www.heraldsun.com Open in urlscan Pro
104.111.219.128 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heraldsun.com/
Effective URL:
https://www.heraldsun.com/
Submission Tags: tranco_l324
Submission: On November 03 via api (November 3rd 2021, 7:43:07 am UTC) from DE — Scanned from DE

Summary HTTP 231 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 68 IPs in 7 countries across 56 domains to perform 231 HTTP transactions. The main IP is 104.111.219.128, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 23rd 2021. Valid for: 7 months.

This is the only time www.heraldsun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	166.108.36.245 166.108.36.245	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
45	104.111.219.128 104.111.219.128	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
5	108.128.120.92 108.128.120.92	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.87.70 13.225.87.70	16509 (AMAZON-02) (AMAZON-02)
1	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1	18.200.165.55 18.200.165.55	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	54.75.68.230 54.75.68.230	16509 (AMAZON-02) (AMAZON-02)
2	63.33.35.188 63.33.35.188	16509 (AMAZON-02) (AMAZON-02)
8 9	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
4	52.222.247.46 52.222.247.46	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:b000:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:6e00:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.194 151.101.1.194	54113 (FASTLY) (FASTLY)
1	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
1 2	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.7.60 65.9.7.60	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	13.32.99.35 13.32.99.35	16509 (AMAZON-02) (AMAZON-02)
19	151.101.2.27 151.101.2.27	54113 (FASTLY) (FASTLY)
1 2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
6	52.9.67.232 52.9.67.232	16509 (AMAZON-02) (AMAZON-02)
1	52.46.131.178 52.46.131.178	16509 (AMAZON-02) (AMAZON-02)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	52.217.91.150 52.217.91.150	16509 (AMAZON-02) (AMAZON-02)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	3.221.31.176 3.221.31.176	14618 (AMAZON-AES) (AMAZON-AES)
8	166.108.36.240 166.108.36.240	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	2.21.143.57 2.21.143.57	16625 (AKAMAI-AS) (AKAMAI-AS)
1	92.123.225.72 92.123.225.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
31	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
1	54.91.59.199 54.91.59.199	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:225... 2600:9000:225e:e200:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.242.140.187 34.242.140.187	16509 (AMAZON-02) (AMAZON-02)
4	3.223.38.51 3.223.38.51	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	18.66.112.4 18.66.112.4	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:e600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b140:3161:8a8b:ea8c:5d8b	14618 (AMAZON-AES) (AMAZON-AES)
1	34.206.124.188 34.206.124.188	14618 (AMAZON-AES) (AMAZON-AES)
2 5	52.0.240.240 52.0.240.240	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:444... 2600:1f18:444a:4680:6bbe:49e:bc45:59	14618 (AMAZON-AES) (AMAZON-AES)
1 2	104.89.42.102 104.89.42.102	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	18.157.198.157 18.157.198.157	16509 (AMAZON-02) (AMAZON-02)
1 1	52.200.181.105 52.200.181.105	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
2	3.126.7.159 3.126.7.159	() ()
231	68

1 166.108.36.245 (United States) 1 redirects

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet831.ejoco.com

heraldsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 104.111.219.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-128.deploy.static.akamaitechnologies.com

www.heraldsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.kansascity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.thestate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.charlotteobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.128.120.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-120-92.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-70.fra2.r.cloudfront.net

mcclatchy-heraldsun.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.165.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-165-55.eu-west-1.compute.amazonaws.com

mcclatchy.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

mcclatchy.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.68.230 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-68-230.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.35.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-35-188.eu-west-1.compute.amazonaws.com

mcclatchy.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.2.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.247.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-247-46.fra60.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:b000:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:6e00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.141.232 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.60 (Altamonte Springs, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.2.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.241 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.9.67.232 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-67-232.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.131.178 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.91.150 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.31.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-31-176.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 166.108.36.240 (United States)

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet846.ejoco.com

publicapi.misitemgr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.143.57 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-57.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.225.72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-72.deploy.static.akamaitechnologies.com

ntvcld-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:e200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.140.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-140-187.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.223.38.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-38-51.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.4 (United States)

ASN16509 (AMAZON-02, US)

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:e600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:3161:8a8b:ea8c:5d8b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.124.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-124-188.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.0.240.240 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-240-240.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:444a:4680:6bbe:49e:bc45:59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.42.102 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.157.198.157 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-198-157.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.181.105 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-181-105.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.7.159 (None, )

ASN- ()

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	1 MB
34	heraldsun.com 1 redirects heraldsun.com www.heraldsun.com	675 KB
15	boltdns.net cf-images.us-east-1.prod.boltdns.net manifest.prod.boltdns.net	1 MB
11	liadm.com 3 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com i6.liadm.com	18 KB
10	everesttech.net 9 redirects cm.everesttech.net lasteventf-tm.everesttech.net sync-tm.everesttech.net	2 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	214 KB
8	misitemgr.com publicapi.misitemgr.com	66 KB
8	brightcove.com edge.api.brightcove.com	31 KB
8	doubleclick.net 2 redirects cm.g.doubleclick.net pubads.g.doubleclick.net stats.g.doubleclick.net	6 KB
7	cookielaw.org cdn.cookielaw.org	116 KB
6	postrelease.com jadserve.postrelease.com	5 KB
6	demdex.net dpm.demdex.net mcclatchy.demdex.net	10 KB
6	googleapis.com fonts.googleapis.com imasdk.googleapis.com	884 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	stackadapt.com 1 redirects tags.srv.stackadapt.com sync.srv.stackadapt.com	7 KB
5	charlotteobserver.com www.charlotteobserver.com	189 KB
5	newsobserver.com www.newsobserver.com	235 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	219 KB
4	p-n.io cdn.p-n.io k.p-n.io	59 KB
4	facebook.com www.facebook.com	2 KB
4	omtrdc.net mcclatchy.sc.omtrdc.net mcclatchy.tt.omtrdc.net	4 KB
4	google.com www.google.com adservice.google.com	2 KB
3	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	41 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	onetrust.com geolocation.onetrust.com	817 B
2	addthis.com 1 redirects x.dlx.addthis.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	959 B
2	google-analytics.com www.google-analytics.com	20 KB
2	quantserve.com edge.quantserve.com pixel.quantserve.com	10 KB
2	facebook.net connect.facebook.net	114 KB
2	moatads.com z.moatads.com s-jsonp.moatads.com	55 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	471 B
2	amazonaws.com sqs.us-east-1.amazonaws.com s3.amazonaws.com	10 KB
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	parsely.com cdn.parsely.com p1.parsely.com	24 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	85 KB
2	cloudfront.net d15kdpgjg3unno.cloudfront.net dyv1bugovvq1g.cloudfront.net	18 KB
2	crwdcntrl.net ad.crwdcntrl.net tags.crwdcntrl.net	317 B
1	taboola.com trc.taboola.com	238 B
1	mathtag.com 1 redirects sync.mathtag.com	645 B
1	google.de www.google.de	501 B
1	quantcount.com rules.quantcount.com	1 KB
1	imrworldwide.com secure-us.imrworldwide.com	369 B
1	ipify.org api.ipify.org	256 B
1	akamaihd.net ntvcld-a.akamaihd.net	2 KB
1	pubmatic.com image2.pubmatic.com	548 B
1	2mdn.net s0.2mdn.net	17 KB
1	privacymanager.io geo.privacymanager.io	594 B
1	rlcdn.com ats.rlcdn.com	61 KB
1	ntv.io s.ntv.io	113 KB
1	thestate.com www.thestate.com	41 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	zeustechnology.com mcclatchy-heraldsun.zeustechnology.com	52 KB
1	kansascity.com media.kansascity.com	931 B
231	56

	Domain	Requested by
33	www.heraldsun.com	www.heraldsun.com
31	pbs.twimg.com	www.heraldsun.com
11	manifest.prod.boltdns.net	www.heraldsun.com
8	publicapi.misitemgr.com	www.heraldsun.com
8	edge.api.brightcove.com	www.heraldsun.com
8	sync-tm.everesttech.net	8 redirects
7	platform.twitter.com	www.heraldsun.com platform.twitter.com
7	cdn.cookielaw.org	www.heraldsun.com cdn.cookielaw.org
6	jadserve.postrelease.com	s.ntv.io www.heraldsun.com
5	x.bidswitch.net	5 redirects
5	i.liadm.com	2 redirects b-code.liadm.com i.liadm.com
5	imasdk.googleapis.com	www.heraldsun.com imasdk.googleapis.com
5	www.charlotteobserver.com	www.heraldsun.com
5	www.newsobserver.com	www.heraldsun.com
5	dpm.demdex.net	www.heraldsun.com i.liadm.com
4	tags.srv.stackadapt.com	www.heraldsun.com tags.srv.stackadapt.com
4	pubads.g.doubleclick.net	imasdk.googleapis.com
4	www.facebook.com	www.heraldsun.com
4	cf-images.us-east-1.prod.boltdns.net	www.heraldsun.com
4	fonts.gstatic.com	fonts.googleapis.com
3	sb.scorecardresearch.com	1 redirects www.heraldsun.com
3	cm.g.doubleclick.net	2 redirects www.heraldsun.com
3	geolocation.onetrust.com	cdn.cookielaw.org www.heraldsun.com
3	www.google.com	www.heraldsun.com www.gstatic.com
2	k.p-n.io	cdn.p-n.io
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	i6.liadm.com	i.liadm.com
2	match.adsrvr.org	2 redirects
2	cdn.p-n.io	www.heraldsun.com cdn.p-n.io
2	www.google-analytics.com	www.heraldsun.com www.google-analytics.com
2	b-code.liadm.com	www.heraldsun.com b-code.liadm.com
2	connect.facebook.net	www.heraldsun.com connect.facebook.net
2	ton.twimg.com	platform.twitter.com
2	sync.search.spotxchange.com	1 redirects www.heraldsun.com
2	us-u.openx.net	1 redirects www.heraldsun.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	ib.adnxs.com	1 redirects www.heraldsun.com
2	js.matheranalytics.com	1 redirects www.heraldsun.com
2	dsum-sec.casalemedia.com	1 redirects www.heraldsun.com
2	confiant-integrations.global.ssl.fastly.net	www.heraldsun.com confiant-integrations.global.ssl.fastly.net
2	mcclatchy.tt.omtrdc.net	www.heraldsun.com
2	mcclatchy.sc.omtrdc.net	www.heraldsun.com
1	trc.taboola.com	i.liadm.com
1	sync.srv.stackadapt.com	1 redirects
1	sync.mathtag.com	1 redirects
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	www.google.de
1	pixel.quantserve.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	edge.quantserve.com
1	edge.quantserve.com	www.heraldsun.com
1	secure-us.imrworldwide.com
1	api.ipify.org	www.heraldsun.com
1	s-jsonp.moatads.com	www.heraldsun.com
1	ntvcld-a.akamaihd.net	www.heraldsun.com
1	z.moatads.com	s.ntv.io
1	cdn.syndication.twimg.com	platform.twitter.com
1	image2.pubmatic.com	www.heraldsun.com
1	adservice.google.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	www.i.matheranalytics.com	www.heraldsun.com
1	s3.amazonaws.com	www.heraldsun.com
1	p1.parsely.com	www.heraldsun.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	geo.privacymanager.io	ats.rlcdn.com
1	cdn.parsely.com	www.heraldsun.com
1	tags.crwdcntrl.net	www.heraldsun.com
1	dyv1bugovvq1g.cloudfront.net	www.heraldsun.com
1	d15kdpgjg3unno.cloudfront.net	www.heraldsun.com
1	ats.rlcdn.com	www.heraldsun.com
1	s.ntv.io	www.heraldsun.com
1	www.thestate.com	www.heraldsun.com
1	pixel.rubiconproject.com	www.heraldsun.com
1	lasteventf-tm.everesttech.net	www.heraldsun.com
1	cm.everesttech.net	1 redirects
1	mcclatchy.demdex.net	www.heraldsun.com
1	ad.crwdcntrl.net	www.heraldsun.com
1	mcclatchy-heraldsun.zeustechnology.com	www.heraldsun.com
1	www.gstatic.com	www.google.com
1	media.kansascity.com	www.heraldsun.com
1	fonts.googleapis.com	www.heraldsun.com
1	heraldsun.com	1 redirects
231	83

This site contains links to these domains. Also see Links.

Domain
account.heraldsun.com
heraldsun.mycapture.com
t.news.heraldsun.com
games.heraldsun.com
www.legacy.com
placead.mcclatchy.com
go.mcclatchy.com
classifieds.mcclatchy.com
jobs.newsobserver.com
www.facebook.com
twitter.com
www.youtube.com
mcciservices.newscyclecloud.com
digital.olivesoftware.com
www.mcclatchy.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert SHA2 Secure Server CA	`2021-06-23` - `2022-02-01`	7 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.zeustechnology.com Amazon	`2021-05-15` - `2022-06-13`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.prod.boltdns.net Amazon	`2020-12-08` - `2022-01-06`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.adapter.ooyala.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-13` - `2022-06-14`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-26`	a year	crt.sh
queue.amazonaws.com Amazon	`2021-10-15` - `2022-10-07`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
*.misitemgr.com Entrust Certification Authority - L1K	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-12` - `2021-11-10`	3 months	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
pushlycdn.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.p-n.io Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.heraldsun.com/
Frame ID: CDAD40A375940AFCBFD1E074078F02B5
Requests: 137 HTTP requests in this frame

Frame: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: C871E1B2B53CB994C81C50B9B7A136BD
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbTo0NDM.&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&badge=inline&cb=6yk1r1wybt6z
Frame ID: 3BD4EDB0F06B03D1AE46B5581196C502
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.heraldsun.com
Frame ID: 60F034CF1FB9513BC0712338F15ECEE5
Requests: 2 HTTP requests in this frame

Frame: https://sb.scorecardresearch.com/beacon.js
Frame ID: 655239C0E95A8012BB2885E61DF19FB5
Requests: 2 HTTP requests in this frame

Frame: https://js.matheranalytics.com/static/ltm/ma12095/all/6/ml.br.js
Frame ID: C6330401430180C0AC0961F3196D1B59
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Frame ID: 121C1BE7EF0864417228611E50D0FAE0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Frame ID: D8DA7F613A4D161988683581ADE92B33
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Frame ID: 6EC782563975A1499EFD463E15E33BBE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Frame ID: E831A1A159366370041EE7CC3A4F2D63
Requests: 2 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1455644446360576006/MuLuMbfj?format=jpg&name=600x314
Frame ID: 5512C0FD836E1977B733343B815E7FBF
Requests: 38 HTTP requests in this frame

Frame: https://connect.facebook.net/en_US/fbevents.js
Frame ID: BA5935A84132CF9873E0A560A6C439AC
Requests: 5 HTTP requests in this frame

Frame: https://b-code.liadm.com/a-01dx.min.js
Frame ID: 6F6E662524B8FD195F3C19AB94A4BFC5
Requests: 3 HTTP requests in this frame

Frame: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldsun.com/&rp=&ts=compact&rnd=1635925380050
Frame ID: 76BF78F0A60E42CD34A0553D0213F42A
Requests: 1 HTTP requests in this frame

Frame: https://tags.srv.stackadapt.com/events.js
Frame ID: C8B8C2A5DBD66EBF4F6AA665E177A0D7
Requests: 4 HTTP requests in this frame

Frame: https://edge.quantserve.com/quant.js
Frame ID: EC798CA66262AE0C4D0A5CEDFACFC07D
Requests: 3 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: FC35382DD57BE8358C33E4FCE0456CA6
Requests: 5 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01dx?s=&cim=&ps=true&ls=true&duid=d8a7e464eac4--01fkjc0mhabs8vaq6v99v7pgyv&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: 2C99245EDD25908E7B3C37EF89DC0B70
Requests: 8 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 20C2E18B853C4645CA80FA93AA20CE05
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Durham Breaking News, Sports & Crime | Durham Herald SunVideo mediaVideo mediaBack ButtonSearch IconFilter IconArrow

Page URL History Show full URLs

http://heraldsun.com/ HTTP 301
https://www.heraldsun.com/ Page URL

Page Statistics

231
Requests

90 %
HTTPS

34 %
IPv6

56
Domains

83
Subdomains

68
IPs

7
Countries

6057 kB
Transfer

12369 kB
Size

48
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://account.heraldsun.com/static/signin
Title: Sign In

Search URL Search Domain Scan URL

URL: http://heraldsun.mycapture.com/mycapture/index.asp#navlink=subnav
Title: Buy Photo

Search URL Search Domain Scan URL

URL: http://t.news.heraldsun.com/webApp/mccSignupPage?siteName=heraldsun#navlink=subnav
Title: Newsletters

Search URL Search Domain Scan URL

URL: http://games.heraldsun.com/?arkpromo=site_subnav
Title: Puzzles & Games

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/heraldsun/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://placead.mcclatchy.com/obits/raleigh/home/listItems.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-durham#navlink=subnav
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/raleigh/#navlink=subnav
Title: Classified Ads

Search URL Search Domain Scan URL

URL: https://jobs.newsobserver.com/#navlink=subnav
Title: Jobs

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/raleigh
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle255499276.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle255499276.html&text=Elaine%20O%27Neal%20elected%20Durham%20Mayor

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heraldsun.com%2Fsports%2Fcollege%2Facc%2Fnc-state%2Farticle255467716.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heraldsun.com%2Fsports%2Fcollege%2Facc%2Fnc-state%2Farticle255467716.html&text=Photos%3A%20NC%20State%20men%27s%20basketball%20faces%20Elizabeth%20City%20in%20exhibition%20game

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heraldsun.com%2Fsports%2Fcollege%2Facc%2Fduke%2Farticle255461981.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heraldsun.com%2Fsports%2Fcollege%2Facc%2Fduke%2Farticle255461981.html&text=Duke%27s%20Cutcliffe%3A%20%27I%20don%E2%80%99t%20think%20about%20job%20security%27

Search URL Search Domain Scan URL

URL: http://t.news.heraldsun.com/webApp/mccSignupPage?siteName=heraldsun
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theheraldsun

Search URL Search Domain Scan URL

URL: http://twitter.com/TheHerald_Sun

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/DurhamHeraldSun

Search URL Search Domain Scan URL

URL: https://account.heraldsun.com/static/subscribe#navlink=mi_footer
Title: Start a Subscription

Search URL Search Domain Scan URL

URL: https://mcciservices.newscyclecloud.com/cgi-bin/cmo_mcc-c-cmdb-est-01.sh/custservice/web/login.html?siteid=DUR#navlink=mi_footer
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://digital.olivesoftware.com/Olive/ODN/DurhamHeraldSun/default.aspx#navlink=mi_footer
Title: eEdition

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-herald-sun/#navlink=mi_footer
Title: About Us

Search URL Search Domain Scan URL

URL: http://t.news.heraldsun.com/webApp/mccSignupPage?siteName=heraldsun#navlink=mi_footer
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-durham#navlink=mi_footer
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/raleigh/#navlink=mi_footer
Title: Place a Classifieds

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heraldsun.com/ HTTP 301
https://www.heraldsun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://cm.everesttech.net/cm/dd?d_uuid=34045413509609073950782104324530689554 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYI9gwAAAGbvXgQz

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzQwNDU0MTM1MDk2MDkwNzM5NTA3ODIxMDQzMjQ1MzA2ODk1NTQ= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzQwNDU0MTM1MDk2MDkwNzM5NTA3ODIxMDQzMjQ1MzA2ODk1NTQ=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIKlnBDIaSy5cKvm-op6ZBA&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 49

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVlJOWd3QUFBR2J2WGdReg==

Request Chain 50

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYI9gwAAAGbvXgQz&expires=90

Request Chain 82

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYI9gwAAAGbvXgQz HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYI9gwAAAGbvXgQz&C=1

Request Chain 86

https://js.matheranalytics.com/s/ma12095/74930333/all/ml.js?cb=1578 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/6/ml.br.js

Request Chain 96

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YYI9gwAAAGbvXgQz HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYYI9gwAAAGbvXgQz

Request Chain 101

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1635925380207&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Durham%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Durham%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1635925380207&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Durham%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Durham%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com%2F&c9=

Request Chain 106

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYI9gwAAAGbvXgQz HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYI9gwAAAGbvXgQz

Request Chain 135

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYI9gwAAAGbvXgQz

Request Chain 141

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYI9gwAAAGbvXgQz&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYI9gwAAAGbvXgQz&img=1&__user_check__=1&sync_id=ab78faea-3c79-11ec-9385-1708f5200406

Request Chain 144

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYI9gwAAAGbvXgQz&t=2592000&o=0

Request Chain 217

https://rp.liadm.com/j?tna=v2.1.0&aid=a-01dx&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.heraldsun.com%2F&c=PHRpdGxlPkxpdmVDb25uZWN0IFBpeGVsPC90aXRsZT4&duid=d8a7e464eac4--01fkjc0mhabs8vaq6v99v7pgyv&se=e30&dtstmp=1635925381789 HTTP 302
https://rp4.liadm.com/j?tna=v2.1.0&aid=a-01dx&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.heraldsun.com%2F&c=PHRpdGxlPkxpdmVDb25uZWN0IFBpeGVsPC90aXRsZT4&duid=d8a7e464eac4--01fkjc0mhabs8vaq6v99v7pgyv&se=e30&dtstmp=1635925381789&i6=MjAwMTphYzg6MzY6NjoyMDg6OjE%3D&n3pc=true

