Submitted URL: https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6...
Effective URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announc...
Submission: On October 04 via api from DE

Summary

This website contacted 76 IPs in 9 countries across 55 domains to perform 267 HTTP transactions. The main IP is 2.18.233.28, located in Ascension Island and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 28th 2020. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 17 2.18.233.28 16625 (AKAMAI-AS)
1 9 23.210.249.82 16625 (AKAMAI-AS)
5 192.0.77.32 2635 (AUTOMATTIC)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
4 104.75.88.206 16625 (AKAMAI-AS)
4 104.111.215.136 16625 (AKAMAI-AS)
3 192.0.77.2 2635 (AUTOMATTIC)
30 104.79.88.36 16625 (AKAMAI-AS)
4 192.0.76.3 2635 (AUTOMATTIC)
2 151.101.13.44 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 104.111.229.57 16625 (AKAMAI-AS)
1 216.58.212.134 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
7 172.217.16.194 15169 (GOOGLE)
1 65.9.187.113 16509 (AMAZON-02)
2 4 2600:9000:20d... 16509 (AMAZON-02)
6 2600:9000:21f... 16509 (AMAZON-02)
8 50.17.132.182 14618 (AMAZON-AES)
1 2600:9000:20d... 16509 (AMAZON-02)
2 104.103.110.93 16625 (AKAMAI-AS)
9 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.2 15169 (GOOGLE)
1 143.204.201.81 16509 (AMAZON-02)
1 104.111.215.200 16625 (AKAMAI-AS)
6 2600:9000:20d... 16509 (AMAZON-02)
3 2600:9000:215... 16509 (AMAZON-02)
2 151.101.113.181 54113 (FASTLY)
1 3 104.111.238.139 16625 (AKAMAI-AS)
3 52.214.79.253 16509 (AMAZON-02)
1 52.30.191.169 16509 (AMAZON-02)
4 15.236.9.100 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
7 34.246.59.179 16509 (AMAZON-02)
1 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 80.252.91.52 15830 (EQUINIX-C...)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.112.157 54113 (FASTLY)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.206.235 16509 (AMAZON-02)
1 151.101.113.108 54113 (FASTLY)
2 2a00:1288:f03... 10310 (YAHOO-1)
1 2 216.58.207.70 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
1 46.228.164.11 56396 (TURN)
3 35.227.202.26 15169 (GOOGLE)
3 7 185.33.221.89 29990 (ASN-APPNEX)
2 212.82.100.181 34010 (YAHOO-IRD)
1 104.244.42.197 13414 (TWITTER)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
18 104.244.39.20 7415 (ADSAFE-1)
4 52.95.129.47 16509 (AMAZON-02)
4 104.16.32.37 13335 (CLOUDFLAR...)
1 104.244.42.195 13414 (TWITTER)
1 63.34.37.82 16509 (AMAZON-02)
1 2a04:4e42:3::729 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
8 35.244.232.184 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 143.204.202.127 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.90.152 16509 (AMAZON-02)
4 2a04:4e42:1b:... 54113 (FASTLY)
1 52.17.114.244 16509 (AMAZON-02)
3 54.198.80.12 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 50.19.224.62 14618 (AMAZON-AES)
5 92.122.50.213 20940 (AKAMAI-ASN1)
267 76
Apex Domain
Subdomains
Transfer
32 adsafeprotected.com
cdn.adsafeprotected.com
static.adsafeprotected.com
pixel.adsafeprotected.com
dt.adsafeprotected.com
296 KB
21 heraldsun.com.au
www.heraldsun.com.au
metrics.heraldsun.com.au
255 KB
17 newscdn.com.au
identityssl.newscdn.com.au
resources.newscdn.com.au
resourcesssl.newscdn.com.au
191 KB
15 googlesyndication.com
pagead2.googlesyndication.com
d28c893a65c16b2fe3563b1e2f55ed7d.safeframe.googlesyndication.com
tpc.googlesyndication.com
44 KB
14 api.news
content.api.news
523 KB
13 doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
8228261.fls.doubleclick.net
googleads.g.doubleclick.net
130 KB
12 imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
91 KB
12 wp.com
s0.wp.com
i1.wp.com
s1.wp.com
stats.wp.com
pixel.wp.com
59 KB
10 brightcove.com
metrics.brightcove.com
edge.api.brightcove.com
7 KB
10 news.com.au
tags.news.com.au
a.tcog.news.com.au
233 KB
8 adnxs.com
acdn.adnxs.com
secure.adnxs.com
ib.adnxs.com
9 KB
8 chartbeat.net
ping.chartbeat.net
1 KB
5 akamaized.net
nws-bolt-amd-prod.akamaized.net
691 KB
5 boltdns.net
cf-images.ap-southeast-2.prod.boltdns.net
manifest.prod.boltdns.net
72 KB
4 ratecity.com.au
production-blaze-assets.ratecity.com.au
81 KB
4 whistleout.com.au
r3.whistleout.com.au
30 KB
4 amazonaws.com
s3-ap-southeast-2.amazonaws.com
21 KB
4 google.com
adservice.google.com
www.google.com
321 B
4 demdex.net
dpm.demdex.net
newscorpau.demdex.net
5 KB
