558902aadb
3d46904b944d38dac0fe78cc6c3aad567ac826a9079ce9522147ef1c7feb158b
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc
43fc6a366e88947335c17d8a4c2e8597d6ec23a4bd471d9ed93c6ca8b34bd970
46978ef096532138a7e8bc9b6b8b4df825c86880d2be04b44528a1c0f0a49edc
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4ec4545ad59e9dbde642d7a701d279ab2de4bc182633de2375ef01d6c2dfff24
53c25ccb7181178c52c32fdf5e58a55d730bbfe8e45db600886adfb33d88411b
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
55e3f13f2d07653ad7b8ea7ef3e5e92c8a5e06404788457a4e67d95d855d0a33
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
58216d07697cb268f0b30bd5963a1515dd4ee3b5b185151bdb99d041f0fa73fc
59975bdd0f321322b71c53f037abce397beb110e9e8937e25d40cc14d8d6c7a9
5a0bbf013e886a3e45a8258884e07f1f28d0b0957c9142a5359a7b8105779d32
5a2e775be063c9500eb603fc4795e53e52bae4c9b07eeed597fdac1e1efd87f5
5b00638a45fb3c677c32cbcd779230420ada3b5d348da75e2af3395e424bd7eb
5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
61face5df6511fc28385fc22e99658cfd5f3c23d21a0f2f440dab23d6409d346
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
6361112047421787e10603e842e8eb866d789890f717416855ad73422b73d316
655a6828be460d9a354c7074262ad2dbf394112273fe6201b59b8b482235110f
66694965aa13afd3d779657cf79e28f57663fc48bd2392c8eb5eaf6c7b8070a7
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cdc46bd741ea434a62afefedad537b39f6ca9b52aea4f5828a2b2f27c419882
6ed58c077470287394e92bc3468baaac3ba7e54de279906c88b2697fa5deaa0b
6f1c314b380c34ca12da85c6940d18d9a76df9109db9b1379aa24db82181bc70
751d3c6aaa3629df3f420185c654ce47ee59ac60d27f8b318b4ad9cf4a088d0d
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
7aa0de94f2a1424b10a2a72a14372c7ebd96a41a96cc86aff80bdd7e1f2a3782
7eab82ead1480897c3dedd5c6b4ef4ec553efacdca1ce23c3acd6bd8e9621046
83757da3811545954d6cef42f43f8811a71d334821a4cc27cbcf6f6ac96ba404
83a75162271c69203616574e9f7849e91eff4e86e449bfe02f63c0b696c84f9d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
91350974029c7daf6f24a0f9d3a2ad3f003923f59144fe0f43e26de77eade3eb
91d684c672c0a1dfd501546262b91d820d8c25bf5ff2968605c50123b5ebffe6
93b175796385750b38fd82e8e644a731aa51296a1a405fae8a12907be3e9eb39
945998a43adbb8d75feb5502e4159621efe8a89608c8f63f2157678b544eb346
98f8a2c98ac83d43fdbc6aae7d89cede6d06fec4e812743a26c8ba4d5517f9a7
9c8520255fc8286aa2c151bd1422373a0505b90ef50496c79be3b6fb9284c0d2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2bafb253e95298abf7b692d498491ce5c9f68212dacc824b9a4ce3b7b914247
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
aef78a0650f1c89487e7834c0425b7c716b8baaa454787b890001305f24d7a26
af1f298c793498fe8d6ad4006cff127be33466755c69ba3f28c58c23d9ceed55
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835
b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda
b796c8f47371ad18735c4cacc482a73848a057f91f05fdb51ffc38018dc7fabd
b7b2eec2a7ccb990422ac9c7aef5f9a3fca8ad9cb69fc98a2a128de953f83064
b86b3755f5e94b951b89e2639504a9c89f4668df829fa7c63d2225ea6b5716c1
bcb15c28e75bc90c294250501c077c01b71014bb67e3c0eb48349d9e45ada52f
befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040
c1242cd5577ab53191d8d2ae7b5400846f20cda2c922867916b6d6c560fb6908
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c458b849e569b3ca6d4380d2f2f33ce738dfdd2efc0c8eb641c1231a5781bde6
c4a59d885c11b81aa6e054e845be26c151f7de4a5f227197f48562d387a8b73d
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
cc78de41fff36532878acb8cac41a699e03b5179b8f486e7eabef64ebb85ca41
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda
d42605a78277db9f4d4b35ac625ec962a9698bd859d5341aa995ab195aa54d27
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
d6d59951dee3a8fb394bcb5c8fd164970dd99847f3721a2eb76f933290870844
d875219a011d6d5636fa9b38227f771f57a4ee69ba6617406ed8c15573ed704d
d8eecac242b66125024559089a5085b56b8e5bf78bc9bb664480a72077c8d8ba
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
db922613dfbf6989f3f04d56586bc94be9c0bf54cd72af1269936ffa51b0bddd
dcb8120b9adc65a196186b78077bae839c686f1945cb59d4413e5739ddc1c556
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e99772ee3b4111414156aa8b0d3cc59a03e9d6512b6b701ba7e96cd646e78b49
eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8
ebaf330ad588600b4b748410b4f77f3cd9c4abc18e3a240156bc6ac9814cf896
eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef024a5f6a6afe4d445fd60002ff33e71b80ca52cbaab97153e31ab62b40d379
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5fa8602198232e4f3704cf1dc886cb295af0f9906b0c9d63777b5f49852b84
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503
fcd9ab1c0dc641633a0da4c080985862f7cab586f1ceebb267bc31422d9a76d9
fe78fc7cfda2c628ebd9b2335dd306f895c674acff378abdc98684385adcab17

www.heraldsun.com.au Open in urlscan Pro 2.18.233.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

273 Requests

98 %HTTPS

27 %IPv6

57 Domains

92 Subdomains

74 IPs

9 Countries

5363 kBTransfer

8815 kBSize

4 Cookies

55 Outgoing links

Page URL History

Redirected requests

273 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Screenshot
Live screenshot

Full Image

273
Requests

98 %
HTTPS

27 %
IPv6

57
Domains

92
Subdomains

74
IPs

9
Countries

5363 kB
Transfer

8815 kB
Size

4
Cookies

273 HTTP transactions
0 data transactions