Request Chain 226

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 227

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-01dx/0/0cf3ab74d1d248e68c8ea8a9d28fd6cb?mpid%3D7156%26muid%3D%5BMM_UUID%5D&c7c6212c-043a-4d83-91ca-394be900843a&us_privacy=1--- HTTP 302
https://i.liadm.com/s/e/a-01dx/0/0cf3ab74d1d248e68c8ea8a9d28fd6cb?mpid=7156&muid=af556182-3d87-4700-ad93-9700decfb6cb

Request Chain 228

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1--- HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1--- HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=7dacebd8-33e6-44fc-8d6b-fa6336ab83d6 HTTP 303
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=7dacebd8-33e6-44fc-8d6b-fa6336ab83d6

Request Chain 230

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c7c6212c-043a-4d83-91ca-394be900843a&us_privacy=1--- HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c7c6212c-043a-4d83-91ca-394be900843a&us_privacy=1---&rd=Y

Request Chain 231

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=c7c6212c-043a-4d83-91ca-394be900843a&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=c7c6212c-043a-4d83-91ca-394be900843a&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=52ddaf3e-5fdb-4f79-8606-2ef09d26f592 HTTP 303
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=52ddaf3e-5fdb-4f79-8606-2ef09d26f592

Request Chain 232

https://x.bidswitch.net/sync?ssp=liveintent&user_id=c7c6212c-043a-4d83-91ca-394be900843a&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=c7c6212c-043a-4d83-91ca-394be900843a&us_privacy=1--- HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=liveintent HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=XPXUVwz8SKtjo7EkHXLB0cIkbBQ&user_group=1&ssp=liveintent HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=52ddaf3e-5fdb-4f79-8606-2ef09d26f592

231 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldsun.com/
Redirect Chain

http://heraldsun.com/
https://www.heraldsun.com/

157 KB
26 KB

1060ms
828ms

Document
text/html

104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 01f7f5a3d4b4cb598806d186af6439616e4af42bd38a69ea787b0d38b3338e3e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-proxy-forwarding-type: BlackList
mi-api: WPS
content-type: text/html;charset=utf-8
surrogate-control: varnish=ESI/2.1
last-modified: Wed, 03 Nov 2021 07:37:27 GMT
etag: W/"27142-vr360Tiix/dPiKkCpU8gSkm/ozw"
x-varnish: 344867655, 569817233 562901918
content-encoding: gzip
x-mi-in-market: 0
server: MI
mi-cache-age: 330
vary: Accept-Encoding
mi-cache: HIT
x-akamai-transformed: 9 25411 0 pmb=mTOE,4
expires: Wed, 03 Nov 2021 07:42:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 03 Nov 2021 07:42:59 GMT
content-length: 25603
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *

Redirect headers

Date: Wed, 03 Nov 2021 07:42:58 GMT
Server: Apache
Location: https://www.heraldsun.com/
Content-Length: 234
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 core.js Show response
www.heraldsun.com/static/yozons-lib/ 347 KB
108 KB 29ms
28ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/core.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 76230ee91da9696445defff593df20e8dac3b5067da36d3e3d364fc67f8745f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 68
content-length: 110100
last-modified: Tue, 02 Nov 2021 18:30:12 GMT
server: MI
etag: W/"56ae8-5cfd27be15500"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 501031323 495595784
access-control-allow-origin: *
cache-control: max-age=81
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 65ms
26ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OPcq+YIYFFKAyM1Ar0weOg==
age: 1323458
vary: Accept-Encoding
content-length: 6350
x-ms-lease-status: unlocked
last-modified: Thu, 14 Oct 2021 05:25:41 GMT
server: cloudflare
etag: 0x8D98ED3103C1468
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c072b947-501e-014a-316c-c4aed4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a83f81448ef0f66-MXP
expires: Thu, 11 Nov 2021 07:42:59 GMT

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 23 KB
6 KB 66ms
28ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b53a8679f64261d270c8e531fe1e2b8e463f3592155dcf4c2dbc5deeab2f3b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vK1pqwR5vAdncTOZa1Txzw==
age: 12040
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 29 Jun 2021 08:52:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4562debe-501e-012c-1b6c-c41c8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6a83f81448f30f66-MXP

GET
H2 200 vendor.bundle-f5cc99e62f4013e4087d.js Show response
www.heraldsun.com/wps/build/webpack/ 396 KB
121 KB 49ms
48ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/webpack/vendor.bundle-f5cc99e62f4013e4087d.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 57a1adec57b006d2f412c1d40a6e2b1c1baf65bb50cbf5735265a6b7fe216524

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 116280
content-length: 122758
last-modified: Fri, 22 Oct 2021 17:20:05 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"631eb-17ca9045188"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 260121357, 455018028 418130132
access-control-allow-origin: *
cache-control: max-age=134843
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 mi-header.bundle-b809621a261235eaaef0.js Show response
www.heraldsun.com/wps/build/webpack/ 13 KB
5 KB 50ms
49ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/webpack/mi-header.bundle-b809621a261235eaaef0.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2973541ff7462fc85337162712d37c627b51fef84927981f4c86dc37960c8a25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 112062
content-length: 4407
last-modified: Fri, 22 Oct 2021 17:20:05 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"3463-17ca9045188"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 262477379, 403017077 375427624
access-control-allow-origin: *
cache-control: max-age=125547
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
2 KB 45ms
20ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f94f28e7998a2f1af1c2a6c9eb199d84101f1e92dbdd9e32e327fb5736826e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 07:42:59 GMT
server: ESF
date: Wed, 03 Nov 2021 07:42:59 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 03 Nov 2021 07:42:59 GMT

GET
H2 200 mi-styles.a5e50a93101b42ee5942.css
www.heraldsun.com/wps/build/webpack/css/ 205 KB
44 KB 49ms
48ms Stylesheet
text/css 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/webpack/css/mi-styles.a5e50a93101b42ee5942.css
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9ef9d4438eb2fc0e8432256a4de2046b7e623347a3786b92f0d31cbf88713293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 13
content-length: 44237
last-modified: Fri, 22 Oct 2021 17:20:13 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"333b6-17ca90470c8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 261983169, 410054379 418523326
access-control-allow-origin: *
cache-control: max-age=553555
access-control-allow-credentials: false
mi-cache: HIT
content-type: text/css;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 guid.js Show response
www.heraldsun.com/wps/source/scripts/libs/ 1 KB
967 B 60ms
59ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/scripts/libs/guid.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 64267
content-length: 547
last-modified: Mon, 27 Sep 2021 20:14:31 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"505-17c28e50858"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 116711021, 305584518 292438127
access-control-allow-origin: *
cache-control: max-age=134866
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 40ms
17ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

641c7b38de5430ec983a3286f78f0aa10305b8c7b1cd48fdf85dc2ef48275228

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Wed, 03 Nov 2021 07:42:59 GMT

GET
H2 200 74ca7467 Show response
www.heraldsun.com/akam/11/ 32 KB
11 KB 54ms
51ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/akam/11/74ca7467
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 33c91d620f0c93b4c7ba7338f07112ad8af6ca99e5c771bf7151d224fd2dc445

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:05:39 GMT
etag: "b3117c5ddeefb10cae54f28208469149a55063947b449ac204c16093f0d3b3b4"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 10409
expires: Wed, 03 Nov 2021 07:42:59 GMT

GET
H2 200 banner-promo-link.css
media.kansascity.com/livegraphics/links/ 794 B
931 B 693ms
392ms Stylesheet
text/css 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.kansascity.com/livegraphics/links/banner-promo-link.css
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4b71f0fe1bff5503351b612a14b799893729f662a24d67706809f0041acb3fbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
last-modified: Tue, 03 Sep 2019 17:52:51 GMT
server: Apache
etag: "31a-591a9c1d94908"
vary: Origin
content-type: text/css
accept-ranges: bytes
content-length: 794

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 179ms
38ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:42:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 28
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 29104
x-tw-cdn: VZ
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (mil/6CE7)
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 mi-footer.bundle-b9a47dc85e05422023bb.js Show response
www.heraldsun.com/wps/build/webpack/ 10 KB
4 KB 67ms
66ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/webpack/mi-footer.bundle-b9a47dc85e05422023bb.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 088bf99363c367a9df19e55730893261c22ca3021ee95d9e06429fff2391535f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 365897
content-length: 3660
last-modified: Fri, 22 Oct 2021 17:20:05 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"2873-17ca9045188"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 259198925, 454221809 373083449
access-control-allow-origin: *
cache-control: max-age=399441
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 vue.bundle-01d3e2dfe88c4b1b1131.js Show response
www.heraldsun.com/wps/build/webpack/ 107 KB
38 KB 69ms
68ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/webpack/vue.bundle-01d3e2dfe88c4b1b1131.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ce3daa38c75b999bcc0583f073d663e0b1805b9447d0de99128c4ef3fdecdc59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 74
content-length: 38913
last-modified: Fri, 22 Oct 2021 17:20:24 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"1ad47-17ca9049bc0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 258798150, 375459728 374221922
access-control-allow-origin: *
cache-control: max-age=553531
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 videojs.bundle-12e5a4a723a706c9d583.js Show response
www.heraldsun.com/wps/build/webpack/ 455 KB
120 KB 78ms
78ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/webpack/videojs.bundle-12e5a4a723a706c9d583.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 952d5990bfa8902cb04f15d02b1ee6bdd3805f640c6e25424a645a63521cc26a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 76
content-length: 121807
last-modified: Fri, 22 Oct 2021 17:20:24 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"71b1f-17ca9049bc0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 257444129, 375718312 372817437
access-control-allow-origin: *
cache-control: max-age=553574
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 videoStory.bundle-4010a8399c44084081b6.js Show response
www.heraldsun.com/wps/build/webpack/ 201 KB
60 KB 90ms
89ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 634dc8788bb9ea8e46f80afca5cd5f3bbe2ff69978a38b219f8e60444ae4e989

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1347
content-length: 60467
last-modified: Fri, 22 Oct 2021 17:20:24 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"32517-17ca9049bc0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 259251048, 370955808 364279388
access-control-allow-origin: *
cache-control: max-age=553582
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 footer.bundle-1f06f5f8ac3bfe589066.js Show response
www.heraldsun.com/wps/build/webpack/ 10 KB
3 KB 96ms
95ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/webpack/footer.bundle-1f06f5f8ac3bfe589066.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 345358
content-length: 2570
last-modified: Mon, 27 Sep 2021 20:16:43 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"284c-17c28e70bf8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 62096835, 156831483 79224650
access-control-allow-origin: *
cache-control: max-age=134851
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 netdale.ae5eaef66711bd84742d.js Show response
www.heraldsun.com/static/yozons-lib/ 68 KB
18 KB 40ms
37ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/netdale.ae5eaef66711bd84742d.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 03d9b5789f6b8a1f1c6432ec112101b8c7f1d388e1681c3d3d116da39d799750

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 541
content-length: 18243
last-modified: Mon, 01 Nov 2021 18:10:23 GMT
server: MI
etag: W/"10e97-5cfbe172b41c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 484284496 472415225
access-control-allow-origin: *
cache-control: max-age=470440
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.heraldsun.com/static/yozons-lib/ 42 B
394 B 51ms
49ms Image
image/gif 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/static/yozons-lib/pdp.gif?y=eyJkZXByIjoiZ2V0Q29uZmlnIn0=
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 526203
content-length: 42
last-modified: Thu, 21 Oct 2021 14:10:33 GMT
server: MI
etag: "2a-5cedd75342840"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 334327974, 406779786 303735518
access-control-allow-origin: *
cache-control: max-age=182278
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.heraldsun.com/static/yozons-lib/ 42 B
385 B 54ms
51ms Image
image/gif 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/static/yozons-lib/pdp.gif?y=eyJkZXByIjoiY3JlYXRlVHJhbnNhY3Rpb25JZCJ9
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 62870
content-length: 42
last-modified: Thu, 28 Oct 2021 13:14:07 GMT
server: MI
etag: "2a-5cf697c4585c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 500310068 487817498
access-control-allow-origin: *
cache-control: max-age=323763
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 heraldsun.dc5ff01af3e802d0715f.js Show response
www.heraldsun.com/static/yozons-lib/ 476 B
704 B 28ms
28ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/heraldsun.dc5ff01af3e802d0715f.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f4d00188c16c2063607ef58b45e63163628be5988e89aab757030955526aa052

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 541
content-length: 330
last-modified: Mon, 01 Nov 2021 18:10:23 GMT
server: MI
etag: W/"1dc-5cfbe172b41c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 481547821 478901469
access-control-allow-origin: *
cache-control: max-age=470537
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 155ms
32ms XHR
application/json 108.128.120.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_coop_safe=1&ts=1635925379314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.120.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-120-92.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e37b89816adc1bf2bd8b72476e530bbba79c16123f160d5f3ac6e1b5f2372564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v019-0cb8386ae.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: B7QA1SsLQjk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 997
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 halzid.bc343660e8897dd40fe1.js Show response
www.heraldsun.com/static/yozons-lib/ 68 KB
24 KB 62ms
61ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/halzid.bc343660e8897dd40fe1.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7522a729853e3593c2eab5a1b7b95fdafdec486661e40004e4f267d4284d5262

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 541
content-length: 23788
last-modified: Mon, 01 Nov 2021 18:10:23 GMT
server: MI
etag: W/"10f07-5cfbe172b41c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 534670023, 481579833 485526362
access-control-allow-origin: *
cache-control: max-age=470539
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 73c4e663-0eb1-4084-9ca4-30974ae6ea49.json Show response
cdn.cookielaw.org/consent/73c4e663-0eb1-4084-9ca4-30974ae6ea49/ 3 KB
2 KB 104ms
65ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/73c4e663-0eb1-4084-9ca4-30974ae6ea49/73c4e663-0eb1-4084-9ca4-30974ae6ea49.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b6ed40dc00c0854a03bce29edcc687d7b00da2c485675aec7a2099058cf840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: H9N+9XbU5/+fPTmvHvs4nQ==
vary: Accept-Encoding
content-length: 1278
x-ms-lease-status: unlocked
last-modified: Thu, 20 Aug 2020 15:58:09 GMT
server: cloudflare
etag: 0x8D84521D6076A08
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a3f45990-601e-012f-7586-d01f89000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a83f8151e3d0e0e-MXP
expires: Wed, 03 Nov 2021 11:42:59 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 187 B
214 B 75ms
34ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61d6342459611b40b00cdd63cc6b615d5543eb17b3136914099b8c900429e67f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6a83f8153b160f4e-MXP

GET
H2 200 geofeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 187 B
386 B 73ms
31ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7895c8a0556fc47345fdd060c3533c9d8a89fd5f24fb67a36443f0563588bac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6a83f8153b190f4e-MXP

GET
H2 200 identityModulev3.min.js Show response
www.heraldsun.com/wps/source/scripts/libs/ 35 KB
11 KB 33ms
30ms XHR
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/scripts/libs/identityModulev3.min.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 106179
content-length: 11142
last-modified: Fri, 22 Oct 2021 17:18:11 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"8dbb-17ca9029438"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 249165906, 403323422 375111566
access-control-allow-origin: *
cache-control: max-age=134907
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ 16 KB
16 KB 54ms
15ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:00 GMT
x-content-type-options: nosniff
age: 94259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16180
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:43:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Nov 2022 05:32:00 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v16/ 27 KB
27 KB 61ms
21ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v16/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 09:50:35 GMT
x-content-type-options: nosniff
age: 510744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27412
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:37:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 09:50:35 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ 16 KB
16 KB 62ms
28ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 09:50:35 GMT
x-content-type-options: nosniff
age: 510744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16056
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:44:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 09:50:35 GMT

GET
H2 200 logo.svg
www.heraldsun.com/wps/build/images/heraldsun/ 7 KB
4 KB 54ms
54ms Image
image/svg+xml 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/wps/build/images/heraldsun/logo.svg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8b4bf46a7ee17fa868ac3a6ed47a74783271577c926748bcdbe6327921fca200

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 56601
content-length: 3240
last-modified: Mon, 27 Sep 2021 20:16:43 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"1c45-17c28e70bf8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 46692485, 83977082 73744596
access-control-allow-origin: *
cache-control: max-age=134938
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-headers: *

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ 348 KB
136 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com/
Origin: https://www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:17:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139303
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 04:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 03 Nov 2022 07:17:43 GMT

GET
H2 200 main.js Show response
mcclatchy-heraldsun.zeustechnology.com/ 226 KB
52 KB 65ms
16ms Script
application/javascript 13.225.87.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-heraldsun.zeustechnology.com/main.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/netdale.ae5eaef66711bd84742d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1650041b6f1a7c2095fba3c33149a736494922bc39c7b08bcbaffcd03140a2b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: RxkbcYoFYXLtUuIdXXXxumL14NBgjzZF
content-encoding: br
last-modified: Tue, 14 Sep 2021 14:16:08 GMT
server: AmazonS3
age: 1237
etag: W/"6c1f124b5117a5e33ee96be26e265846"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=3600
date: Wed, 03 Nov 2021 07:22:23 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: aBa5f-51kYFFNlEEiJaSU17rA3wULv0KlWXoRCp-Ud6vzhmGhoex8g==

GET
H2 200 callback=mi.ads.extractPid Show response
ad.crwdcntrl.net/5/c=7436/pe=y/ 82 B
317 B 106ms
30ms Script
application/javascript 52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=7436/pe=y/callback=mi.ads.extractPid
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:42:59 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.31
content-type: application/javascript;charset=utf-8
content-length: 82
expires: 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 189 B
217 B 27ms
27ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fbee1118e2f0183e4f02ad8968e1758861d8872550d2ced4eba3bd43b239118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6a83f8157b670f4e-MXP

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
68 KB 25ms
24ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 1330493
vary: Accept-Encoding
content-length: 69711
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: aa0b88c3-101e-00ca-066c-c44b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a83f815aafe0f66-MXP
expires: Thu, 11 Nov 2021 07:42:59 GMT

GET
H/1.1 200
OK dest5.html Show response
mcclatchy.demdex.net/ Frame C871 7 KB
3 KB 150ms
33ms Document
text/html 18.200.165.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.165.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-165-55.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 3 Nov 2021 07:42:59 GMT
DCS: dcs-prod-irl1-2-v019-0724f3096.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 14 Oct 2021 11:09:03 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: CBr9FN3LSJA=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
mcclatchy.sc.omtrdc.net/ 2 B
318 B 61ms
16ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=34501830034510774280721781856418079141&ts=1635925379474

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-b4c7fdd79-gft5m
vary: Origin
x-c: main-1540.I13d07b.M0-522
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YYI9gwAAAGbvXgQz
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=34045413509609073950782104324530689554
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYI9gwAAAGbvXgQz

42 B
943 B

37ms
35ms

Image
image/gif

108.128.120.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYI9gwAAAGbvXgQz

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

HTTP/1.1

Server

108.128.120.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-120-92.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-026df6ecb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: WHNRfCmCQ9Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYI9gwAAAGbvXgQz
Date: Wed, 03 Nov 2021 07:42:59 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 pdp.gif
www.heraldsun.com/static/yozons-lib/ 42 B
394 B 371ms
371ms Image
image/gif 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/static/yozons-lib/pdp.gif?y=eyJpZCI6Im1pX2FzX2R1cl8zNDUwMTgzMDAzNDUxMDc3NDI4MDcyMTc4MTg1NjQxODA3OTE0MV8xXzBfMTYzNTkyNTM3OTQ3NSIsImRlcHIiOiJnZXRDb25maWcifQ==
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 343907
content-length: 42
last-modified: Thu, 28 Oct 2021 13:14:07 GMT
server: MI
etag: "2a-5cf697c4585c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 487817497, 499382597 431461547
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

POST
H2 200 delivery Show response
mcclatchy.tt.omtrdc.net/rest/v1/ 404 B
563 B 122ms
41ms XHR
application/json 63.33.35.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=54ad8da6433e4f43b02e3b5a2a930a76&version=2.3.0
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.35.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-35-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d74b5cd189c502f7772e060ef28c1ef31d7e20e040c35ff98e72aee00cd86546

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.heraldsun.com
date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: f1ea0ecbb71c8c12496519c39f201aa1
content-type: application/json;charset=UTF-8

POST
H2 200 delivery Show response
mcclatchy.tt.omtrdc.net/rest/v1/ 2 KB
944 B 139ms
58ms XHR
application/json 63.33.35.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=54ad8da6433e4f43b02e3b5a2a930a76&version=2.3.0
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.35.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-35-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 186816bf1afa74aad8324bff3e55f2890c723db29800f80fa76e448be7d2fd3b

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.heraldsun.com
date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 4e3d89c326cf4db8bc780c99374769d8
content-type: application/json;charset=UTF-8

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/73c4e663-0eb1-4084-9ca4-30974ae6ea49/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/ 94 KB
14 KB 61ms
61ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/73c4e663-0eb1-4084-9ca4-30974ae6ea49/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec71257b1057d5d5b4aca7d1ef21ecee283ceee836980db7a1e2e06ae4bb0d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: PIcI+5CybP59lPKYeG5Wog==
vary: Accept-Encoding
content-length: 14350
x-ms-lease-status: unlocked
last-modified: Thu, 20 Aug 2020 16:05:56 GMT
server: cloudflare
etag: 0x8D84522EC424D11
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9510786c-201e-008d-2886-d09440000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a83f8160fb30e0e-MXP
expires: Wed, 03 Nov 2021 11:42:59 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 37ms
37ms XHR
application/json 108.128.120.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_mid=34501830034510774280721781856418079141&d_coop_safe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=mcid%0134501830034510774280721781856418079141&ts=1635925379537