4 vidora.com
assets.vidora.com
api.vidora.com
5 KB
4 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
103 KB
4 tiqcdn.com
tags.tiqcdn.com
22 KB
3 omtrdc.net
newscorpau.hb.omtrdc.net
771 B
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
2 KB
3 mookie1.com
au-gmtdmp.mookie1.com
1 KB
3 googletagservices.com
www.googletagservices.com
84 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 serving-sys.com
secure-ds.serving-sys.com
bs.serving-sys.com
21 KB
3 newscorpaustralia.com
login.newscorpaustralia.com
2 gvt1.com
redirector.gvt1.com
r2---sn-4g5ednee.gvt1.com
16 KB
2 google.de
www.google.de
241 B
2 yahoo.com
sp.analytics.yahoo.com
2 KB
2 googleadservices.com
www.googleadservices.com
22 KB
2 yimg.com
s.yimg.com
7 KB
2 adsrvr.org
js.adsrvr.org
insight.adsrvr.org
2 KB
2 licdn.com
snap.licdn.com
3 KB
2 perfectmarket.com
widget.perfectmarket.com
32 KB
2 dailytelegraph.com.au
www.dailytelegraph.com.au
25 KB
2 taboola.com
cdn.taboola.com
133 KB
2 silobreaker.com
info.silobreaker.com
3 KB
1 gstatic.com
csi.gstatic.com
53 B
1 2mdn.net
s0.2mdn.net
11 KB
1 zencdn.net
vjs.zencdn.net
7 KB
1 twitter.com
analytics.twitter.com
651 B
1 t.co
t.co
448 B
1 turn.com
r.turn.com
426 B
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 google.dk
adservice.google.dk
168 B
1 fontawesome.com
use.fontawesome.com
13 KB
1 everesttech.net
cm.everesttech.net
466 B
1 brightcove.net
players.brightcove.net
237 KB
1 newscgp.com
au.tags.newscgp.com
47 KB
1 chartbeat.com
static.chartbeat.com
23 KB
1 jquery.com
code.jquery.com
29 KB
267 55
Domain Requested by
18 dt.adsafeprotected.com www.heraldsun.com.au
17 www.heraldsun.com.au 3 redirects info.silobreaker.com
www.heraldsun.com.au
14 content.api.news www.heraldsun.com.au
resourcesssl.newscdn.com.au
13 resources.newscdn.com.au www.heraldsun.com.au
resources.newscdn.com.au
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
9 tags.news.com.au 1 redirects tags.tiqcdn.com
resourcesssl.newscdn.com.au
au.tags.newscgp.com
8 metrics.brightcove.com www.heraldsun.com.au
8 ping.chartbeat.net www.heraldsun.com.au
7 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
static.adsafeprotected.com
7 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
info.silobreaker.com
www.heraldsun.com.au
6 secure.adnxs.com 3 redirects www.heraldsun.com.au
6 static.adsafeprotected.com resourcesssl.newscdn.com.au
pixel.adsafeprotected.com
www.heraldsun.com.au
6 cdn-gl.imrworldwide.com www.heraldsun.com.au
resourcesssl.newscdn.com.au
seccdn-gl.imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
5 nws-bolt-amd-prod.akamaized.net players.brightcove.net
5 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
www.heraldsun.com.au
4 manifest.prod.boltdns.net players.brightcove.net
4 production-blaze-assets.ratecity.com.au www.heraldsun.com.au
4 r3.whistleout.com.au resources.newscdn.com.au
www.heraldsun.com.au
4 s3-ap-southeast-2.amazonaws.com resources.newscdn.com.au
4 metrics.heraldsun.com.au tags.news.com.au
www.heraldsun.com.au
4 secure-gl.imrworldwide.com 2 redirects secure-gl.imrworldwide.com
www.heraldsun.com.au
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
3 newscorpau.hb.omtrdc.net tags.news.com.au
3 au-gmtdmp.mookie1.com www.heraldsun.com.au
3 www.google.com securepubads.g.doubleclick.net
www.heraldsun.com.au
3 www.googletagservices.com securepubads.g.doubleclick.net
3 dpm.demdex.net tags.news.com.au
www.heraldsun.com.au
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
3 assets.vidora.com resourcesssl.newscdn.com.au
assets.vidora.com
3 pixel.wp.com www.heraldsun.com.au
3 login.newscorpaustralia.com www.heraldsun.com.au
3 resourcesssl.newscdn.com.au www.heraldsun.com.au
3 i1.wp.com www.heraldsun.com.au
3 s0.wp.com www.heraldsun.com.au
2 edge.api.brightcove.com players.brightcove.net
2 imasdk.googleapis.com players.brightcove.net
imasdk.googleapis.com
2 www.google.de www.heraldsun.com.au
2 px.ads.linkedin.com 1 redirects www.heraldsun.com.au
2 googleads.g.doubleclick.net www.googleadservices.com
2 sp.analytics.yahoo.com www.heraldsun.com.au
s.yimg.com
2 www.googleadservices.com secure-ds.serving-sys.com
www.googletagmanager.com
2 8228261.fls.doubleclick.net 1 redirects info.silobreaker.com
2 s.yimg.com info.silobreaker.com
s.yimg.com
2 snap.licdn.com info.silobreaker.com
snap.licdn.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 www.dailytelegraph.com.au www.heraldsun.com.au