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.120.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-120-92.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1a889863622bacf0938f18afc0118a3c120a4de1256b4e89793713d851801efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v019-050eb7a98.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: Str7yYPXS7c=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 997
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 12 KB
4 KB 59ms
59ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: NgHQTHCGWwGmNE0ie37G8A==
vary: Accept-Encoding
content-length: 3248
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:16 GMT
server: cloudflare
etag: 0x8D84A3B556B9C39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 220c01f2-701e-009e-2886-d0a1a1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a83f81678430e0e-MXP
expires: Thu, 11 Nov 2021 07:42:59 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 61 KB
15 KB 65ms
65ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: ebGLXbyX4UjJx8DgFc7F7g==
vary: Accept-Encoding
content-length: 14901
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:17 GMT
server: cloudflare
etag: 0x8D84A3B55B1B344
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 67df7ec2-201e-004a-6686-d0e881000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a83f81678440e0e-MXP
expires: Thu, 11 Nov 2021 07:42:59 GMT

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ 0
209 B 47ms
7ms XHR
text/plain 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=3B6E35F15A82BBB00A495D91@AdobeOrg&_les_sdid=049A8D10DD6E342A-6C6A95B4181F08C9&_les_last_search_click=&_les_rsid=mccltallmcclatchy&_les_mid=34501830034510774280721781856418079141&_les_url=https%3A%2F%2Fwww.heraldsun.com%2F
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/halzid.bc343660e8897dd40fe1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635925380.677656,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www.heraldsun.com
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4077-HHN

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEIKlnBDIaSy5cKvm-op6ZBA&google_cver=1
dpm.demdex.net/ Frame C871
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzQwNDU0MTM1MDk2MDkwNzM5NTA3ODIxMDQzMjQ1MzA2ODk1NTQ=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzQwNDU0MTM1MDk2MDkwNzM5NTA3ODIxMDQzMjQ1MzA2ODk1NTQ=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIKlnBDIaSy5cKvm-op6ZBA&google_cver=1?gdpr=0&gdpr_consent=

42 B
943 B

34ms
34ms

Image
image/gif

108.128.120.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIKlnBDIaSy5cKvm-op6ZBA&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

HTTP/1.1

Server

108.128.120.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-120-92.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-02cd5e33a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: evgknfJYTno=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:42:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIKlnBDIaSy5cKvm-op6ZBA&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 s46310285113388 Show response
mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/ 2 KB
3 KB 42ms
42ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/s46310285113388

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/halzid.bc343660e8897dd40fe1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

dd4007ca761b5e6d5023655bb9dcdfc107186cef73eda87f8bd8e2a5ea1d916c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-aam-tid: YGtcNKhpQDk=
date: Wed, 03 Nov 2021 07:42:59 GMT
x-content-type-options: nosniff
x-c: main-1540.I13d07b.M0-522
p3p: CP="This is not a P3P policy"
content-length: 2501
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v019-092dc6a27.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Thu, 04 Nov 2021 07:42:59 GMT
server: jag
xserver: anedge-b4c7fdd79-d8f25
etag: 3513123001224003584-4619895770000664659
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.heraldsun.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Tue, 02 Nov 2021 07:42:59 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C871
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVlJOWd3QUFBR2J2WGdReg==

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVlJOWd3QUFBR2J2WGdReg==

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:42:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:42:59 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635925380.757454,VS0,VE0
x-served-by: cache-hhn4077-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVlJOWd3QUFBR2J2WGdReg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C871
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYI9gwAAAGbvXgQz&expires=90

0
239 B

379ms
92ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYI9gwAAAGbvXgQz&expires=90
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: f72efbd84733ea5ba734e4e8fe0395a3
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:42:59 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635925380.848378,VS0,VE0
x-served-by: cache-hhn4077-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYI9gwAAAGbvXgQz&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v16/ 23 KB
24 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v16/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 04:45:49 GMT
x-content-type-options: nosniff
age: 529030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24036
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:37:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 04:45:49 GMT

GET
H2 200 Chatham%20Election%20Night
www.thestate.com/news/politics-government/9e2ybt/picture255491826/alternates/LANDSCAPE_768/ 41 KB
41 KB 160ms
48ms Image
image/jpeg 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thestate.com/news/politics-government/9e2ybt/picture255491826/alternates/LANDSCAPE_768/Chatham%20Election%20Night
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 350f8005ae0bd9ecd2a168860ba8a208239bba479755239aad31995bd8a970d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1214
content-length: 41701
last-modified: Tue, 02 Nov 2021 22:05:52 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "d6c4dd0843d71ed723c5093f35d3b781"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 803178608, 549353927 567151764
access-control-allow-origin: *
cache-control: max-age=583946
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 guHemminger.jpg
www.newsobserver.com/latest-news/su6bxn/picture252780153/alternates/LANDSCAPE_768/ 35 KB
35 KB 149ms
37ms Image
image/jpeg 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/su6bxn/picture252780153/alternates/LANDSCAPE_768/guHemminger.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0c7a368dcd17c8f973bac3c531c32400be2671518ccb473b84e0b5d87c95891e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3552
content-length: 35615
last-modified: Tue, 02 Nov 2021 23:17:02 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "a74a5b0e191e44cd9c6fcd751a9e5620"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 503336613, 556945798 560539050
access-control-allow-origin: *
cache-control: max-age=584107
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 CHCCS%20board.jpg
www.newsobserver.com/latest-news/ouvw7y/picture255496926/alternates/LANDSCAPE_768/ 53 KB
53 KB 153ms
41ms Image
image/jpeg 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/ouvw7y/picture255496926/alternates/LANDSCAPE_768/CHCCS%20board.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 19b2bae2b942ad282fe5e86854ab5695b8f3d7d0a78dddebf67e6d8868c41eed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3080
content-length: 53816
last-modified: Wed, 03 Nov 2021 00:46:01 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "73fe6b5c89ae3cfef38af72673662e84"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 501697572, 566464307 561291207
access-control-allow-origin: *
cache-control: max-age=583994
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 RTTGavelbasic.jpg
www.charlotteobserver.com/latest-news/cu5zon/picture255482886/alternates/LANDSCAPE_768/ 23 KB
23 KB 47ms
26ms Image
image/jpeg 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charlotteobserver.com/latest-news/cu5zon/picture255482886/alternates/LANDSCAPE_768/RTTGavelbasic.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c0191a6fb97765b33d42b4ad98a62159e583e77d8af9744ede52bfca8b0be5fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1510
content-length: 23157
last-modified: Tue, 02 Nov 2021 18:32:49 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "9389e3fba80f1e420502ca0091ce9615"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 782533856 765904048
access-control-allow-origin: *
cache-control: max-age=561465
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998032001/60a4256b-c15d-474a-b520-fa0013c7e49a/466bb973-e753-40e0-9968-4d8c80ef0e37/480x270/match/ 153 KB
154 KB 70ms
12ms Image
image/jpeg 52.222.247.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998032001/60a4256b-c15d-474a-b520-fa0013c7e49a/466bb973-e753-40e0-9968-4d8c80ef0e37/480x270/match/image.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.247.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-247-46.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 86ca1915f19c82ab470556792ffac61d893f29a26b5539bc8f5a362c6e029db6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 20:55:49 GMT
Via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 38830
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: nVJfXiI7pQ0EDWGESNOkjI7KfaR4aOFcObB3iWbnbLSgrhWqqRtWkw==
Expires: Wed, 02 Nov 2022 20:55:49 GMT

GET
H2 200 Lantern
www.newsobserver.com/latest-news/g78eh7/picture237678774/alternates/LANDSCAPE_768/ 55 KB
55 KB 167ms
55ms Image
image/jpeg 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/g78eh7/picture237678774/alternates/LANDSCAPE_768/Lantern
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4dc7725467c44e267d4387eeacf53cb9daff5b36e55a7d37a76cb611b742341e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5119
content-length: 55979
last-modified: Fri, 22 Nov 2019 21:32:13 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "0ff25dbda8c57dadfba7279785b28cc0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 551316560, 503580552 499085483
access-control-allow-origin: *
cache-control: max-age=566617
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 3BD4 0
0 33ms
32ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbTo0NDM.&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&badge=inline&cb=6yk1r1wybt6z

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rd/rxmT9XvF4xyYmiEt8qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 03 Nov 2021 07:42:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-Rd/rxmT9XvF4xyYmiEt8qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22159
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fontawesome-webfont.woff2
www.heraldsun.com/wps/source/sass/main/fonts/font-awesome/fonts/ 55 KB
56 KB 377ms
377ms Font
font/woff2 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/css/mi-styles.a5e50a93101b42ee5942.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Referer: https://www.heraldsun.com/wps/build/webpack/css/mi-styles.a5e50a93101b42ee5942.css
Origin: https://www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 981
content-length: 56780
last-modified: Fri, 22 Oct 2021 17:18:11 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"ddcc-17ca9029438"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 259723053, 369286438 366212675
access-control-allow-origin: *
cache-control: max-age=170
access-control-allow-credentials: false
mi-cache: HIT
content-type: font/woff2;charset=ISO-8859-1
access-control-allow-headers: *

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 387 KB
113 KB 161ms
33ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/mi-footer.bundle-b9a47dc85e05422023bb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 225d2e82e0609fd8ea6f41b4596631e2eb125c4ee951202b94ea31af75585413

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:00 GMT
Content-Encoding: gzip
x-amz-request-id: GJH56RG3SPSEW4GB
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: fWYmj505ft2pskqu67knzP7wtygpjgVMV9QKfTwl1jAm62odXGVTN6O3gtPimLrgvF416UIGy0g=
Last-Modified: Tue, 02 Nov 2021 18:26:48 GMT
Server: AmazonS3
ETag: "9697906b98187396c26c1e3a90819f66"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 369 KB
123 KB 76ms
22ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125171
x-xss-protection: 0
expires: Wed, 03 Nov 2021 07:43:00 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 performance.dcd86afe2d0c8dc1a4c4.js Show response
www.heraldsun.com/static/yozons-lib/ 8 KB
3 KB 33ms
32ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/performance.dcd86afe2d0c8dc1a4c4.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3b065a781eb0837ab7f5def2ff7775f86ce2ff13b71b523c9df1b20818cb61b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 541
content-length: 2629
last-modified: Mon, 01 Nov 2021 18:10:23 GMT
server: MI
etag: W/"1e86-5cfbe172b41c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 521164531 532053395
access-control-allow-origin: *
cache-control: max-age=470437
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 parsely.125cdd0bdb6bd9acbd87.js Show response
www.heraldsun.com/static/yozons-lib/ 1 KB
931 B 35ms
34ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/parsely.125cdd0bdb6bd9acbd87.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 80b9b99327df8553748b59700b0776b4cc090397f321b1cd81d7a9038726b547

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 542
content-length: 549
last-modified: Mon, 01 Nov 2021 18:10:23 GMT
server: MI
etag: W/"456-5cfbe172b41c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 486703708, 530544679 531002197
access-control-allow-origin: *
cache-control: max-age=470485
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 quarantine.aff1210c5bb8f4c59163.js Show response
www.heraldsun.com/static/yozons-lib/ 17 KB
6 KB 42ms
41ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/quarantine.aff1210c5bb8f4c59163.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: cedd341a1cd072ea4c917aa7ad5530e09d0bac9ef6c39ee9421ddd99bb049f16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 542
content-length: 6140
last-modified: Mon, 01 Nov 2021 18:10:23 GMT
server: MI
etag: W/"45cb-5cfbe172b41c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 537835206 534670036
access-control-allow-origin: *
cache-control: max-age=470578
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 video.d91c80502e2fd2178561.js Show response
www.heraldsun.com/static/yozons-lib/ 14 KB
5 KB 48ms
48ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/video.d91c80502e2fd2178561.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7854235896149dc0bb1dc106fc1863dcaf4564f555b4da25286bfe09246f6720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2195
content-length: 4877
last-modified: Mon, 01 Nov 2021 18:10:23 GMT
server: MI
etag: W/"39f6-5cfbe172b41c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 486703710, 539401981 541065624
access-control-allow-origin: *
cache-control: max-age=472163
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 184 KB
61 KB 44ms
10ms Script
application/x-javascript 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/netdale.ae5eaef66711bd84742d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 489d91bed61ef8d1c31f9de5b1c13777a03ac0864206094dd594ad82ef266ca7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: aNI79gymn36SdL1OCQ9XQoRn1j6ap8oY
content-encoding: gzip
etag: W/"319188f4e162198ee578ba6e65904ead"
age: 16322
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:f3f3bcb1-d653-4795-a242-0bc52f20e334
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 99ea7c9ae879eabed07b623c4b48c3a2
last-modified: Tue, 26 Oct 2021 10:28:36 GMT
server: AmazonS3
date: Wed, 03 Nov 2021 03:29:49 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 7fac56bbf391534ba4d108d9d1c5ede96a619703863f7695a7d7c98a8fea4662
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-type: application/x-javascript
x-amz-cf-id: xjUhYAEdR8lqA1bGAexXak8E5Bks1OvqzpKhSnIh2I_xOwwCuPWosg==

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 82 KB
17 KB 45ms
11ms Script
application/javascript 2600:9000:2156:b000:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b000:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fa9dac0393d30bb7e860c31c6f2d9c2764a9cda8400c4c580dd943b2163637e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: CdDe_Cv6FKS5cNcZQ97w8kcXVVEbozNV
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 20:24:48 GMT
server: AmazonS3
age: 47888
etag: W/"79a1644018cfc74815de486d6d3084a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control: max-age=84600
date: Tue, 02 Nov 2021 18:24:53 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8aMSbAmCNCMKGKUxXEgCLZGkbzSnqXtHdQXLihtQdjfzNHjbNZhTzQ==

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/11/www.heraldsun.com/ 4 KB
741 B 443ms
399ms Script
application/json 2600:9000:223e:6e00:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.heraldsun.com/.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6e00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8580f9061e13b9d212342f018991fc676c0e553ff317258b4e5a8bca8e9dbdff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:41:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
etag: "58249924dfed9fb441ddf49721a065e9"
x-cache: RefreshHit from cloudfront
content-type: application/json; charset=utf-8
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd47.cloudfront.net (CloudFront)
cache-control: max-age=300
accept-ranges: bytes
content-length: 366
x-amz-cf-id: c1c6kSUSZRKbwFRimrC4JdJ5yV5gq3YbK-ym2qmeHCuuPNqq0YXHxg==

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 112 KB
25 KB 69ms
18ms Script
text/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/netdale.ae5eaef66711bd84742d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2972e1f8412e488008ba2f3cfabdf43cc8d8eee63d67be488f0e53adf5488fe4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:00 GMT
Content-Encoding: gzip
Age: 735
X-Cache: HIT
Connection: keep-alive
Content-Length: 25247
x-amz-id-2: O2sWzv/RnFe2dXx6Zn1TNPmK3YKpBbi/KNytruVK5efI4VbljpiRaA4g5pfwAiMVNxpJJP5QgwA=
X-Served-By: cache-cdg20778-CDG
Last-Modified: Wed, 03 Nov 2021 07:22:37 GMT
Server: AmazonS3
X-Timer: S1635925380.057442,VS0,VE1
ETag: "8fc339fbd454abfec5b5ce421d1db917"
x-amz-request-id: M1Q7HMZNAYJZSDWD
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 1

GET
H2 200 sponsored.58bdc3c62f6af3414a4e.js Show response
www.heraldsun.com/static/yozons-lib/ 1 KB
839 B 54ms
54ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/sponsored.58bdc3c62f6af3414a4e.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e1499ff78652abbcb64179ac5b535f71be36dd89ddd92363ef675915c79c70a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 541
content-length: 458
last-modified: Mon, 01 Nov 2021 18:10:23 GMT
server: MI
etag: W/"407-5cfbe172b41c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 486409428, 532640619 527984013
access-control-allow-origin: *
cache-control: max-age=470452
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 403 lt.min.js
tags.crwdcntrl.net/lt/c// 0
0 441ms
410ms Script
application/xml 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c//lt.min.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/netdale.ae5eaef66711bd84742d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame 60F0 319 KB
103 KB 42ms
42ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.heraldsun.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1071665
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Nov 2021 07:43:00 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE7)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 RAL_ClemsonWakeForest11.JPG
www.charlotteobserver.com/latest-news/98ep8g/picture253232913/alternates/LANDSCAPE_768/ 30 KB
31 KB 69ms
67ms Image
image/jpeg 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charlotteobserver.com/latest-news/98ep8g/picture253232913/alternates/LANDSCAPE_768/RAL_ClemsonWakeForest11.JPG
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3699326906593ec5e5562a00e156736e5d9459c4e3c0671f9e2711ef5a336db2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1544
content-length: 30860
last-modified: Tue, 02 Nov 2021 23:17:33 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "23e6a48986a22b3871a83cf29da4f7ec"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 550988499, 779865040 787327137
access-control-allow-origin: *
cache-control: max-age=576100
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 1103-siers-cartoon.jpg
www.charlotteobserver.com/latest-news/isu5cw/picture255483406/alternates/LANDSCAPE_768/ 45 KB
45 KB 83ms
82ms Image
image/jpeg 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charlotteobserver.com/latest-news/isu5cw/picture255483406/alternates/LANDSCAPE_768/1103-siers-cartoon.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 641c4f0e7e7a956976378cdf1f4c7a8405c58ea06d1a92466fc14f1b7ca36e30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2652
content-length: 45910
last-modified: Tue, 02 Nov 2021 18:47:50 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "aea1921a050025c822ede04faf5b32f5"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 540718756, 779487191 759126685
access-control-allow-origin: *
cache-control: max-age=561836
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 Durham%20perfume%20robber.001.jpeg
www.newsobserver.com/latest-news/dh04dp/picture255493801/alternates/LANDSCAPE_768/ 39 KB
40 KB 90ms
90ms Image
image/jpeg 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/dh04dp/picture255493801/alternates/LANDSCAPE_768/Durham%20perfume%20robber.001.jpeg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 72b9e3767117bf34a652cbb68c96e2155ff6c67a6cd845bb0f8b072dec33a5ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3220
content-length: 40077
last-modified: Tue, 02 Nov 2021 22:53:05 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "43cac1b31417487a457db547578f9b01"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 556682023, 499109007 496593503
access-control-allow-origin: *
cache-control: max-age=576312
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 CLT_Panthers_Falcons_2083.JPG
www.charlotteobserver.com/latest-news/cspmf6/picture255435846/alternates/LANDSCAPE_768/ 52 KB
52 KB 93ms
92ms Image
image/jpeg 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charlotteobserver.com/latest-news/cspmf6/picture255435846/alternates/LANDSCAPE_768/CLT_Panthers_Falcons_2083.JPG
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 75a175afb23ed3ec8d9a68320e0f17da0ace41f56366b3b79099974cbc021ec9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 256
content-length: 52818
last-modified: Sun, 31 Oct 2021 22:53:55 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "80e5cba6280b36178f7fd1d15cdc5673"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 651392360, 473334279 473268235
access-control-allow-origin: *
cache-control: max-age=400558
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 STATELOU24-103021-EDH.jpg
www.newsobserver.com/latest-news/xnl2tf/picture255426166/alternates/LANDSCAPE_768/ 51 KB
52 KB 94ms
94ms Image
image/jpeg 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/xnl2tf/picture255426166/alternates/LANDSCAPE_768/STATELOU24-103021-EDH.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d830113c0e0e6202f95b1047f14978541ae47ab687b0e2510f170d0793baa493

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 293
content-length: 52712
last-modified: Sun, 31 Oct 2021 05:20:49 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "642275c90ee64f9b177734aa846ba945"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 497483115, 446978302 451548846
access-control-allow-origin: *
cache-control: max-age=337471
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 IMG_Kenny_Chesney.jpg_3_1_LUIMTEE8_L580484207.JPG
www.charlotteobserver.com/latest-news/1800tw/picture255443646/alternates/LANDSCAPE_768/ 37 KB
38 KB 93ms
93ms Image
image/jpeg 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charlotteobserver.com/latest-news/1800tw/picture255443646/alternates/LANDSCAPE_768/IMG_Kenny_Chesney.jpg_3_1_LUIMTEE8_L580484207.JPG
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e66763ff795f730fb53b54cde73708fbd95387bdf862cd5e22c446915a2cf07f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 216
content-length: 38071
last-modified: Mon, 01 Nov 2021 11:46:16 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "9b267d23cd2f1001d9c05d1f57fbc677"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 479938381, 680414392 677703241
access-control-allow-origin: *
cache-control: max-age=446871
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/jpeg
access-control-allow-headers: *

GET
BLOB 200
OK 034d3f98-31e6-4683-828b-a1701c0fa468
https://www.heraldsun.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com/034d3f98-31e6-4683-828b-a1701c0fa468
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C871
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYI9gwAAAGbvXgQz
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYI9gwAAAGbvXgQz&C=1

43 B
1003 B

46ms
46ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYI9gwAAAGbvXgQz&C=1
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 07:43:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 07:43:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 07:43:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYI9gwAAAGbvXgQz&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Wed, 03 Nov 2021 07:43:00 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/heraldsun.com/ 66 KB
23 KB 54ms
19ms Script
application/javascript 65.9.7.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/heraldsun.com/p.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/parsely.125cdd0bdb6bd9acbd87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.60 Altamonte Springs, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 380bc36c30a542cca4c08720ecaa514028c85e38491135262438fb321acf8572

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 03 Nov 2021 07:01:24 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 22:23:48 GMT
server: nginx
age: 6415
etag: W/"60946c74-10709"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: R6TTUqsJ9MR_oyTEIPlrBZO_B4t1nne9uFM0wPgt4ipX11DzjFDSwQ==
expires: Thu, 04 Nov 2021 05:56:05 GMT

GET
H2 200 pdp.gif
www.heraldsun.com/static/yozons-lib/ 42 B
385 B 431ms
430ms Image
image/gif 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX2R1cl8zNDUwMTgzMDAzNDUxMDc3NDI4MDcyMTc4MTg1NjQxODA3OTE0MV8xXzBfMTYzNTkyNTM3OTQ3NSIsImRvbUludGVyYWN0aXZlIjoyNDk4LCJyZXF1ZXN0U3RhcnQiOjg4NCwiemV1c1JlcXVlc3RlZCI6MTk0N30=
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 343908
content-length: 42
last-modified: Thu, 28 Oct 2021 13:14:07 GMT
server: MI
etag: "2a-5cf697c4585c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 562942598 487817498
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 6552 1 KB
1 KB 52ms
26ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 04:08:54 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 19052
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: mcMfIFS0NCnTPz-va9Yv9KHvPpfUu-8mTY9BmRQgBZfqNZVBht02nQ==

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/6/ Frame C633
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930333/all/ml.js?cb=1578
https://js.matheranalytics.com/static/ltm/ma12095/all/6/ml.br.js

140 KB
41 KB

8ms
7ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/6/ml.br.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a36bfb7995c90e80bc907138d7f0dd0193ea597c39e0e2a03825456b108c5d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 05:33:24 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 21:18:49 GMT
server: nginx
age: 7776
etag: "20650b71c4c2f963c8608629cb2edbdb"
vary: Accept-Encoding
x-cache: HIT Thu, 15 Jul 2021 21:29:09 GMT
content-type: application/x-javascript
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: clear
content-length: 41736

Redirect headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/6/ml.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 1-gc-euw1-10920

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
594 B 71ms
16ms Fetch
application/json 13.32.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-35.fra60.r.cloudfront.net
Software: /
Resource Hash: 55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:27:58 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb9.cloudfront.net (CloudFront), 1.1 4612dc3b414cf2057f542e94733d59bd.cloudfront.net (CloudFront)
age: 902
x-amzn-requestid: 7e435d60-e71c-41d0-8dff-37c677b297a7
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-618239fe-41c686841cfbc0a7406cfa87;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA60-P3
x-amz-apigw-id: IN3_xGU7DoEFXeQ=
content-length: 30
x-amz-cf-id: Fg3vggT10WmMNhZ7SIGVKkGyQZZcsAyrrrVvK0jCNnQILTtOCeRMkA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 6280040365001
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ Frame 0
0 60ms
8ms Preflight 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6280040365001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
access-control-max-age: 86400
accept-ranges: bytes
date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1635925380.195925,VS0,VE0
bcov-debug-cache-stats: unknown
bcov-instance: unknown
x-amz-cf-id: unknown
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 200 6280040365001
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ Frame 0
0 56ms
8ms Preflight 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6280040365001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
access-control-max-age: 86400
accept-ranges: bytes
date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1635925380.196034,VS0,VE0
bcov-debug-cache-stats: unknown
bcov-instance: unknown
x-amz-cf-id: unknown
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 200 6279866218001
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ Frame 0
0 53ms
8ms Preflight 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6279866218001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
access-control-max-age: 86400
accept-ranges: bytes
date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1635925380.196089,VS0,VE0
bcov-debug-cache-stats: unknown
bcov-instance: unknown
x-amz-cf-id: unknown
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 200 6279829401001
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ Frame 0
0 51ms
8ms Preflight 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6279829401001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
access-control-max-age: 86400
accept-ranges: bytes
date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1635925380.196188,VS0,VE0
bcov-debug-cache-stats: unknown
bcov-instance: unknown
x-amz-cf-id: unknown
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 6280040365001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 7 KB
8 KB 10ms
8ms Fetch
application/json 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6280040365001
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 241048c7b732906c6343838ab2f656937a673d1d95dcb42115ce6e95e3b10400

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

bc-override-client-ip: 89.163.242.73
date: Wed, 03 Nov 2021 07:43:00 GMT
powered-from: eu-central-1c
bcov-request-id: 40be93c7-6eea-43b3-a0da-8b1a64a40e67
age: 6772
policy-key-accountid: 5615998031001
x-cache: HIT
access-control-allow-origin: *
powered-by: BC
content-length: 7514
x-served-by: cache-hhn4030-HHN
bcov-instance: unknown
policy-key-raw: BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
x-timer: S1635925380.206721,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
bcov-debug-cache-stats: unknown
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id: unknown
x-cache-hits: 1

GET
H2 200 6280040365001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 7 KB
7 KB 11ms
9ms Fetch
application/json 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6280040365001
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 241048c7b732906c6343838ab2f656937a673d1d95dcb42115ce6e95e3b10400

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

bc-override-client-ip: 89.163.242.73
date: Wed, 03 Nov 2021 07:43:00 GMT
powered-from: eu-central-1c
bcov-request-id: 40be93c7-6eea-43b3-a0da-8b1a64a40e67
age: 6772
policy-key-accountid: 5615998031001
x-cache: HIT
access-control-allow-origin: *
powered-by: BC
content-length: 7514
x-served-by: cache-hhn4030-HHN
bcov-instance: unknown
policy-key-raw: BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
x-timer: S1635925380.206794,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
bcov-debug-cache-stats: unknown
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id: unknown
x-cache-hits: 2

GET
H2 200 6279866218001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 7 KB
8 KB 15ms
13ms Fetch
application/json 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6279866218001
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d0e382460f4f26cc927aa63067a7271bebccd6d5df7f19ae18de38195eb6c283

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

bc-override-client-ip: 89.163.242.64
date: Wed, 03 Nov 2021 07:43:00 GMT
powered-from: eu-central-1c
bcov-request-id: c302f4a2-db7d-4d43-b432-67fa82b9a8d7
age: 1886
policy-key-accountid: 5615998031001
x-cache: HIT
access-control-allow-origin: *
powered-by: BC
content-length: 7655
x-served-by: cache-hhn4030-HHN
bcov-instance: unknown
policy-key-raw: BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
x-timer: S1635925380.206835,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
bcov-debug-cache-stats: unknown
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id: unknown
x-cache-hits: 1

GET
H2 200 6279829401001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 8 KB
8 KB 12ms
11ms Fetch
application/json 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/6279829401001
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 63220eb83b394ef75d625df67cc496eced6a0538ac850fd3ac62c63f1fe9d012

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

bc-override-client-ip: 89.163.242.64
date: Wed, 03 Nov 2021 07:43:00 GMT
powered-from: eu-central-1a
bcov-request-id: 217fde71-890c-4b11-8e94-c3c485292118
age: 5844
policy-key-accountid: 5615998031001
x-cache: HIT
access-control-allow-origin: *
powered-by: BC
content-length: 7707
x-served-by: cache-hhn4030-HHN
bcov-instance: unknown
policy-key-raw: BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
x-timer: S1635925380.206915,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
bcov-debug-cache-stats: unknown
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id: unknown
x-cache-hits: 1

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame C871
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YYI9gwAAAGbvXgQz
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYYI9gwAAAGbvXgQz

43 B
1 KB

14ms
14ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYYI9gwAAAGbvXgQz

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

HTTP/1.1

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 07:43:00 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7ad327a0-b0a7-4e32-b1fd-b2e43033e87b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 07:43:00 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 62151a62-87b1-4d1f-8085-d7b308bfc733
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYYI9gwAAAGbvXgQz
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111021223/ 185 KB
59 KB 17ms
16ms Script
application/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111021223/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc08823882ad495f597e6c09d8a48e4f33a9d54aacc1e685710b7f92e0de43f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:00 GMT
Content-Encoding: gzip
Age: 787
X-Cache: HIT
Connection: keep-alive
Content-Length: 60111
x-amz-id-2: kjhSu/o8mZ9scaQ3iq6Wz3uzYjbpirzlDCbo0NeSzxdaK25Ts6C8G18NTU14v1EVEA9EnY6Px00=
X-Served-By: cache-cdg20778-CDG
Last-Modified: Tue, 02 Nov 2021 16:26:49 GMT
Server: AmazonS3
X-Timer: S1635925380.189578,VS0,VE0
ETag: "20afc83b7a6b57161ec5313d992dda23"
x-amz-request-id: F2MNMRF24Z1X15H6
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 1630

GET
H2 200 t Show response
jadserve.postrelease.com/ 16 KB
3 KB 672ms
270ms Script
text/javascript 52.9.67.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.heraldsun.com%2F&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 6983d719884215f01c8c8f09077f5bb0736c82129f13db74e8eddd19f2cbd9a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:00 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 2974
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 463ms
114ms XHR
text/xml 52.46.131.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.131.178 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d89c227b4a0e8b968c91fc3e787fe1c4c2a4dd75d70880b2288342177bd19edc

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 03 Nov 2021 07:43:00 GMT
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: e582bb06-6832-5e23-ae5b-e2fa57f68cf9
Content-Length: 378
Content-Type: text/xml

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 439ms
100ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1635925380205&plid=28819993&idsite=heraldsun.com&url=https%3A%2F%2Fwww.heraldsun.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.heraldsun.com%2F&sref=&sts=1635925380203&slts=0&title=Durham+Breaking+News%2C+Sports+%26+Crime+%7C+Durham+Herald+Sun&date=Wed+Nov+03+2021+07%3A43%3A00+GMT%2B0000+(GMT)&action=pageview&pvid=15269907&u=pid%3D859d8dfb1d1168db844924a1ee2b8cde
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:00 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 03-Nov-2021 07:43:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

b2
sb.scorecardresearch.com/ Frame 6552
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1635925380207&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Durham%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Durham%20Herald%20Sun&c7=https%3A%2F%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1635925380207&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Durham%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Durham%20Herald%20Sun&c7=https%3A%2F%...

64 B
330 B

10ms
9ms

Image
image/gif

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1635925380207&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Durham%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Durham%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com%2F&c9=
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: CVL2SRHM3nV1_-j8iSsS-vdnXonF7NfX4ZWjL-_C2T0zfsU9JAvRhw==

Redirect headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1635925380207&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Durham%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Durham%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com%2F&c9=
content-length: 245
x-amz-cf-id: nqrzAlrgB-jkm0rPctTcjdrJtXkvP7F8rhWdhBhMHz7p4Qytiux6Vw==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 60F0 232 B
447 B 135ms
112ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a8622b267f43696b9d6a1fa4417a5305a1bfb6dd

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.heraldsun.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 03 Nov 2021 07:42:59 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 07:43:00 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d56ed99692c7765d5f2de42bab25851a8dc1c1b1a84c152d9c78e1eb39a0451e
content-length: 166

GET
H/1.1 200
OK play-button.png
s3.amazonaws.com/cdn.jukeboxu.com/brightcove/nextgen/buttons/ 9 KB
9 KB 458ms
126ms Image
image/png 52.217.91.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.jukeboxu.com/brightcove/nextgen/buttons/play-button.png
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.91.150 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 45f08f27c7337d189e8c31e635b5d0a0781b273131135cd77ee8b6f12366e7a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:01 GMT
Last-Modified: Wed, 22 Apr 2015 01:47:56 GMT
Server: AmazonS3
x-amz-request-id: ETKJADZST3YB7N23
ETag: "182516d4ba61695d505ca0bd246f63fb"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 8810
x-amz-id-2: g19oW0z/BOXBeCZO3mPnlQrxKRyyvokytYzeET8YZSXtp5punNSIKmm2sF2Nu7JiodCEuyYMqTY=

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/10s/ 6 KB
7 KB 88ms
81ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/10s/master.m3u8?fastly_token=NjFhNzExNmVfZDUzYmNiODYxNTk5NDNlOTNkNjA5YWJhZTIxNGRiMTQ1NzFlODlmZjQ4YmFmOTVmYTNmNzFlYzYwNjE2OTA1YQ%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: a4acf2a500c24052681adf32efb668e94f99f3edf5a2e9af4ffb85e2ad799b76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 6588
x-served-by: cache-hhn4030-HHN
x-device-group: desktop-chrome
x-timer: S1635925380.302635,VS0,VE68
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/10s/ 6 KB
6 KB 83ms
82ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/10s/master.m3u8?fastly_token=NjFhNzExNmVfZDUzYmNiODYxNTk5NDNlOTNkNjA5YWJhZTIxNGRiMTQ1NzFlODlmZjQ4YmFmOTVmYTNmNzFlYzYwNjE2OTA1YQ%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: a4acf2a500c24052681adf32efb668e94f99f3edf5a2e9af4ffb85e2ad799b76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
x-bolt-device-group: desktop-chrome
content-length: 6588
x-served-by: cache-hhn4030-HHN
x-device-group: desktop-chrome
x-timer: S1635925380.302514,VS0,VE68
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C871
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYI9gwAAAGbvXgQz
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYI9gwAAAGbvXgQz

43 B
180 B

27ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYI9gwAAAGbvXgQz
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYI9gwAAAGbvXgQz
date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 google
server: OXGW/16.217.1
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/c214972c-d7f7-4a3e-8e9a-990269aea886/10s/ 6 KB
7 KB 9ms
8ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/c214972c-d7f7-4a3e-8e9a-990269aea886/10s/master.m3u8?fastly_token=NjFhNzE0ZDJfOWJhNGI2NmRiYmUxMWI3MTBiMzQ3N2ZmNGUxMTRlNTZkYjg2ODU5NTdmYjZmNzgzMDhmM2QwY2NiYTkyOWUyOQ%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: a73f8ca6c785c818d374cb72228a31e0c57192e2a16198e4ac0331170622b728

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
age: 107313
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 6588
x-served-by: cache-hhn4030-HHN
x-device-group: desktop-chrome
x-timer: S1635925380.305426,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/4a314e47-23f8-42bf-a5f1-fd0eebd0b6c4/10s/ 5 KB
5 KB 60ms
60ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/4a314e47-23f8-42bf-a5f1-fd0eebd0b6c4/10s/master.m3u8?fastly_token=NjFhNzIzZTRfODc2ZWE4OTEzZDE0MzNmZTM3MGJlODMwODZiMTU2ODBlMDZmMjI0NDhlNGUwMmU4ZWEwZjQ0YWJiYWEwZDg0Yw%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 577740eee34f713ff7f121ffb92531062ec14cb56aa244aeeba87889399fdf8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
x-bolt-device-group: desktop-chrome
content-length: 5199
x-served-by: cache-hhn4030-HHN
x-device-group: desktop-chrome
x-timer: S1635925380.307537,VS0,VE53
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame C633 43 B
245 B 492ms
105ms Image
image/gif 3.221.31.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&sec=Homepage&prem=0&ptype=Home&uid=Unregistered&tv=js-3.0.134&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=6&tvcfg=all&tid=79099e63-16a6-489c-b2ed-d61554e0160f&pid=62d1f41f-0170-42e5-9043-75537e98d355&dtm=1635925380315&qnm=_matherq&visible=1&tabid=8d9c7218-e6c4-49c4-b3ad-b82d73bf9ee7&url=https%3A%2F%2Fwww.heraldsun.com%2F&vp=0x0&ds=0x0&tofa=1635925380&vid=1&lvidt=1635925380&duid=1be63d2ab4d6a14b&fp=2920491789&cid=ma12095&mrk=74930333&cx=eyJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJfSG9tZVBhZ2V8fHx8Il1dfSwiaWRlbnRpdHkiOnsicGF5d2FsbFVzZXJJZCI6IiJ9LCJwZXJmIjp7InN0YXJ0IjoiMTYzNTkyNTM4MDA1OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNy42bWIiLCJoZWFwVCI6IjMxLjJtYiIsInJlc3BFIjoiNCIsImRvbUxvYWQiOiIwIiwiZG9tSW50ZXIiOiI0IiwiZG9tTG9hZFMiOiI0IiwiZG9tTG9hZEUiOiI0IiwiZG9tQ21wbHQiOiI0IiwibG9hZFMiOiI0IiwibG9hZEUiOiI0In19
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.31.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-31-176.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:00 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
BLOB 200
OK 1e62cd05-c0c2-4be0-b39f-2957e593ff57
https://www.heraldsun.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com/1e62cd05-c0c2-4be0-b39f-2957e593ff57
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

OPTIONS
H/1.1 200
OK 6280040365001
publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/ Frame 0
0 1812ms
124ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/6280040365001
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-forwarded-host
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.heraldsun.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Date: Wed, 03 Nov 2021 07:43:02 GMT
Vary: X-Forwarded-Host
Content-Length: 0

GET
H/1.1 200
OK 6280040365001 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/ 16 KB
16 KB 297ms
297ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/6280040365001
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: 65201d1357509f640aacee2d677f15e89944c684c9f777895288818fe3df72e7

Request headers

Referer: https://www.heraldsun.com/
X-Forwarded-Host: www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:02 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H2 200 bridge3.487.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 121C 578 KB
190 KB 316ms
15ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194247
date: Tue, 02 Nov 2021 22:15:47 GMT
expires: Wed, 02 Nov 2022 22:15:47 GMT
last-modified: Mon, 01 Nov 2021 17:03:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 108ms
44ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Nov 2021 07:43:00 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/bced12b4-c053-450e-b762-229fd13fb2b1/1280x720/match/ 698 KB
699 KB 29ms
12ms Image
image/jpeg 52.222.247.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/bced12b4-c053-450e-b762-229fd13fb2b1/1280x720/match/image.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.247.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-247-46.fra60.r.cloudfront.net
Software: / BC
Resource Hash: c81c0b2e8c5b892e9fce4f258fa18810dbb9aae635e97b29342058e0caf3ad71

Request headers

Referer: https://www.heraldsun.com/
Origin: https://www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:48:09 GMT
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 14091
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: T21GJeijNMtTCQh15aEqs1Nht-B3FPOBS5m2o2EuBEBeKMUnx0ZYWA==
Expires: Thu, 03 Nov 2022 03:48:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
36ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
BLOB 200
OK 7c991bb1-e4c0-4f19-b9fb-c7584eec7354
https://www.heraldsun.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com/7c991bb1-e4c0-4f19-b9fb-c7584eec7354
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

OPTIONS
H/1.1 200
OK 6280040365001
publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/ Frame 0
0 1806ms
127ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/6280040365001
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-forwarded-host
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.heraldsun.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Date: Wed, 03 Nov 2021 07:43:02 GMT
Vary: X-Forwarded-Host
Content-Length: 0

GET
H/1.1 200
OK 6280040365001 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/ 16 KB
16 KB 281ms
280ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/6280040365001
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: 65201d1357509f640aacee2d677f15e89944c684c9f777895288818fe3df72e7

Request headers

Referer: https://www.heraldsun.com/
X-Forwarded-Host: www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:02 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H2 200 bridge3.487.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D8DA 578 KB
190 KB 304ms
23ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194247
date: Tue, 02 Nov 2021 22:15:47 GMT
expires: Wed, 02 Nov 2022 22:15:47 GMT
last-modified: Mon, 01 Nov 2021 17:03:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK 06829d78-032a-4120-b9ee-eff64a78536f
https://www.heraldsun.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com/06829d78-032a-4120-b9ee-eff64a78536f
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

GET
BLOB 200
OK 275ac1d1-6977-4a5f-a5b2-0061627d1e45
https://www.heraldsun.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com/275ac1d1-6977-4a5f-a5b2-0061627d1e45
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 5415
Content-Type: application/javascript

OPTIONS
H/1.1 200
OK 6279829401001
publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/ Frame 0
0 1793ms
126ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/6279829401001
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-forwarded-host
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.heraldsun.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Date: Wed, 03 Nov 2021 07:43:02 GMT
Vary: X-Forwarded-Host
Content-Length: 0

GET
H/1.1 200
OK 6279829401001 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/ 16 KB
16 KB 257ms
256ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/6279829401001
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: e831bb16e6257e932df686770071301dc7fb6970fef3b67a9aac9e921a3a358f

Request headers

Referer: https://www.heraldsun.com/
X-Forwarded-Host: www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:02 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H2 200 bridge3.487.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6EC7 578 KB
190 KB 287ms
18ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194247
date: Tue, 02 Nov 2021 22:15:47 GMT
expires: Wed, 02 Nov 2022 22:15:47 GMT
last-modified: Mon, 01 Nov 2021 17:03:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/c214972c-d7f7-4a3e-8e9a-990269aea886/4217461b-cc11-47a5-a9aa-92581dda5049/1280x720/match/ 127 KB
128 KB 42ms
18ms Image
image/jpeg 52.222.247.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/c214972c-d7f7-4a3e-8e9a-990269aea886/4217461b-cc11-47a5-a9aa-92581dda5049/1280x720/match/image.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.247.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-247-46.fra60.r.cloudfront.net
Software: / BC
Resource Hash: bfb7bd636a40dc99dca9556dbfea689a373653ba7718d7ac0aa4ca8c8db16e61

Request headers

Referer: https://www.heraldsun.com/
Origin: https://www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 22:39:35 GMT
Via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 119005
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: sYIDl_t-MGrZ2LMA7N2W0iQcce6uT4V3zWajS3R6Ib4p4ek8TXHWrA==
Expires: Tue, 01 Nov 2022 22:39:35 GMT

OPTIONS
H/1.1 200
OK 6279866218001
publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/ Frame 0
0 1780ms
126ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/6279866218001
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-forwarded-host
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.heraldsun.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Date: Wed, 03 Nov 2021 07:43:02 GMT
Vary: X-Forwarded-Host
Content-Length: 0

GET
H/1.1 200
OK 6279866218001 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/ 17 KB
17 KB 244ms
244ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/newsobserver/related/6279866218001
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: 980f33c5f40531f344a10ecaa3a6f944d5edd6b55de3603ed15754a9125c4896

Request headers

Referer: https://www.heraldsun.com/
X-Forwarded-Host: www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:02 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H2 200 bridge3.487.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E831 578 KB
190 KB 284ms
33ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194247
date: Tue, 02 Nov 2021 22:15:47 GMT
expires: Wed, 02 Nov 2022 22:15:47 GMT
last-modified: Mon, 01 Nov 2021 17:03:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/4a314e47-23f8-42bf-a5f1-fd0eebd0b6c4/d0720e24-43ef-4345-b81b-56f8d7997a5a/1280x720/match/ 270 KB
270 KB 70ms
29ms Image
image/jpeg 52.222.247.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/4a314e47-23f8-42bf-a5f1-fd0eebd0b6c4/d0720e24-43ef-4345-b81b-56f8d7997a5a/1280x720/match/image.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.247.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-247-46.fra60.r.cloudfront.net
Software: / BC
Resource Hash: da9dd41e4dee3a23651b1163b90732b6c61f5064c3a5f8509592e795eaa4a7e5

Request headers

Referer: https://www.heraldsun.com/
Origin: https://www.heraldsun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 04:29:18 GMT
Via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 98022
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: rT-5wuJkvlYJsGPHpjIQrmtv5Tevu5kfruFWSc6iX52oS8KHV9Kn4Q==
Expires: Wed, 02 Nov 2022 04:29:18 GMT

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/4a314e47-23f8-42bf-a5f1-fd0eebd0b6c4/be585b6f-2803-421a-a60b-fcbe2f3855d5/10s/ 2 KB
2 KB 149ms
149ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/4a314e47-23f8-42bf-a5f1-fd0eebd0b6c4/be585b6f-2803-421a-a60b-fcbe2f3855d5/10s/rendition.m3u8?fastly_token=NjFhNzJiNDJfNGMxNjA5YTE1YjNkNDFjZjM2OTA3YmUyMTVlOTc0ZTI1MDI4MTUwNGY5NDAyZjA1Y2M1MDA1MzhmNmViM2RlMg%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 845d5e9140869578af20e6c7d64bf72f62656879c2b8a605de0f7ef96c5408f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 2083
x-served-by: cache-hhn4030-HHN
x-device-group: desktop-chrome
x-timer: S1635925380.405185,VS0,VE142
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/3a0b50b3-e627-4cef-88c0-bd494ec6ac91/10s/ 7 KB
7 KB 129ms
129ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/3a0b50b3-e627-4cef-88c0-bd494ec6ac91/10s/rendition.m3u8?fastly_token=NjFhNzJiZTJfMmNhMjhhNjRhZGViYzQ0MjFlMjJlOGJkYjdjMDMxYWNkZWJjMjgyOGIyNjVkZjc1M2Y1MGMyMzg0YWU3YzQzMw%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 657b6c067afa6f90ca3e959963ba12150372633d21cc5f23d758a78de492cc08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 7608
x-served-by: cache-hhn4030-HHN
x-device-group: desktop-chrome
x-timer: S1635925380.412540,VS0,VE121
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/db2b0e23-0695-4e69-b73a-651564f01152/10s/ 7 KB
7 KB 240ms
239ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/db2b0e23-0695-4e69-b73a-651564f01152/10s/rendition.m3u8?fastly_token=NjFhNzJiZTJfN2YwNjExMWY0YTMwZGJmNTNhNWU0NzFiMTg0NjQyMDBhNTcxODNmYzdlYWQ3Y2JlMjc1NzE1NDNlYmM4YzE4Yw%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 464861951f4baa38fd62324aaab890d546496b32c5d2b7882768d9d137448c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 7608
x-served-by: cache-hhn4030-HHN
x-device-group: desktop-chrome
x-timer: S1635925380.413923,VS0,VE229
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/c214972c-d7f7-4a3e-8e9a-990269aea886/cf808db8-bbe0-4b23-8994-f76dcaee4cee/10s/ 6 KB
6 KB 31ms
31ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/c214972c-d7f7-4a3e-8e9a-990269aea886/cf808db8-bbe0-4b23-8994-f76dcaee4cee/10s/rendition.m3u8?fastly_token=NjFhNTg4NzRfOTVkYzRiMDE0N2JlNGExYTNkNGE5Y2U0MjIwOTViNDA5MmQ5ZTE0NzFlMDVkOTg5N2VkNTEwYzBjMDlkOTYwZA%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 32ac78eacfd79931facbc26e496c88bf8ed841ac706a230382568ee8be374e5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
age: 107312
x-powered-by: BC
x-cache: HIT
content-length: 5633
x-served-by: cache-hhn4030-HHN
x-device-group: desktop-chrome
x-timer: S1635925380.416890,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C871
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYI9gwAAAGbvXgQz

1 B
548 B

71ms
19ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYI9gwAAAGbvXgQz
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:457
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635925380.425566,VS0,VE0
x-served-by: cache-hhn4077-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYI9gwAAAGbvXgQz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK moment~timeline.c7de492113f2eac2bb49ff9013aa2889.js Show response
platform.twitter.com/js/ 25 KB
8 KB 38ms
37ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.c7de492113f2eac2bb49ff9013aa2889.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEE) /
Resource Hash: de8383d06a56f08749ed99ad3d43911fe88072a79e9148e2d1dead390f64893f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:52 GMT
Server: ECS (mil/6CEE)
Age: 1071665
Etag: "643f975645cfdfec2ae02aad7fbc9eea+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8013

GET
H/1.1 200
OK timeline.55167c7072ca7f4363bf18820295ba93.js Show response
platform.twitter.com/js/ 20 KB
7 KB 78ms
39ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.55167c7072ca7f4363bf18820295ba93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: 888bc5618973079f4a157c8c94b0afe382e7e957306429c5880e032c83fb8e0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:52 GMT
Server: ECS (mil/6CE7)
Age: 1071658
Etag: "9539ec9d4bc5c1e5b1953004a6456c51+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6441

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/c214972c-d7f7-4a3e-8e9a-990269aea886/241c0207-666a-4e9c-8be8-71e19ea86d40/10s/ 5 KB
6 KB 27ms
27ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/c214972c-d7f7-4a3e-8e9a-990269aea886/241c0207-666a-4e9c-8be8-71e19ea86d40/10s/rendition.m3u8?fastly_token=NjFhNTg4NzRfZDRjYTJkNmU2M2YxMGM1M2U2ZDI2MmU2NThhZTRkMTNhNmUxOTk3ZjdhYWQyNjI3YzAyMjg0NmI2Zjk5Y2I0ZQ%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: f2800ea6d4f45b92273a4eedc3bac959b76cc1e40c8a578c529e4ea43fe0ee74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
age: 107311
x-powered-by: BC
x-cache: HIT
content-length: 5620
x-served-by: cache-hhn4030-HHN
x-device-group: desktop-chrome
x-timer: S1635925380.468323,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

POST
H2 200 pixel_74ca7467 Show response
www.heraldsun.com/akam/11/ 0
774 B 27ms
26ms XHR
text/html 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/akam/11/pixel_74ca7467
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/akam/11/74ca7467
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:00 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Wed, 03 Nov 2021 07:43:00 GMT

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/91d3052e-e36f-4d72-a88e-d9c6ed3b3a16/10s/ 7 KB
7 KB 181ms
181ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/91d3052e-e36f-4d72-a88e-d9c6ed3b3a16/10s/rendition.m3u8?fastly_token=NjFhNzJiZTJfNjY4MDlhMTEyZGNlOGNhNjAwYTBhOWViMjFiMmU2ZDFkY2Q1YjQ4NjczYTY0OWM1OTNkNjFjOTE0ZjY0MTBiZg%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: ef5d141d098a5a7f012a88586a4d9ec488012256d0c8f5a87d5362c72dbded8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 7590
x-served-by: cache-hhn4030-HHN
x-device-group: desktop-chrome
x-timer: S1635925381.576945,VS0,VE172
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame C871
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYI9gwAAAGbvXgQz&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYI9gwAAAGbvXgQz&img=1&__user_check__=1&sync_id=ab78faea-3c79-11ec-9385-1708f5200406

43 B
548 B

28ms
28ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYI9gwAAAGbvXgQz&img=1&__user_check__=1&sync_id=ab78faea-3c79-11ec-9385-1708f5200406
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 75
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 03 Nov 2021 07:43:00 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YYI9gwAAAGbvXgQz&img=1&__user_check__=1&sync_id=ab78faea-3c79-11ec-9385-1708f5200406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 84
Connection: keep-alive
Content-Length: 0

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 173 KB
12 KB 536ms
269ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_TheHerald_Sun_old&dnt=false&domain=www.heraldsun.com&lang=en&screen_name=TheHerald_Sun&suppress_response_codes=true&t=1817694&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

877d091b08fd56fe63c071583a27991bcdb73b092f24907c99b4285b8ab1e851

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 12008
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 205
last-modified: Wed, 03 Nov 2021 07:43:01 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 3e6b9d99ed3421f1824e511cade875e2af1be6d10441d6c4424017185384806a
timing-allow-origin: *
x-transaction: 6ceabc4b4d2b4e4c
expires: Wed, 03 Nov 2021 07:48:01 GMT

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/91d3052e-e36f-4d72-a88e-d9c6ed3b3a16/10s/ 7 KB
7 KB 92ms
92ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/7313199f-d07b-4e56-aaf7-fd795bb6b479/91d3052e-e36f-4d72-a88e-d9c6ed3b3a16/10s/rendition.m3u8?fastly_token=NjFhNzJiZTJfNjY4MDlhMTEyZGNlOGNhNjAwYTBhOWViMjFiMmU2ZDFkY2Q1YjQ4NjczYTY0OWM1OTNkNjFjOTE0ZjY0MTBiZg%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/videoStory.bundle-4010a8399c44084081b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: ef5d141d098a5a7f012a88586a4d9ec488012256d0c8f5a87d5362c72dbded8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: HIT
content-length: 7590
x-served-by: cache-hhn4030-HHN
x-device-group: desktop-chrome
x-timer: S1635925381.667771,VS0,VE81
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2

200

b.php
www.facebook.com/fr/ Frame C871
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYI9gwAAAGbvXgQz&t=2592000&o=0

43 B
1 KB

138ms
31ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYI9gwAAAGbvXgQz&t=2592000&o=0

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mcclatchy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 00:43:00 PDT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: ++NtrpAk1IdcaIBk7TNHtpCOVNOIbT8xkprt44WK2Stuj7Xi5+pEpoUzCjRkOrxDdtV4ex+eRp6KF512whwr5g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
expires: Wed, 03 Nov 2021 00:43:00 PDT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:00 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635925381.692702,VS0,VE0
x-served-by: cache-hhn4077-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYI9gwAAAGbvXgQz&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 121C 1 KB
1 KB 105ms
61ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.heraldsun.com%2F&correlator=1299224579313993&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FDUR.site_heraldsun%2F_HomePage&hl=en&cmsid=2475984&description_url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle255499276.html&vid_t=Elaine%20O%E2%80%99Neal%20elected%20Durham%20Mayor&vid=6280040365001&cust_params=sec_sect%3D75504%2C72789%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.487.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.0&us_privacy=1---&sdki=44d&adk=1712593270&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.heraldsun.com%2F28e1ed28-0410-4d3f-9d68-35c98b98318c&sid=714A6F5A-69FE-4BA9-A1A0-A0437AAE778F&eid=44750821&dt=1635925380817&cookie_enabled=1&scor=1516274018235972&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

08474631159928103a5a32e526403528f89060989382b549fe00a54fff514b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 851
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6EC7 1 KB
860 B 72ms
47ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.heraldsun.com%2F&correlator=35367022888325&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FDUR.site_heraldsun%2F_HomePage&hl=en&cmsid=2475984&description_url=https%3A%2F%2Fwww.heraldsun.com%2Fsports%2Fcollege%2Facc%2Fduke%2Farticle255461981.html&vid_t=Duke%E2%80%99s%20Cutcliffe%3A%20%E2%80%98I%20don%E2%80%99t%20think%20about%20job%20security%E2%80%99&vid=6279829401001&cust_params=sec_sect%3D72619%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.487.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=p&ctv=0&mpt=videojs-ima&mpv=1.8.0&us_privacy=1---&sdki=44d&adk=1232159806&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.heraldsun.com%2Fe70203ad-f4e4-4e0f-a790-064a01b537e1&sid=714A6F5A-69FE-4BA9-A1A0-A0437AAE778F&eid=44750821&dt=1635925380929&cookie_enabled=1&scor=2912731436177067&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

fa98698ebc395b5b5141c359b9a5f8296bbcb55879b116fdea712491e23e01a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 833
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E831 1 KB
861 B 51ms
46ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.heraldsun.com%2F&correlator=3324654456503534&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FDUR.site_heraldsun%2F_HomePage&hl=en&cmsid=2475984&description_url=https%3A%2F%2Fwww.heraldsun.com%2Fsports%2Fcollege%2Facc%2Fnc-state%2Farticle255467716.html&vid_t=Photos%3A%20NC%20State%20men%E2%80%99s%20basketball%20faces%20Elizabeth%20City%20in%20exhibition%20game&vid=6279866218001&cust_params=sec_sect%3D72624%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.487.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=p&ctv=0&mpt=videojs-ima&mpv=1.8.0&us_privacy=1---&sdki=44d&adk=2817833062&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.heraldsun.com%2F47e0fb64-eb8b-44e4-8c1e-2f2c220886fd&sid=714A6F5A-69FE-4BA9-A1A0-A0437AAE778F&eid=44750821&dt=1635925380949&cookie_enabled=1&scor=2610140694835393&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

4a8907d6d3cfd794dfafd0c1d3f27d8633d77fc1a08271254eda096ad6d48412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 834
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 44ms
10ms Script
application/x-javascript 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=12521
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: CS9MEKCGDH7JCG1W
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=28840
accept-ranges: bytes
content-length: 55696
x-amz-id-2: rMXNPsQIb+mKYD29FMB15RdFUqe9Tfou6CShBIvY7hnXxvkZDIoIUnmVywqGcHl6qM8T7VVwN8E=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 162ms
161ms Image
image/gif 52.9.67.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=3280093&ntv_pl=1057821
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:01 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK EC0D7EC819294C00AF7328CAB34873A3.jpg
ntvcld-a.akamaihd.net/image/upload/w_75,h_75,c_fit,f_auto/assets/ 2 KB
2 KB 146ms
43ms Image
image/webp 92.123.225.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntvcld-a.akamaihd.net/image/upload/w_75,h_75,c_fit,f_auto/assets/EC0D7EC819294C00AF7328CAB34873A3.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.225.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-72.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 0dca8a850d27795ea912c60cc12a87aa87f4deb642ddcdb7b79fc019970a36fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:01 GMT
Last-Modified: Fri, 17 Sep 2021 22:06:16 GMT
Server: Akamai Image Manager
ETag: "93266074c8b78eb5d7295bfde95a45f8"
Content-Type: image/webp
Cache-Control: private, no-transform, max-age=915908
Connection: keep-alive
Content-Length: 2068
Expires: Sat, 13 Nov 2021 22:08:09 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 164ms
164ms Image
image/gif 52.9.67.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=46,302&ntv_ui=71709236-d825-4634-9b1e-1d955c743a01&ntv_a=dvkGANlxPAa60QA&ntv_fl=CF4se3gYGjAPzQcMJoAeWWbgOhYpQs1rIkw9ABEyA9fxm6l_EBEWeUF7Zta2wzIcFwkztvSqy56rZdQitrva2LRFVN7vKkwbSiRisnhYpKn7ob2v4GRt7t7VwzK8LvisYU0GYw-YKlAGMk4ErHw18CQUbX1dPDeCkqJRmPIgxu5imI8_yfGlhr879HjMcvwg9PwtMioZ_EBD9OmQVA3NDg==&ord=1621079637&ntv_ht=hD2CYQA&ntv_tad=16&ntv_enc_pr=n80sIJe21W5BdsIhsQCDmhFTlQlONfNIbf8eWimCIdWIMv7SbDU63h3Jcg7AI4w84aAJ5jYT8ZUUw5UFLJdgcBe3D-3KHOme0r_ktPgCwaI=&ntv_it
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:01 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 162ms
162ms Image
image/gif 52.9.67.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1092971&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:01 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D8DA 1 KB
872 B 61ms
60ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.heraldsun.com%2F&correlator=3202610335890168&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FDUR.site_heraldsun%2F_HomePage&hl=en&cmsid=2475984&description_url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle255499276.html&vid_t=Elaine%20O%E2%80%99Neal%20elected%20Durham%20Mayor&vid=6280040365001&cust_params=sec_sect%3D75504%2C72789%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.487.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.0&us_privacy=1---&sdki=44d&adk=3341786666&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.heraldsun.com%2F788baed6-7bc5-4b79-97a9-234a72820c91&sid=714A6F5A-69FE-4BA9-A1A0-A0437AAE778F&eid=44750821&dt=1635925380971&cookie_enabled=1&scor=3168906243731802&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

3d140be2ffa5142bb591b99d83e6cd6372c91c8516621bd6cf90293259d9f1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 845
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12521 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 0
279 B 432ms
431ms Script
binary/octet-stream 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/12521?t=202110378
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: MLVTJlOd43LF69j_ZVkbCd20.gzH8PQc
last-modified: Sat, 09 Oct 2021 06:01:05 GMT
server: AmazonS3
x-amz-request-id: 94304W0CY765H2NE
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: binary/octet-stream
date: Wed, 03 Nov 2021 07:43:01 GMT
accept-ranges: bytes
content-length: 0
x-amz-id-2: +x+zcCiTKbCNz8vu4o8FlMuNMHsO/qdYMbD+UmknWc8E7C87hqFmNVlGPDWNwOCbi8Am1Oevffo=

GET
H2 200 pdp.gif
www.heraldsun.com/static/yozons-lib/ 42 B
393 B 145ms
144ms Image
image/gif 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/static/yozons-lib/pdp.gif?z=eyJpZCI6Im1pX2FzX2R1cl8zNDUwMTgzMDAzNDUxMDc3NDI4MDcyMTc4MTg1NjQxODA3OTE0MV8xXzBfMTYzNTkyNTM3OTQ3NSIsInBsYXllcnMiOlsidG9waWNzLWxlYWQtYXNzZXQiLCJ2aWRlby1nYWxsZXJ5IiwidmlkZW8tZ2FsbGVyeSIsInZpZGVvLWdhbGxlcnkiXX0=
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 343908
content-length: 42
last-modified: Thu, 28 Oct 2021 13:14:07 GMT
server: MI
etag: "2a-5cf697c4585c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 487817497, 511968408 431461547
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 171ms
171ms Image
image/gif 52.9.67.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=28&ntv_ui=71709236-d825-4634-9b1e-1d955c743a01&ntv_a=dvkGANlxPAa60QA&ntv_fl=CF4se3gYGjAPzQcMJoAeWWbgOhYpQs1rIkw9ABEyA9fxm6l_EBEWeUF7Zta2wzIcFwkztvSqy56rZdQitrva2LRFVN7vKkwbSiRisnhYpKn7ob2v4GRt7t7VwzK8LvisYU0GYw-YKlAGMk4ErHw18CQUbX1dPDeCkqJRmPIgxu5imI8_yfGlhr879HjMcvwg9PwtMioZ_EBD9OmQVA3NDg==&ord=1955224166&ntv_ht=hD2CYQA&ntv_it
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:01 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 MuLuMbfj
pbs.twimg.com/card_img/1455644446360576006/ Frame 5512 57 KB
57 KB 235ms
107ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455644446360576006/MuLuMbfj?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CFA) /

Resource Hash

502fcd0d82b0c00f261878f57845d8f3d73569c048cd064c15012a044d9b79e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 37716
x-cache: MISS
content-length: 58409
x-response-time: 260
surrogate-key: card_img card_img/bucket/8 card_img/1455644446360576006
last-modified: Tue, 02 Nov 2021 21:12:15 GMT
server: ECS (mil/6CFA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 17c0de0cba8fc8de6ec88509f0aad94d44b6106ee765ba12c793dd1ac5f6fd7e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Oe8ofAcU
pbs.twimg.com/card_img/1453696995223392258/ Frame 5512 51 KB
51 KB 250ms
122ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1453696995223392258/Oe8ofAcU?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF2) /

Resource Hash

8c4daf8f989d6161c8b5dd795c0691f275a2ddda06b50e2df90085468709e2c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 40555
x-cache: MISS
content-length: 52407
x-response-time: 271
surrogate-key: card_img card_img/bucket/7 card_img/1453696995223392258
last-modified: Thu, 28 Oct 2021 12:13:46 GMT
server: ECS (mil/6CF2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1481dae61d626c2dd8dbe183b0d4643f50b5b8ea73935af7b4f7177fd8102367
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1VuOrL70
pbs.twimg.com/card_img/1455710759778934786/ Frame 5512 38 KB
38 KB 187ms
60ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455710759778934786/1VuOrL70?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF5) /

Resource Hash

f3f3b30a77d44ee72afa7c236f7b07a2263dafc6503dda3e5a1ba24894ea91c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 21905
x-cache: MISS
content-length: 39008
x-response-time: 244
surrogate-key: card_img card_img/bucket/9 card_img/1455710759778934786
last-modified: Wed, 03 Nov 2021 01:35:45 GMT
server: ECS (mil/6CF5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7f81cabd0ef6184d9d4ec00470e98f4de0ed1a46a73ec95429ee1fc95e9b073a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 kjphbkC4
pbs.twimg.com/card_img/1455702860667269125/ Frame 5512 47 KB
48 KB 201ms
74ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455702860667269125/kjphbkC4?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE0) /

Resource Hash

57b6db57c9ca9a6c53724bfdc84d0d8648f5a1b8bf9e8de286b25b31b8b63382

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 23791
x-cache: MISS
content-length: 48465
x-response-time: 259
surrogate-key: card_img card_img/bucket/8 card_img/1455702860667269125
last-modified: Wed, 03 Nov 2021 01:04:22 GMT
server: ECS (mil/6CE0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c77b17692b2c2f2f4ae30e352fe77571a0e5eb90e7b4549b4f635447c4266c01
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 f2HD7Maz
pbs.twimg.com/card_img/1455701105887825923/ Frame 5512 32 KB
32 KB 249ms
123ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455701105887825923/f2HD7Maz?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE5) /

Resource Hash

c52f5b80a9d75b30e5481206f52a04ff602e5738656efba624297a4653779cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 24198
x-cache: MISS
content-length: 33076
x-response-time: 248
surrogate-key: card_img card_img/bucket/9 card_img/1455701105887825923
last-modified: Wed, 03 Nov 2021 00:57:23 GMT
server: ECS (mil/6CE5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c0d37905e60bdcb761cd6e01826fbb77a7e0262b4f2022f2480db31847fd31f8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 4hGi0VUW
pbs.twimg.com/card_img/1455696706943823878/ Frame 5512 38 KB
38 KB 249ms
122ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455696706943823878/4hGi0VUW?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF5) /

Resource Hash

f3f3b30a77d44ee72afa7c236f7b07a2263dafc6503dda3e5a1ba24894ea91c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 25262
x-cache: MISS
content-length: 39008
x-response-time: 245
surrogate-key: card_img card_img/bucket/1 card_img/1455696706943823878
last-modified: Wed, 03 Nov 2021 00:39:55 GMT
server: ECS (mil/6CF5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3f6b9e2ee7407d7cf384a2e561a24e054fd984c222f97b491460c8bd55118728
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Mo3uHH15
pbs.twimg.com/card_img/1455654690964840450/ Frame 5512 43 KB
43 KB 123ms
122ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455654690964840450/Mo3uHH15?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE0) /

Resource Hash

87de085931782f09af6fad8d9f7bf668a5e9f3e06b8818f9a4f42b82a815c51f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 35272
x-cache: MISS
content-length: 44172
x-response-time: 248
surrogate-key: card_img card_img/bucket/3 card_img/1455654690964840450
last-modified: Tue, 02 Nov 2021 21:52:57 GMT
server: ECS (mil/6CE0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7d59aa92da8e35387e180ca6809b0d50f8c50e1ad46f6fa3e31b1b1e5d7524d0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 g588_9j3
pbs.twimg.com/card_img/1454495814303297538/ Frame 5512 18 KB
19 KB 123ms
122ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1454495814303297538/g588_9j3?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEB) /

Resource Hash

b288699d3534c5d5187dd2270be54f41a162ac829654c182736163d040207a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 14361
x-cache: MISS
content-length: 18917
x-response-time: 256
surrogate-key: card_img card_img/bucket/3 card_img/1454495814303297538
last-modified: Sat, 30 Oct 2021 17:08:00 GMT
server: ECS (mil/6CEB)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5f43710d2712f0284314d932e3d5e0036b2f4b7e6e02691c273955fdd02750ad
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Pg1m_fkS
pbs.twimg.com/card_img/1455675651458048012/ Frame 5512 29 KB
30 KB 123ms
122ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455675651458048012/Pg1m_fkS?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE2) /

Resource Hash

34d81e13afe7828df2aa0f688904ee4f985ebe863c1b660ef6e0e9bd5c7505ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 30278
x-cache: MISS
content-length: 30203
x-response-time: 245
surrogate-key: card_img card_img/bucket/1 card_img/1455675651458048012
last-modified: Tue, 02 Nov 2021 23:16:15 GMT
server: ECS (mil/6CE2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a13a44940d18c4033eb77dc3294e78c4eec14413e11453ef822a89c7c2b81c7a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 KsIebHQs
pbs.twimg.com/card_img/1455669826006003717/ Frame 5512 37 KB
37 KB 124ms
123ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455669826006003717/KsIebHQs?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF0) /

Resource Hash

8c4714d7e28938a6daf60044c1f7b588416f034f1015deb9bedcb7014df420bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 31663
x-cache: MISS
content-length: 37383
x-response-time: 270
surrogate-key: card_img card_img/bucket/6 card_img/1455669826006003717
last-modified: Tue, 02 Nov 2021 22:53:06 GMT
server: ECS (mil/6CF0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 247a39059d4ad9a899a203349edf00bcbd0c22fa4149923dcbb724da04a84c74
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 9oLB8Oql
pbs.twimg.com/card_img/1455273255317745678/ Frame 5512 27 KB
27 KB 125ms
124ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455273255317745678/9oLB8Oql?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEB) /

Resource Hash

300100eb8bc995f8bb0d936532aad21d8786632360afd5d26bda598d4cfb3cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 125046
x-cache: MISS
content-length: 27885
x-response-time: 239
surrogate-key: card_img card_img/bucket/5 card_img/1455273255317745678
last-modified: Mon, 01 Nov 2021 20:37:16 GMT
server: ECS (mil/6CEB)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b9be549ead833c2266aa339bd5f8cb92391316eebdce8d9c3e996ed3fa1212e0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 WYdESbAJ
pbs.twimg.com/card_img/1455651272930078725/ Frame 5512 39 KB
39 KB 124ms
123ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455651272930078725/WYdESbAJ?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE6) /

Resource Hash

fe86bb68f8e8b3dab1d9feb0bb9ca182dd05260e98db81cebc7e9ae95cc57e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 36092
x-cache: MISS
content-length: 39454
x-response-time: 265
surrogate-key: card_img card_img/bucket/1 card_img/1455651272930078725
last-modified: Tue, 02 Nov 2021 21:39:22 GMT
server: ECS (mil/6CE6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 00d890940171bbda6ce92041abe096534aa5082221b2d245e100fd7ed26386d4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Kqx6addH
pbs.twimg.com/card_img/1455639939484373002/ Frame 5512 51 KB
52 KB 124ms
123ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455639939484373002/Kqx6addH?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CED) /

Resource Hash

8a6bdbdb4f24dfca582bd24715d3f2d70fce8b5518c28c36ec524b90ecdcea84

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 38714
x-cache: MISS
content-length: 52558
x-response-time: 494
surrogate-key: card_img card_img/bucket/3 card_img/1455639939484373002
last-modified: Tue, 02 Nov 2021 20:54:20 GMT
server: ECS (mil/6CED)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 11067b074af862eca3f5a78a6bd25f1e91a6902618da147c56b801e9e45f77fc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 6QgFxb0A
pbs.twimg.com/card_img/1454996906099232768/ Frame 5512 68 KB
68 KB 124ms
123ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1454996906099232768/6QgFxb0A?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEB) /

Resource Hash

274c58761f7b792ba980d8dbe84aca2406ac0aae4484b8a76b66e3096b68d4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 38913
x-cache: MISS
content-length: 69282
x-response-time: 492
surrogate-key: card_img card_img/bucket/1 card_img/1454996906099232768
last-modified: Mon, 01 Nov 2021 02:19:09 GMT
server: ECS (mil/6CEB)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6fd6aca6a74540b04b8dc86be7702226121389cb9703d9ac3eb70b380a466807
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 JTEkrE5a
pbs.twimg.com/card_img/1455626354582491147/ Frame 5512 48 KB
49 KB 124ms
124ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455626354582491147/JTEkrE5a?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF6) /

Resource Hash

413bce551d98e74c8a59b0f7bcfa8fdbcf8b8b5ed8b6085e706349ea8b1e9ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 41527
x-cache: MISS
content-length: 49462
x-response-time: 283
surrogate-key: card_img card_img/bucket/4 card_img/1455626354582491147
last-modified: Tue, 02 Nov 2021 20:00:21 GMT
server: ECS (mil/6CF6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9934c04a57bfbb46bdc0dfc02a0ead36e36dbf9723d1a9c4de6ecea97ae0775f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aKD1rSGk
pbs.twimg.com/card_img/1455620127932755978/ Frame 5512 51 KB
51 KB 123ms
123ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455620127932755978/aKD1rSGk?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE2) /

Resource Hash

78c516fa3cb577eca665e0c03dccf47b424bb6401cd59fc920ec5b3d88a412b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 43031
x-cache: MISS
content-length: 51897
x-response-time: 251
surrogate-key: card_img card_img/bucket/0 card_img/1455620127932755978
last-modified: Tue, 02 Nov 2021 19:35:37 GMT
server: ECS (mil/6CE2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 43d5ec9101bed70329605b822b80dcf82fa0cc7dd2b28172f6afb993d8914096
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Lm94D28k
pbs.twimg.com/card_img/1455614480658935808/ Frame 5512 22 KB
22 KB 123ms
122ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455614480658935808/Lm94D28k?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE0) /

Resource Hash

03185121c815794d962dddd42172add14de820ac83847fe23f7884a757534357

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 44626
x-cache: MISS
content-length: 22170
x-response-time: 242
surrogate-key: card_img card_img/bucket/6 card_img/1455614480658935808
last-modified: Tue, 02 Nov 2021 19:13:10 GMT
server: ECS (mil/6CE0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7a6f419be70409c88a8fd58c45bcc34f40f00d6b5fa720e9fe94ff4cb2e8e2dc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 zRJCbgua
pbs.twimg.com/card_img/1455613933369413636/ Frame 5512 45 KB
45 KB 125ms
124ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455613933369413636/zRJCbgua?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEC) /

Resource Hash

fe2e600258b5a37a0764c40321822737bf361d297bae0836513c519b4c8b80ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 44626
x-cache: MISS
content-length: 45589
x-response-time: 253
surrogate-key: card_img card_img/bucket/9 card_img/1455613933369413636
last-modified: Tue, 02 Nov 2021 19:11:00 GMT
server: ECS (mil/6CEC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e37c3d438c4ffc3948aed4f5bc247714ae4a2e92b6482b41e4f01d1509d50602
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 5512 53 KB
12 KB 39ms
39ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:49 GMT
Server: ECS (mil/6CE4)
Age: 1071666
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 38ms
38ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:31:49 GMT
Server: ECS (mil/6CE4)
Age: 1071666
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 0m_1sN3p_normal.jpg
pbs.twimg.com/profile_images/882680002872868865/ Frame 5512 2 KB
2 KB 47ms
46ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/882680002872868865/0m_1sN3p_normal.jpg

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CDF) /

Resource Hash

d8d48749f44f5aa145e8ab70199566c7f6077a84229adc58dc9436c244e0e864

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 526071
x-cache: HIT
content-length: 2035
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/4 profile_images/882680002872868865
last-modified: Wed, 05 Jul 2017 19:16:06 GMT
server: ECS (mil/6CDF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4d48a7f88c4f30b1dec72c06c1d5b35e6dba9b12247c57ef7eda2b15f82dfea2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 5512 44 KB
7 KB 85ms
19ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501716
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 84f73aff3254d7a103d26edf86d09c38599ba51dff5ce22ad452430996578200
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 10 Nov 2021 07:43:01 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 89ms
24ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501716
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 84f73aff3254d7a103d26edf86d09c38599ba51dff5ce22ad452430996578200
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 10 Nov 2021 07:43:01 GMT

GET
DATA 200
OK truncated
/ Frame 5512 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5512 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5512 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5512 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5512 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 MuLuMbfj
pbs.twimg.com/card_img/1455644446360576006/ Frame 5512 57 KB
57 KB 64ms
63ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455644446360576006/MuLuMbfj?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CFA) /

Resource Hash

502fcd0d82b0c00f261878f57845d8f3d73569c048cd064c15012a044d9b79e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 37716
x-cache: HIT
content-length: 58409
x-response-time: 260
surrogate-key: card_img card_img/bucket/8 card_img/1455644446360576006
last-modified: Tue, 02 Nov 2021 21:12:15 GMT
server: ECS (mil/6CFA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 17c0de0cba8fc8de6ec88509f0aad94d44b6106ee765ba12c793dd1ac5f6fd7e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Pg1m_fkS
pbs.twimg.com/card_img/1455675651458048012/ Frame 5512 29 KB
30 KB 57ms
56ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455675651458048012/Pg1m_fkS?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE2) /

Resource Hash

34d81e13afe7828df2aa0f688904ee4f985ebe863c1b660ef6e0e9bd5c7505ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 30278
x-cache: HIT
content-length: 30203
x-response-time: 245
surrogate-key: card_img card_img/bucket/1 card_img/1455675651458048012
last-modified: Tue, 02 Nov 2021 23:16:15 GMT
server: ECS (mil/6CE2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a13a44940d18c4033eb77dc3294e78c4eec14413e11453ef822a89c7c2b81c7a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 KsIebHQs
pbs.twimg.com/card_img/1455669826006003717/ Frame 5512 37 KB
37 KB 48ms
48ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455669826006003717/KsIebHQs?format=jpg&name=600x314

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF0) /

Resource Hash

8c4714d7e28938a6daf60044c1f7b588416f034f1015deb9bedcb7014df420bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 31663
x-cache: HIT
content-length: 37383
x-response-time: 270
surrogate-key: card_img card_img/bucket/6 card_img/1455669826006003717
last-modified: Tue, 02 Nov 2021 22:53:06 GMT
server: ECS (mil/6CF0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 247a39059d4ad9a899a203349edf00bcbd0c22fa4149923dcbb724da04a84c74
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 push.2afa68fefaf204b663f9.js Show response
www.heraldsun.com/static/yozons-lib/ 1 KB
1000 B 41ms
40ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/push.2afa68fefaf204b663f9.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6a0f0b33a5e5a24ffe67a8aab5ce03bc17c2550a2fee3a2436502ac057a97845

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2196
content-length: 627
last-modified: Mon, 01 Nov 2021 18:10:23 GMT
server: MI
etag: W/"598-5cfbe172b41c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 538491805 531676862
access-control-allow-origin: *
cache-control: max-age=472148
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 pageLoad.3883199f4cac4bf87f53.js Show response
www.heraldsun.com/static/yozons-lib/ 685 B
749 B 41ms
40ms Script
application/javascript 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/pageLoad.3883199f4cac4bf87f53.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8a85f61ee87547f1b4af5a23991e0cd010ea7802b6f35837e106039c82d3ffe2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2196
content-length: 368
last-modified: Mon, 01 Nov 2021 18:10:23 GMT
server: MI
etag: W/"2ad-5cfbe172b41c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 483602576, 541525090 537606021
access-control-allow-origin: *
cache-control: max-age=472166
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
256 B 340ms
102ms XHR
application/json 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-59-199.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: df787fcc9134ab1eb6b66f9c0284ae4e470d5e8dfa6115c1978e182cf7352850

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:01 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.heraldsun.com
Connection: keep-alive
Content-Length: 22

GET
H2 200 pdp.gif
www.heraldsun.com/static/yozons-lib/ 42 B
387 B 154ms
154ms Image
image/gif 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX2R1cl8zNDUwMTgzMDAzNDUxMDc3NDI4MDcyMTc4MTg1NjQxODA3OTE0MV8xXzBfMTYzNTkyNTM3OTQ3NSIsImxvYWRFdmVudFN0YXJ0Ijo0MDI0fQ==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 343909
content-length: 42
last-modified: Thu, 28 Oct 2021 13:14:07 GMT
server: MI
etag: "2a-5cf697c4585c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 567553474 487817498
access-control-allow-origin: *
cache-control: max-age=604796
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 9oLB8Oql
pbs.twimg.com/card_img/1455273255317745678/ Frame 5512 27 KB
27 KB 37ms
37ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455273255317745678/9oLB8Oql?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEB) /

Resource Hash

300100eb8bc995f8bb0d936532aad21d8786632360afd5d26bda598d4cfb3cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 125046
x-cache: HIT
content-length: 27885
x-response-time: 239
surrogate-key: card_img card_img/bucket/5 card_img/1455273255317745678
last-modified: Mon, 01 Nov 2021 20:37:16 GMT
server: ECS (mil/6CEB)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b9be549ead833c2266aa339bd5f8cb92391316eebdce8d9c3e996ed3fa1212e0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame BA59 98 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: jf2UAhJU9Up0ATjRvQjSOLROecHksUouXYLMb05buE3b4QJNy+yR53P0x7V6qULUgoGmELneIUqyaNx4S8Nudg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Nov 2021 07:43:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a-01dx.min.js Show response
b-code.liadm.com/ Frame 6F6E 26 KB
10 KB 122ms
9ms Script
application/javascript 2600:9000:225e:e200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01dx.min.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ZIO-Http /
Resource Hash: f362e31bb2ec73bdaad781622797baebbafa3b24417d6f83567049ef64be6cee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 10:15:22 GMT
via: 1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
server: ZIO-Http
age: 77259
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P4
content-encoding: gzip
x-amz-cf-id: lGj6f060i1FQw7Sq33YrVa--N6R58bmEvTsnt3zHmKb5VJcSxfP5zQ==

GET
H2 200 m
secure-us.imrworldwide.com/cgi-bin/ Frame 76BF 44 B
369 B 133ms
35ms Image
image/gif 34.242.140.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldsun.com/&rp=&ts=compact&rnd=1635925380050
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.140.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-140-187.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:01 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ Frame C8B8 13 KB
5 KB 421ms
105ms Script
text/javascript 3.223.38.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.38.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-38-51.compute-1.amazonaws.com
Software: /
Resource Hash: e0b7bade287eaa6a9fd61ad0a8a033c6ce1ce3aac5cdffb1d75834235d30bf2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 03 Nov 2021 07:43:01 GMT
Content-Encoding: gzip
Cache-Control: max-age=30
Content-Length: 4439
Connection: keep-alive
Content-Type: text/javascript

GET
H2 200 quant.js Show response
edge.quantserve.com/ Frame EC79 24 KB
10 KB 60ms
11ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1e823139c936c952f54399a49096579a951e55baab2d0949e2f307163aac68a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
content-encoding: gzip
etag: "A9gdT3Vacr8A76JEThCwlA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 10 Nov 2021 07:43:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame FC35 48 KB
20 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 6115
date: Wed, 03 Nov 2021 06:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 03 Nov 2021 08:01:06 GMT

GET
H2 200 Mo3uHH15
pbs.twimg.com/card_img/1455654690964840450/ Frame 5512 43 KB
43 KB 37ms
37ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455654690964840450/Mo3uHH15?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE0) /

Resource Hash

87de085931782f09af6fad8d9f7bf668a5e9f3e06b8818f9a4f42b82a815c51f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 35272
x-cache: HIT
content-length: 44172
x-response-time: 248
surrogate-key: card_img card_img/bucket/3 card_img/1455654690964840450
last-modified: Tue, 02 Nov 2021 21:52:57 GMT
server: ECS (mil/6CE0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7d59aa92da8e35387e180ca6809b0d50f8c50e1ad46f6fa3e31b1b1e5d7524d0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 WYdESbAJ
pbs.twimg.com/card_img/1455651272930078725/ Frame 5512 39 KB
39 KB 37ms
37ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455651272930078725/WYdESbAJ?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE6) /

Resource Hash

fe86bb68f8e8b3dab1d9feb0bb9ca182dd05260e98db81cebc7e9ae95cc57e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 36092
x-cache: HIT
content-length: 39454
x-response-time: 265
surrogate-key: card_img card_img/bucket/1 card_img/1455651272930078725
last-modified: Tue, 02 Nov 2021 21:39:22 GMT
server: ECS (mil/6CE6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 00d890940171bbda6ce92041abe096534aa5082221b2d245e100fd7ed26386d4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pdp.gif
www.heraldsun.com/static/yozons-lib/ 42 B
395 B 24ms
23ms Image
image/gif 104.111.219.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/static/yozons-lib/pdp.gif?y=eyJpZCI6Im1pX2FzX2R1cl8zNDUwMTgzMDAzNDUxMDc3NDI4MDcyMTc4MTg1NjQxODA3OTE0MV8xXzBfMTYzNTkyNTM3OTQ3NSIsImRlcHIiOiJnZXRDb25maWcifQ==
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-128.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 343907
content-length: 42
last-modified: Thu, 28 Oct 2021 13:14:07 GMT
server: MI
etag: "2a-5cf697c4585c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 487817497, 499382597 431461547
access-control-allow-origin: *
cache-control: max-age=604798
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 307 KB
56 KB 967ms
939ms Script
application/javascript 18.66.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EbIhwK3LhS0bltuKbOjjuqjHrlSHz8gkiFoR
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/push.2afa68fefaf204b663f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25181b484924129992dc3e8af87de5891c808fb9e686ff81fd0042a59b6196ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:03 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 05:25:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: W/"233ec73ece1270f8b2ffa7b9915775d6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 fb49d852ca52c03c834ce98098b51517.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: ksgqZxdWXEGP9GCTo8Y0JOvbkxcV8Cji5Y2oPJjVnEt92Z5riFK50Q==

GET
H2 200 Kqx6addH
pbs.twimg.com/card_img/1455639939484373002/ Frame 5512 51 KB
52 KB 37ms
37ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455639939484373002/Kqx6addH?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CED) /

Resource Hash

8a6bdbdb4f24dfca582bd24715d3f2d70fce8b5518c28c36ec524b90ecdcea84

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 38714
x-cache: HIT
content-length: 52558
x-response-time: 494
surrogate-key: card_img card_img/bucket/3 card_img/1455639939484373002
last-modified: Tue, 02 Nov 2021 20:54:20 GMT
server: ECS (mil/6CED)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 11067b074af862eca3f5a78a6bd25f1e91a6902618da147c56b801e9e45f77fc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 6QgFxb0A
pbs.twimg.com/card_img/1454996906099232768/ Frame 5512 68 KB
68 KB 38ms
38ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1454996906099232768/6QgFxb0A?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEB) /

Resource Hash

274c58761f7b792ba980d8dbe84aca2406ac0aae4484b8a76b66e3096b68d4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 38913
x-cache: HIT
content-length: 69282
x-response-time: 492
surrogate-key: card_img card_img/bucket/1 card_img/1454996906099232768
last-modified: Mon, 01 Nov 2021 02:19:09 GMT
server: ECS (mil/6CEB)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6fd6aca6a74540b04b8dc86be7702226121389cb9703d9ac3eb70b380a466807
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1081709588515684 Show response
connect.facebook.net/signals/config/ Frame BA59 306 KB
88 KB 369ms
369ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1081709588515684?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

998a514f72273fa452fce9ac033610a54745edbb5c9e0a8db24d0baad7389051

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: /E8nWm+I9CHR8ygXhw/2T3cKrOxSj2p6fAxcG34kFVmxWOMCG+fDiRVc8/bBN9hWbmnwom1mq7C9TWErGUY0uQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Nov 2021 07:43:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 JTEkrE5a
pbs.twimg.com/card_img/1455626354582491147/ Frame 5512 48 KB
48 KB 39ms
38ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455626354582491147/JTEkrE5a?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF6) /

Resource Hash

413bce551d98e74c8a59b0f7bcfa8fdbcf8b8b5ed8b6085e706349ea8b1e9ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 41527
x-cache: HIT
content-length: 49462
x-response-time: 283
surrogate-key: card_img card_img/bucket/4 card_img/1455626354582491147
last-modified: Tue, 02 Nov 2021 20:00:21 GMT
server: ECS (mil/6CF6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9934c04a57bfbb46bdc0dfc02a0ead36e36dbf9723d1a9c4de6ecea97ae0775f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aKD1rSGk
pbs.twimg.com/card_img/1455620127932755978/ Frame 5512 51 KB
51 KB 38ms
37ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455620127932755978/aKD1rSGk?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE2) /

Resource Hash

78c516fa3cb577eca665e0c03dccf47b424bb6401cd59fc920ec5b3d88a412b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 43031
x-cache: HIT
content-length: 51897
x-response-time: 251
surrogate-key: card_img card_img/bucket/0 card_img/1455620127932755978
last-modified: Tue, 02 Nov 2021 19:35:37 GMT
server: ECS (mil/6CE2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 43d5ec9101bed70329605b822b80dcf82fa0cc7dd2b28172f6afb993d8914096
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ Frame EC79 1 KB
1 KB 36ms
7ms Script
application/javascript 2600:9000:223c:e600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:09:18 GMT
content-encoding: gzip
age: 2048
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 26 Mar 2018 17:43:26 GMT
server: AmazonS3
etag: W/"eeeb10fbb8e6fc7fff11277347add08a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 59d5785a1d012a54118141e7e216a493.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: p2o1EXwmc0r7jnzZUz80vQ8UMTcvmgZz02thncOBrpMEccW3RazxIg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame FC35 4 B
211 B 25ms
24ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=563269892&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldsun.com%2F&dh=heraldsun.com&ul=en-us&de=UTF-8&dt=Home%3AHomepage&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YFBAAAABCAAAAC~&jid=82208788&gjid=1826352275&cid=88910929.1635925382&tid=UA-89824220-1&_gid=623636450.1635925382&_r=1&_slc=1&cd1=DUR&cd2=Durham%20Herald%20Sun&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd5=&cd6=Homepage&cd8=&cd9=&cd10=&cd14=&cd15=&cg1=Durham%20Herald%20Sun&cg2=Homepage&z=35198359

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldsun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Lm94D28k
pbs.twimg.com/card_img/1455614480658935808/ Frame 5512 22 KB
22 KB 38ms
37ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455614480658935808/Lm94D28k?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE0) /

Resource Hash

03185121c815794d962dddd42172add14de820ac83847fe23f7884a757534357

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 44626
x-cache: HIT
content-length: 22170
x-response-time: 242
surrogate-key: card_img card_img/bucket/6 card_img/1455614480658935808
last-modified: Tue, 02 Nov 2021 19:13:10 GMT
server: ECS (mil/6CE0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7a6f419be70409c88a8fd58c45bcc34f40f00d6b5fa720e9fe94ff4cb2e8e2dc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 zRJCbgua
pbs.twimg.com/card_img/1455613933369413636/ Frame 5512 45 KB
45 KB 41ms
41ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1455613933369413636/zRJCbgua?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEC) /

Resource Hash

fe2e600258b5a37a0764c40321822737bf361d297bae0836513c519b4c8b80ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
age: 44626
x-cache: HIT
content-length: 45589
x-response-time: 253
surrogate-key: card_img card_img/bucket/9 card_img/1455613933369413636
last-modified: Tue, 02 Nov 2021 19:11:00 GMT
server: ECS (mil/6CEC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e37c3d438c4ffc3948aed4f5bc247714ae4a2e92b6482b41e4f01d1509d50602
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame FC35 4 B
444 B 75ms
22ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-89824220-1&cid=88910929.1635925382&jid=82208788&gjid=1826352275&_gid=623636450.1635925382&_u=YFBAAAAACAAAAC~&z=1613015311

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Nov 2021 07:43:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldsun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1405832354;labels=DUR;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.heraldsun.com%2F;uht=2;fpan=1;fpa=P0-1901760091-1635925381653;pbc=;ns=1;ce=1;qjs=1;qv=849e8a8d-20211101195550;cm=;gdpr=0;u...
pixel.quantserve.com/ Frame EC79 35 B
372 B 16ms
16ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1405832354;labels=DUR;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.heraldsun.com%2F;uht=2;fpan=1;fpa=P0-1901760091-1635925381653;pbc=;ns=1;ce=1;qjs=1;qv=849e8a8d-20211101195550;cm=;gdpr=0;us_privacy=1---;ref=;d=heraldsun.com;je=0;sr=1600x1200x24;dst=0;et=1635925381653;tzo=0;ogl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ Frame 6F6E 6 KB
3 KB 12ms
11ms Script
application/javascript 2600:9000:225e:e200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01dx.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 05 Oct 2021 19:23:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 16:15:01 GMT
server: AmazonS3
age: 2463583
etag: W/"ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: CQKQeFXs_ero.dSxGj8yyrCkT6TzPcRS
via: 1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-type: application/javascript
x-amz-cf-id: DZ0aWAL34x-REG06Lo-WtVR_aYTak4t8dY6x6-921zJU-E76xN4czQ==

GET
H2 200 ga-audiences
www.google.com/ads/ Frame FC35 42 B
283 B 21ms
20ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-89824220-1&cid=88910929.1635925382&jid=82208788&_u=YFBAAAAACAAAAC~&z=566169946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame FC35 42 B
501 B 67ms
28ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-89824220-1&cid=88910929.1635925382&jid=82208788&_u=YFBAAAAACAAAAC~&z=566169946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/ Frame 6F6E
Redirect Chain

https://rp.liadm.com/j?tna=v2.1.0&aid=a-01dx&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.heraldsun.com%2F&c=PHRpdGxlPkxpdmVDb25uZWN0IFBpeGVsPC90aXRsZT4&duid=d8a7e464eac4--01fkjc0mhabs8vaq6v9...
https://rp4.liadm.com/j?tna=v2.1.0&aid=a-01dx&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.heraldsun.com%2F&c=PHRpdGxlPkxpdmVDb25uZWN0IFBpeGVsPC90aXRsZT4&duid=d8a7e464eac4--01fkjc0mhabs8vaq6v...

13 B
548 B

455ms
104ms

XHR
application/json

34.206.124.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?tna=v2.1.0&aid=a-01dx&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.heraldsun.com%2F&c=PHRpdGxlPkxpdmVDb25uZWN0IFBpeGVsPC90aXRsZT4&duid=d8a7e464eac4--01fkjc0mhabs8vaq6v99v7pgyv&se=e30&dtstmp=1635925381789&i6=MjAwMTphYzg6MzY6NjoyMDg6OjE%3D&n3pc=true

Protocol

Server

34.206.124.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-124-188.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:02 GMT
x-pixel-event-id: ea54a4a2-0c99-4a50-bc96-ae0707289887
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
request-time: 1
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Wed, 03 Nov 2021 07:43:02 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?tna=v2.1.0&aid=a-01dx&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.heraldsun.com%2F&c=PHRpdGxlPkxpdmVDb25uZWN0IFBpeGVsPC90aXRsZT4&duid=d8a7e464eac4--01fkjc0mhabs8vaq6v99v7pgyv&se=e30&dtstmp=1635925381789&i6=MjAwMTphYzg6MzY6NjoyMDg6OjE%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.heraldsun.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 163ms
163ms Image
image/gif 52.9.67.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=47&ntv_ui=71709236-d825-4634-9b1e-1d955c743a01&ntv_a=dvkGANlxPAa60QA&ntv_fl=CF4se3gYGjAPzQcMJoAeWWbgOhYpQs1rIkw9ABEyA9fxm6l_EBEWeUF7Zta2wzIcFwkztvSqy56rZdQitrva2LRFVN7vKkwbSiRisnhYpKn7ob2v4GRt7t7VwzK8LvisYU0GYw-YKlAGMk4ErHw18CQUbX1dPDeCkqJRmPIgxu5imI8_yfGlhr879HjMcvwg9PwtMioZ_EBD9OmQVA3NDg==&ord=1659287498&ntv_ht=hD2CYQA&ntv_tad=16&ntv_ift=0&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:02 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ Frame C8B8 65 B
292 B 103ms
103ms Stylesheet
text/css 3.223.38.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.38.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-38-51.compute-1.amazonaws.com
Software: /
Resource Hash: e29d7bb00bfd476c8ea954a08561171adb6623ce537e203f2c720ffd67b48374

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 03 Nov 2021 07:43:02 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ Frame C8B8 0
881 B 412ms
102ms Fetch
image/jpeg 3.223.38.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.38.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-38-51.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 03 Nov 2021 07:43:02 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 /
www.facebook.com/tr/ Frame BA59 44 B
243 B 10ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com%2F&rl=&if=true&ts=1635925382065&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1635925382064.1290805475&it=1635925381581&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Nov 2021 07:43:02 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame BA59 44 B
101 B 10ms
10ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com%2F&rl=&if=true&ts=1635925382069&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1635925382064.1290805475&it=1635925381581&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Nov 2021 07:43:02 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ Frame C8B8 94 B
399 B 106ms
106ms XHR
text/plain 3.223.38.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=hXFHelqg_0qGLqDaoIkgLQ&is_js=true&landing_url=https%3A%2F%2Fwww.heraldsun.com&t=StackAdapt%20Pixel&host=https://www.heraldsun.com&sa_conv_data_css_value=%20%220-5cf5d457-0cfc-48ab-63a3-b1241d72c1d1%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9424c180a4f4246a356a85007b4f1d8ecc2246c14
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.38.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-38-51.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:02 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.heraldsun.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H2 200 pushly-sdk.min.css
cdn.p-n.io/ 26 KB
2 KB 10ms
10ms Stylesheet
text/css 18.66.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.css?domain_key=EbIhwK3LhS0bltuKbOjjuqjHrlSHz8gkiFoR
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EbIhwK3LhS0bltuKbOjjuqjHrlSHz8gkiFoR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:02 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 15:59:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: W/"f78fe2b0b79df0619d393cfc42450ddf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 fb49d852ca52c03c834ce98098b51517.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-id: WGKqT5Mtoh3L_zHCmjm0Tv4gkVHQAEo3N3Y-Kgi4XiuxFPnwk6NBAQ==

GET
H/1.1 200
OK a-01dx Show response
i.liadm.com/s/c/ Frame 2C99 1 KB
1 KB 470ms
164ms Document
text/html 52.0.240.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-01dx?s=&cim=&ps=true&ls=true&duid=d8a7e464eac4--01fkjc0mhabs8vaq6v99v7pgyv&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.240.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-240-240.compute-1.amazonaws.com

Software

Resource Hash

a71e55db1e9512c120f7813186c25488aa9efcea59633a6143bd1860cc86fe43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/

Response headers

Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Nov 2021 07:43:02 GMT
ETag: 1.61803398874
Strict-Transport-Security: max-age=31536000; includeSubDomains
trace-id: a56e516964bf74ff
Vary: Accept-Encoding
Content-Length: 664
Connection: keep-alive

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 20C2
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
572 B

37ms
37ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CDE) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.heraldsun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1071665
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Nov 2021 07:43:02 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 18 Oct 2021 18:33:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CDE)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Wed, 03 Nov 2021 07:43:02 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Wed, 03 Nov 2021 07:43:02 GMT
x-transaction: 6da8cd53d03acd31
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 139
x-connection-hash: d56ed99692c7765d5f2de42bab25851a8dc1c1b1a84c152d9c78e1eb39a0451e

GET
H/1.1

200
OK

0cf3ab74d1d248e68c8ea8a9d28fd6cb
i.liadm.com/s/e/a-01dx/0/ Frame 2C99
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-01dx/0/0cf3ab74d1d248e68c8ea8a9d28fd6cb?mpid%3D7156%26muid%3D%5BMM_UUID%5D&c7c6212c-043a-4d83-91ca-394be900843a&us_priva...
https://i.liadm.com/s/e/a-01dx/0/0cf3ab74d1d248e68c8ea8a9d28fd6cb?mpid=7156&muid=af556182-3d87-4700-ad93-9700decfb6cb

43 B
285 B

175ms
98ms

Image
image/gif

52.0.240.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-01dx/0/0cf3ab74d1d248e68c8ea8a9d28fd6cb?mpid=7156&muid=af556182-3d87-4700-ad93-9700decfb6cb

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01dx?s=&cim=&ps=true&ls=true&duid=d8a7e464eac4--01fkjc0mhabs8vaq6v99v7pgyv&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&

Protocol

HTTP/1.1

Server

52.0.240.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-240-240.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:02 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 7c5cde7b80104880
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 07:43:03 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x1 config:unknown
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://i.liadm.com/s/e/a-01dx/0/0cf3ab74d1d248e68c8ea8a9d28fd6cb?mpid=7156&muid=af556182-3d87-4700-ad93-9700decfb6cb
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 03 Nov 2021 07:43:02 GMT

GET
H/1.1

200
OK

35759
i6.liadm.com/s/ Frame 2C99
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1---
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1---
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=7dacebd8-33e6-44fc-8d6b-fa6336ab83d6
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=7dacebd8-33e6-44fc-8d6b-fa6336ab83d6

43 B
447 B

201ms
97ms

Image
image/gif

2600:1f18:444a:4680:6bbe:49e:bc45:59
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=7dacebd8-33e6-44fc-8d6b-fa6336ab83d6

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:6bbe:49e:bc45:59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:03 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 02748da1cd579d0f
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=7dacebd8-33e6-44fc-8d6b-fa6336ab83d6
Date: Wed, 03 Nov 2021 07:43:03 GMT
Connection: keep-alive
trace-id: 4f36becfbe999742
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK ibs:dpid=127444&dpuuid=c7c6212c-043a-4d83-91ca-394be900843a&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01dx%2F0%2F0cf3ab74d1d248e68c8ea8a9d28fd6cb%3Fmpid=82775&muid=$%7BDD_UUID%7D
dpm.demdex.net/ Frame 2C99 42 B
943 B 33ms
32ms Image
image/gif 108.128.120.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=c7c6212c-043a-4d83-91ca-394be900843a&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01dx%2F0%2F0cf3ab74d1d248e68c8ea8a9d28fd6cb%3Fmpid=82775&muid=$%7BDD_UUID%7D?us_privacy=1---

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.120.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-120-92.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-088c7d1ad.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: IGM1323dQBU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 2C99
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c7c6212c-043a-4d83-91ca-394be900843a&us_privacy=1---
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c7c6212c-043a-4d83-91ca-394be900843a&us_privacy=1---&rd=Y

43 B
603 B

162ms
162ms

Image
image/gif

104.89.42.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c7c6212c-043a-4d83-91ca-394be900843a&us_privacy=1---&rd=Y

Requested by

Protocol

Server

104.89.42.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-42-102.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 07:43:03 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 03 Nov 2021 07:43:03 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c7c6212c-043a-4d83-91ca-394be900843a&us_privacy=1---&rd=Y
pragma: no-cache
date: Wed, 03 Nov 2021 07:43:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 03 Nov 2021 07:43:03 GMT

GET
H/1.1

200
OK

52176
i6.liadm.com/s/ Frame 2C99
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=c7c6212c-043a-4d83-91ca-394be900843a&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=c7c6212c-043a-4d83-91ca-394be900843a&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=52ddaf3e-5fdb-4f79-8606-2ef09d26f592
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=52ddaf3e-5fdb-4f79-8606-2ef09d26f592

43 B
447 B

302ms
98ms

Image
image/gif

2600:1f18:444a:4680:6bbe:49e:bc45:59
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=52ddaf3e-5fdb-4f79-8606-2ef09d26f592

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:6bbe:49e:bc45:59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:03 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: cb456939d6bac832
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=52ddaf3e-5fdb-4f79-8606-2ef09d26f592
Date: Wed, 03 Nov 2021 07:43:02 GMT
Connection: keep-alive
trace-id: 85ce289c70819025
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

52164
i.liadm.com/s/ Frame 2C99
Redirect Chain

https://x.bidswitch.net/sync?ssp=liveintent&user_id=c7c6212c-043a-4d83-91ca-394be900843a&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=c7c6212c-043a-4d83-91ca-394be900843a&us_privacy=1---
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=liveintent
https://x.bidswitch.net/sync?dsp_id=188&user_id=XPXUVwz8SKtjo7EkHXLB0cIkbBQ&user_group=1&ssp=liveintent
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=52ddaf3e-5fdb-4f79-8606-2ef09d26f592

43 B
447 B

106ms
106ms

Image
image/gif

52.0.240.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=52ddaf3e-5fdb-4f79-8606-2ef09d26f592

Requested by

Protocol

HTTP/1.1

Server

52.0.240.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-240-240.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 07:43:02 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 72af34d781dcde28
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: //i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=52ddaf3e-5fdb-4f79-8606-2ef09d26f592
Date: Wed, 03 Nov 2021 07:43:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 2C99 43 B
238 B 50ms
17ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/?us_privacy=1---
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01dx?s=&cim=&ps=true&ls=true&duid=d8a7e464eac4--01fkjc0mhabs8vaq6v99v7pgyv&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 03 Nov 2021 07:43:03 GMT
via: 1.1 varnish
server: nginx
x-timer: S1635925383.158609,VS0,VE9
x-served-by: cache-fra19152-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ Frame BA59 44 B
147 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=Microdata&dl=https%3A%2F%2Fwww.heraldsun.com%2F&rl=&if=true&ts=1635925383571&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Facebook%20Pixel%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1635925382064.1290805475&it=1635925381581&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldsun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:43:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Nov 2021 07:43:03 GMT

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 32ms
7ms Fetch 3.126.7.159

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EbIhwK3LhS0bltuKbOjjuqjHrlSHz8gkiFoR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.7.159 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 03 Nov 2021 07:43:06 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 30ms
7ms Fetch 3.126.7.159

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EbIhwK3LhS0bltuKbOjjuqjHrlSHz8gkiFoR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.7.159 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 03 Nov 2021 07:43:06 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-19 23:08:37	Name: _li_ss Value: MgUIBhDkEDIFCAoQ5BAyBQh-EOMQMgYIiwEQ5BAyBQgLEOQQMgUIDBDkEDIFCHkQ4xAyCQj_____BxDkEA
.demdex.net/	1970-01-20 02:44:37	Name: demdex Value: 34045413509609073950782104324530689554
.everesttech.net/	1970-01-20 07:11:01	Name: everest_g_v2 Value: g_surferid~YYI9gwAAAGbvXgQz
.dpm.demdex.net/	1970-01-20 02:44:37	Name: dpm Value: 34045413509609073950782104324530689554
.doubleclick.net/	1970-01-20 07:47:01	Name: IDE Value: AHWqTUkWLYwbK0cvwSM1oCbqhG-SVsX_39D5OROCVPDI52dfyZWjzj65Sbmqo3IhhPU
.casalemedia.com/	1970-01-20 07:11:01	Name: CMID Value: YYI9hMAmeP3zPTMgTyVS9QAA
.casalemedia.com/	1970-01-20 00:35:01	Name: CMPS Value: 5221
.casalemedia.com/	1970-01-20 00:35:01	Name: CMPRO Value: 1135
.casalemedia.com/	1970-01-19 22:26:51	Name: CMST Value: YYI9hGGCPYQA
.casalemedia.com/	1970-01-20 07:11:01	Name: CMRUM3 Value: 5861823d842760YYI9gwAAAGbvXgQz
.scorecardresearch.com/	1970-01-20 15:42:13	Name: UID Value: 1NQRZALRGBJKM0RPCTTCJDg1635925380
.adnxs.com/	1970-01-20 00:35:01	Name: uuid2 Value: 3448026062356305256
.adnxs.com/	1970-01-20 00:35:01	Name: anj Value: dTM7k!M4.FErk#WF']wIg2HbyH?pxJ!@wnfH)iR8PMp-v=0C#@ipaZqiJ%C+[DX8Z^^WQKAR48#DI2Z#DN>d])86xp#Ut=Q:+<QQyO3jzbc!!)P?=:I<
.heraldsun.com/	1970-01-20 15:56:37	Name: _sp_uid Value: Unregistered
.heraldsun.com/	1970-01-20 15:56:37	Name: _sp_id.b6e7 Value: 1be63d2ab4d6a14b.1635925380.1.1635925380.1635925380
.heraldsun.com/	1970-01-19 22:25:27	Name: _sp_ses.b6e7 Value: *
.openx.net/	1970-01-20 07:11:01	Name: i Value: ce0e7671-3886-473d-9287-f04a5b78fea7\|1635925380
.pubmatic.com/	1970-01-20 00:35:01	Name: KRTBCOOKIE_218 Value: 4056-YYI9gwAAAGbvXgQz&KRTB&22978-YYI9gwAAAGbvXgQz&KRTB&23194-YYI9gwAAAGbvXgQz&KRTB&23209-YYI9gwAAAGbvXgQz
.pubmatic.com/	1970-01-19 23:08:37	Name: PugT Value: 1635925380
.pubmatic.com/	1970-01-20 00:35:01	Name: PUBMDCID Value: 3
.heraldsun.com/	1970-01-19 22:25:32	Name: ak_bmsc Value: D4082B4F59EAF2ACCA669B0D29CB8345~000000000000000000000000000000~YAAQXbsQAg9X7t98AQAA2U3A5A0jgnB+p99XFGW9f2l8sR67d7saphTJTQsBawMvOmYbISAGSfv1d05g42X3HL8bdsxnb0/blL6j7/gYVt3aWM49Xu0eV0lrIkhMsM8J+4Ki5c5EwHTIn+2D12nAbKAiZmkppLulklz63pwIF/cvoranhNfNRrGRqArZ+iAehw822Ryk1SyKSEfcVQwIZjj7brzLJv2z5t8OZFQTD5HN+tlsg+T7EUGRyvOr1HcfBomTbQqFjpeeaW6OwpxkKvSfynL64z18J/X4/oJWGSiQC5MLz/IVQxdAoAN4c7Yv+aiBdulpVHQu8O7fMYiJoiMT8T6EgwZZQckVk528B9jabdelAttweoXCqSMLzeIH1QcIInAROO3FH5oLFEoIymJmmbOzJfsxVoqFbkEAu8rnR2OCMJexB0bSkxnTl16NUULJ8n3gvMQ2BEQ5mDVx52kIfzgn4muR9wZb8G/ZNU8ajgNDnluFCqBWHqFlvg==
.demdex.net/	1970-01-20 02:44:37	Name: dextp Value: 771-1-1635925379643\|144230-1-1635925379744\|144231-1-1635925379845\|144232-1-1635925380032\|144233-1-1635925380172\|144234-1-1635925380299\|144235-1-1635925380422\|144236-1-1635925380583\|144237-1-1635925380688
.spotxchange.com/	1970-01-20 07:11:05	Name: audience Value: ab78faa3-3c79-11ec-9385-1708f5200406
.postrelease.com/	1970-01-20 07:11:01	Name: opt_out Value: 1
.heraldsun.com/	1970-01-20 15:56:37	Name: _ga Value: GA1.2.88910929.1635925382
.heraldsun.com/	1970-01-19 22:26:51	Name: _gid Value: GA1.2.623636450.1635925382
.heraldsun.com/	1970-01-19 22:25:25	Name: _gat_gaheraldsun_UA-89824220-1 Value: 1
.heraldsun.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .heraldsun.com
.heraldsun.com/	1970-01-20 15:56:37	Name: _lc2_fpi Value: d8a7e464eac4--01fkjc0mhabs8vaq6v99v7pgyv
.quantserve.com/	1970-01-20 07:55:39	Name: mc Value: 61823d85-a35bf-eb79e-65138
.heraldsun.com/	1970-01-20 07:49:54	Name: __qca Value: P0-1901760091-1635925381653
tags.srv.stackadapt.com/	1970-01-20 07:11:01	Name: sa-user-id Value: s%3A0-5cf5d457-0cfc-48ab-63a3-b1241d72c1d1.L7ZBaPkQMxf%2BkIW1lpmtSAUpkCUWtJDGtrXGHERof5c
.heraldsun.com/	1970-01-20 00:35:01	Name: _fbp Value: fb.1.1635925382064.1290805475
.liadm.com/	1970-01-20 15:56:37	Name: lidid Value: c7c6212c-043a-4d83-91ca-394be900843a
www.heraldsun.com/	1970-01-19 22:25:25	Name: _liChk Value: 0.8607528468962369
.bidswitch.net/	1970-01-20 07:11:01	Name: c Value: 1635925383
.bidswitch.net/	1970-01-20 07:11:01	Name: tuuid_lu Value: 1635925383
.bidswitch.net/	1970-01-20 07:11:01	Name: tuuid Value: 52ddaf3e-5fdb-4f79-8606-2ef09d26f592
.mathtag.com/	1970-01-20 07:51:20	Name: uuid Value: af556182-3d87-4700-ad93-9700decfb6cb
.adsrvr.org/	1970-01-20 07:11:01	Name: TDID Value: 7dacebd8-33e6-44fc-8d6b-fa6336ab83d6
.adsrvr.org/	1970-01-20 07:11:01	Name: TDCPM Value: CAESGQoKbGl2ZWludGVudBILCNCXnJjzqY86EAUYBSABKAIyCwjk_PjEiaqPOhAFOAE.
.addthis.com/	1970-01-20 07:55:39	Name: na_id Value: 2021110307430300087850508437
.addthis.com/	1970-01-20 07:55:39	Name: na_tc Value: Y
.addthis.com/	1970-01-20 07:55:39	Name: uid Value: 61823d87d7bf4ee5
.addthis.com/	1970-01-20 07:55:39	Name: ouid Value: 61823d870001f2602b0524ba97a8c1aa56ea8c1ac8fb81f21530
.dlx.addthis.com/	1970-01-19 23:08:37	Name: na_sc_x Value: 1
sync.srv.stackadapt.com/	1970-01-20 07:11:01	Name: sa-user-id Value: s%3A0-2664b929-031e-4dd0-5d97-bc524c4d163a.X6A6p3ey0ptEuZ3mL6B7SlCAB1HciUYi%2BB%2F%2FLVQDbMw
.srv.stackadapt.com/	1970-01-20 07:11:01	Name: sa-user-id-v2 Value: s%3A0-2664b929-031e-4dd0-5d97-bc524c4d163a%24ip%24194.36.108.20.M3eKA%2FOWaxRG14BrS0BlB3DbTmuj%2FtuzYhgsBFIk8EI

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://tags.crwdcntrl.net/lt/c//lt.min.js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.crwdcntrl.net
adservice.google.com
api.ipify.org
ats.rlcdn.com
b-code.liadm.com
cdn.cookielaw.org
cdn.p-n.io
cdn.parsely.com
cdn.syndication.twimg.com
cf-images.us-east-1.prod.boltdns.net
cm.everesttech.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
d15kdpgjg3unno.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
dyv1bugovvq1g.cloudfront.net
edge.api.brightcove.com
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geolocation.onetrust.com
heraldsun.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js.matheranalytics.com
k.p-n.io
lasteventf-tm.everesttech.net
manifest.prod.boltdns.net
match.adsrvr.org
mcclatchy-heraldsun.zeustechnology.com
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
mcclatchy.tt.omtrdc.net
media.kansascity.com
ntvcld-a.akamaihd.net
p1.parsely.com
pbs.twimg.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
pubads.g.doubleclick.net
publicapi.misitemgr.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s-jsonp.moatads.com
s.ntv.io
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
sqs.us-east-1.amazonaws.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
syndication.twitter.com
tags.crwdcntrl.net
tags.srv.stackadapt.com
ton.twimg.com
trc.taboola.com
us-u.openx.net
www.charlotteobserver.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.heraldsun.com
www.i.matheranalytics.com
www.newsobserver.com
www.thestate.com
x.bidswitch.net
x.dlx.addthis.com
z.moatads.com
104.111.219.128
104.244.42.136
104.89.42.102
107.178.250.234
108.128.120.92
13.225.87.70
13.32.99.23
13.32.99.35
13.32.99.90
13.36.218.177
142.250.185.66
151.101.1.194
151.101.2.27
151.101.2.49
166.108.36.240
166.108.36.245
172.217.18.98
18.157.198.157
18.200.165.55
18.66.112.4
18.66.97.9
185.29.134.248
185.33.220.241
185.64.190.80
185.94.180.125
2.18.234.163
2.21.141.232
2.21.143.57
2600:1f18:444a:4680:6bbe:49e:bc45:59
2600:1f18:730:b140:3161:8a8b:ea8c:5d8b
2600:9000:2156:b000:11:b309:9100:21
2600:9000:223c:e600:6:44e3:f8c0:93a1
2600:9000:223e:6e00:5:82fd:2500:21
2600:9000:225e:e200:8:8845:1500:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b844
2606:4700::6810:9440
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:801::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::300
3.126.7.159
3.221.31.176
3.223.38.51
34.206.124.188
34.242.140.187
34.98.64.218
35.71.131.137
52.0.240.240
52.200.181.105
52.208.103.128
52.217.91.150
52.222.247.46
52.46.131.178
52.9.67.232
54.144.144.142
54.75.68.230
54.91.59.199
63.33.35.188
65.9.7.60
69.173.151.100
92.123.225.72
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
01f7f5a3d4b4cb598806d186af6439616e4af42bd38a69ea787b0d38b3338e3e
03185121c815794d962dddd42172add14de820ac83847fe23f7884a757534357
03d9b5789f6b8a1f1c6432ec112101b8c7f1d388e1681c3d3d116da39d799750
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
08474631159928103a5a32e526403528f89060989382b549fe00a54fff514b3b
088bf99363c367a9df19e55730893261c22ca3021ee95d9e06429fff2391535f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7a368dcd17c8f973bac3c531c32400be2671518ccb473b84e0b5d87c95891e
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0dca8a850d27795ea912c60cc12a87aa87f4deb642ddcdb7b79fc019970a36fa
0fbee1118e2f0183e4f02ad8968e1758861d8872550d2ced4eba3bd43b239118
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
1650041b6f1a7c2095fba3c33149a736494922bc39c7b08bcbaffcd03140a2b1
17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45
186816bf1afa74aad8324bff3e55f2890c723db29800f80fa76e448be7d2fd3b
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
19b2bae2b942ad282fe5e86854ab5695b8f3d7d0a78dddebf67e6d8868c41eed
1a889863622bacf0938f18afc0118a3c120a4de1256b4e89793713d851801efb
1e823139c936c952f54399a49096579a951e55baab2d0949e2f307163aac68a0
225d2e82e0609fd8ea6f41b4596631e2eb125c4ee951202b94ea31af75585413
241048c7b732906c6343838ab2f656937a673d1d95dcb42115ce6e95e3b10400
25181b484924129992dc3e8af87de5891c808fb9e686ff81fd0042a59b6196ea
274c58761f7b792ba980d8dbe84aca2406ac0aae4484b8a76b66e3096b68d4eb
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5
2972e1f8412e488008ba2f3cfabdf43cc8d8eee63d67be488f0e53adf5488fe4
2973541ff7462fc85337162712d37c627b51fef84927981f4c86dc37960c8a25
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
300100eb8bc995f8bb0d936532aad21d8786632360afd5d26bda598d4cfb3cf6
32ac78eacfd79931facbc26e496c88bf8ed841ac706a230382568ee8be374e5c
33c91d620f0c93b4c7ba7338f07112ad8af6ca99e5c771bf7151d224fd2dc445
34d81e13afe7828df2aa0f688904ee4f985ebe863c1b660ef6e0e9bd5c7505ce
350f8005ae0bd9ecd2a168860ba8a208239bba479755239aad31995bd8a970d1
3699326906593ec5e5562a00e156736e5d9459c4e3c0671f9e2711ef5a336db2
380bc36c30a542cca4c08720ecaa514028c85e38491135262438fb321acf8572
3b065a781eb0837ab7f5def2ff7775f86ce2ff13b71b523c9df1b20818cb61b0
3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c
3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb
3d140be2ffa5142bb591b99d83e6cd6372c91c8516621bd6cf90293259d9f1d4
413bce551d98e74c8a59b0f7bcfa8fdbcf8b8b5ed8b6085e706349ea8b1e9ed7
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
45f08f27c7337d189e8c31e635b5d0a0781b273131135cd77ee8b6f12366e7a2
464861951f4baa38fd62324aaab890d546496b32c5d2b7882768d9d137448c12
489d91bed61ef8d1c31f9de5b1c13777a03ac0864206094dd594ad82ef266ca7
49b6ed40dc00c0854a03bce29edcc687d7b00da2c485675aec7a2099058cf840
4a8907d6d3cfd794dfafd0c1d3f27d8633d77fc1a08271254eda096ad6d48412
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b71f0fe1bff5503351b612a14b799893729f662a24d67706809f0041acb3fbd
4dc7725467c44e267d4387eeacf53cb9daff5b36e55a7d37a76cb611b742341e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce
502fcd0d82b0c00f261878f57845d8f3d73569c048cd064c15012a044d9b79e9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0
577740eee34f713ff7f121ffb92531062ec14cb56aa244aeeba87889399fdf8f
57a1adec57b006d2f412c1d40a6e2b1c1baf65bb50cbf5735265a6b7fe216524
57b6db57c9ca9a6c53724bfdc84d0d8648f5a1b8bf9e8de286b25b31b8b63382
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5a36bfb7995c90e80bc907138d7f0dd0193ea597c39e0e2a03825456b108c5d9
5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61d6342459611b40b00cdd63cc6b615d5543eb17b3136914099b8c900429e67f
63220eb83b394ef75d625df67cc496eced6a0538ac850fd3ac62c63f1fe9d012
634dc8788bb9ea8e46f80afca5cd5f3bbe2ff69978a38b219f8e60444ae4e989
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
641c4f0e7e7a956976378cdf1f4c7a8405c58ea06d1a92466fc14f1b7ca36e30
641c7b38de5430ec983a3286f78f0aa10305b8c7b1cd48fdf85dc2ef48275228
65201d1357509f640aacee2d677f15e89944c684c9f777895288818fe3df72e7
657b6c067afa6f90ca3e959963ba12150372633d21cc5f23d758a78de492cc08
6983d719884215f01c8c8f09077f5bb0736c82129f13db74e8eddd19f2cbd9a5
6a0f0b33a5e5a24ffe67a8aab5ce03bc17c2550a2fee3a2436502ac057a97845
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72b9e3767117bf34a652cbb68c96e2155ff6c67a6cd845bb0f8b072dec33a5ef
7522a729853e3593c2eab5a1b7b95fdafdec486661e40004e4f267d4284d5262
75a175afb23ed3ec8d9a68320e0f17da0ace41f56366b3b79099974cbc021ec9
76230ee91da9696445defff593df20e8dac3b5067da36d3e3d364fc67f8745f6
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7854235896149dc0bb1dc106fc1863dcaf4564f555b4da25286bfe09246f6720
7895c8a0556fc47345fdd060c3533c9d8a89fd5f24fb67a36443f0563588bac0
78c516fa3cb577eca665e0c03dccf47b424bb6401cd59fc920ec5b3d88a412b0
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
80b9b99327df8553748b59700b0776b4cc090397f321b1cd81d7a9038726b547
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
845d5e9140869578af20e6c7d64bf72f62656879c2b8a605de0f7ef96c5408f3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8580f9061e13b9d212342f018991fc676c0e553ff317258b4e5a8bca8e9dbdff
86ca1915f19c82ab470556792ffac61d893f29a26b5539bc8f5a362c6e029db6
877d091b08fd56fe63c071583a27991bcdb73b092f24907c99b4285b8ab1e851
87de085931782f09af6fad8d9f7bf668a5e9f3e06b8818f9a4f42b82a815c51f
888bc5618973079f4a157c8c94b0afe382e7e957306429c5880e032c83fb8e0c
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8a6bdbdb4f24dfca582bd24715d3f2d70fce8b5518c28c36ec524b90ecdcea84
8a85f61ee87547f1b4af5a23991e0cd010ea7802b6f35837e106039c82d3ffe2
8b4bf46a7ee17fa868ac3a6ed47a74783271577c926748bcdbe6327921fca200
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8c4714d7e28938a6daf60044c1f7b588416f034f1015deb9bedcb7014df420bb
8c4daf8f989d6161c8b5dd795c0691f275a2ddda06b50e2df90085468709e2c9
8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7
952d5990bfa8902cb04f15d02b1ee6bdd3805f640c6e25424a645a63521cc26a
962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7
980f33c5f40531f344a10ecaa3a6f944d5edd6b55de3603ed15754a9125c4896
998a514f72273fa452fce9ac033610a54745edbb5c9e0a8db24d0baad7389051
9ef9d4438eb2fc0e8432256a4de2046b7e623347a3786b92f0d31cbf88713293
9fa9dac0393d30bb7e860c31c6f2d9c2764a9cda8400c4c580dd943b2163637e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4acf2a500c24052681adf32efb668e94f99f3edf5a2e9af4ffb85e2ad799b76
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a71e55db1e9512c120f7813186c25488aa9efcea59633a6143bd1860cc86fe43
a73f8ca6c785c818d374cb72228a31e0c57192e2a16198e4ac0331170622b728
aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b288699d3534c5d5187dd2270be54f41a162ac829654c182736163d040207a21
b53a8679f64261d270c8e531fe1e2b8e463f3592155dcf4c2dbc5deeab2f3b63
bfb7bd636a40dc99dca9556dbfea689a373653ba7718d7ac0aa4ca8c8db16e61
c0191a6fb97765b33d42b4ad98a62159e583e77d8af9744ede52bfca8b0be5fe
c52f5b80a9d75b30e5481206f52a04ff602e5738656efba624297a4653779cc6
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c81c0b2e8c5b892e9fce4f258fa18810dbb9aae635e97b29342058e0caf3ad71
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc08823882ad495f597e6c09d8a48e4f33a9d54aacc1e685710b7f92e0de43f0
ce3daa38c75b999bcc0583f073d663e0b1805b9447d0de99128c4ef3fdecdc59
cedd341a1cd072ea4c917aa7ad5530e09d0bac9ef6c39ee9421ddd99bb049f16
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e382460f4f26cc927aa63067a7271bebccd6d5df7f19ae18de38195eb6c283
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d74b5cd189c502f7772e060ef28c1ef31d7e20e040c35ff98e72aee00cd86546
d830113c0e0e6202f95b1047f14978541ae47ab687b0e2510f170d0793baa493
d89c227b4a0e8b968c91fc3e787fe1c4c2a4dd75d70880b2288342177bd19edc
d8d48749f44f5aa145e8ab70199566c7f6077a84229adc58dc9436c244e0e864
da9dd41e4dee3a23651b1163b90732b6c61f5064c3a5f8509592e795eaa4a7e5
dd4007ca761b5e6d5023655bb9dcdfc107186cef73eda87f8bd8e2a5ea1d916c
de8383d06a56f08749ed99ad3d43911fe88072a79e9148e2d1dead390f64893f
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df787fcc9134ab1eb6b66f9c0284ae4e470d5e8dfa6115c1978e182cf7352850
e0b7bade287eaa6a9fd61ad0a8a033c6ce1ce3aac5cdffb1d75834235d30bf2b
e1499ff78652abbcb64179ac5b535f71be36dd89ddd92363ef675915c79c70a2
e29d7bb00bfd476c8ea954a08561171adb6623ce537e203f2c720ffd67b48374
e37b89816adc1bf2bd8b72476e530bbba79c16123f160d5f3ac6e1b5f2372564
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e66763ff795f730fb53b54cde73708fbd95387bdf862cd5e22c446915a2cf07f
e831bb16e6257e932df686770071301dc7fb6970fef3b67a9aac9e921a3a358f
ec71257b1057d5d5b4aca7d1ef21ecee283ceee836980db7a1e2e06ae4bb0d15
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5d141d098a5a7f012a88586a4d9ec488012256d0c8f5a87d5362c72dbded8f
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2800ea6d4f45b92273a4eedc3bac959b76cc1e40c8a578c529e4ea43fe0ee74
f362e31bb2ec73bdaad781622797baebbafa3b24417d6f83567049ef64be6cee
f3f3b30a77d44ee72afa7c236f7b07a2263dafc6503dda3e5a1ba24894ea91c2
f4d00188c16c2063607ef58b45e63163628be5988e89aab757030955526aa052
f94f28e7998a2f1af1c2a6c9eb199d84101f1e92dbdd9e32e327fb5736826e7b
fa98698ebc395b5b5141c359b9a5f8296bbcb55879b116fdea712491e23e01a3
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe2e600258b5a37a0764c40321822737bf361d297bae0836513c519b4c8b80ed
fe86bb68f8e8b3dab1d9feb0bb9ca182dd05260e98db81cebc7e9ae95cc57e1c

www.heraldsun.com Open in urlscan Pro 104.111.219.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

231 Requests

90 %HTTPS

34 %IPv6

56 Domains

83 Subdomains

68 IPs

7 Countries

6057 kBTransfer

12369 kBSize

48 Cookies

29 Outgoing links

Page URL History

Redirected requests

231 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldsun.com Open in urlscan Pro
104.111.219.128 Public Scan

Screenshot
Live screenshot

Full Image

231
Requests

90 %
HTTPS

34 %
IPv6

56
Domains

83
Subdomains

68
IPs

7
Countries

6057 kB
Transfer

12369 kB
Size

48
Cookies

231 HTTP transactions
7 data transactions