2 fonts.googleapis.com www.heraldsun.com.au
2 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
2 s1.wp.com www.heraldsun.com.au
2 info.silobreaker.com 1 redirects
1 api.vidora.com resourcesssl.newscdn.com.au
1 r2---sn-4g5ednee.gvt1.com
1 redirector.gvt1.com 1 redirects
1 csi.gstatic.com imasdk.googleapis.com
1 secure-dcr.imrworldwide.com www.heraldsun.com.au
1 cf-images.ap-southeast-2.prod.boltdns.net www.heraldsun.com.au
1 s0.2mdn.net imasdk.googleapis.com
1 vjs.zencdn.net players.brightcove.net
1 insight.adsrvr.org js.adsrvr.org
1 analytics.twitter.com static.ads-twitter.com
1 www.linkedin.com 1 redirects
1 t.co www.heraldsun.com.au
1 ib.adnxs.com www.heraldsun.com.au
1 r.turn.com www.heraldsun.com.au
1 acdn.adnxs.com info.silobreaker.com
1 js.adsrvr.org secure-ds.serving-sys.com
1 www.googletagmanager.com secure-ds.serving-sys.com
1 static.ads-twitter.com info.silobreaker.com
1 a.tcog.news.com.au resources.newscdn.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 d28c893a65c16b2fe3563b1e2f55ed7d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.dk securepubads.g.doubleclick.net
1 use.fontawesome.com cdn.taboola.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 players.brightcove.net resourcesssl.newscdn.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 seccdn-gl.imrworldwide.com tags.news.com.au
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 stats.wp.com www.heraldsun.com.au
1 identityssl.newscdn.com.au www.heraldsun.com.au
1 code.jquery.com www.heraldsun.com.au
267 87
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3
2020-06-30 -
2021-06-30
a year crt.sh
news.com.au
DigiCert SHA2 Secure Server CA
2020-09-28 -
2021-09-28
a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA
2020-03-16 -
2021-06-15
a year crt.sh
*.taboola.com
DigiCert SHA2 Secure Server CA
2020-08-10 -
2021-12-31
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2020-06-01 -
2021-06-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
au.tags.newscgp.com
Amazon
2020-02-08 -
2021-03-08
a year crt.sh
*.imrworldwide.com
DigiCert SHA2 Secure Server CA
2020-01-21 -
2021-02-24
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2019-12-16 -
2020-12-30
a year crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA
2020-01-03 -
2021-04-03
a year crt.sh
*.adsafeprotected.com
Amazon
2020-08-19 -
2021-09-18
a year crt.sh
players.brightcove.net
DigiCert SHA2 Secure Server CA
2020-09-03 -
2021-10-03
a year crt.sh
static.adsafeprotected.com
Amazon
2020-10-03 -
2021-11-03
a year crt.sh
*.vidora.com
Amazon
2020-04-10 -
2021-05-10
a year crt.sh
p.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-09-03 -
2021-02-22
a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-07-17 -
2021-06-02
a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh
metrics.heraldsun.com.au
DigiCert SHA2 High Assurance Server CA
2020-04-13 -
2021-07-15
a year crt.sh
fw.adsafeprotected.com
Amazon
2020-09-09 -
2021-10-09
a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year crt.sh
*.google.dk
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.google.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
bs.serving-sys.com
Go Daddy Secure Certificate Authority - G2
2020-01-07 -
2022-03-08
2 years crt.sh
www.google.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2020-08-14 -
2021-08-19
a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-13 -
2021-04-14
a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-09-28 -
2020-11-11
a month crt.sh
www.googleadservices.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.turn.com
DigiCert SHA2 Secure Server CA
2020-03-18 -
2021-04-19
a year crt.sh
*.mookie1.com
DigiCert SHA2 Secure Server CA
2020-02-21 -
2021-03-22
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-08-01 -
2021-01-28
6 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2020-08-05 -
2021-02-05
6 months crt.sh
www.google.de
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.google.de
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
DigiCert Baltimore CA-2 G2
2020-07-30 -
2021-08-04
a year crt.sh
*.whistleout.com.au
Go Daddy Secure Certificate Authority - G2
2019-11-04 -
2022-01-30
2 years crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-05-20 -
2020-12-18
7 months crt.sh
metrics.brightcove.com
GTS CA 1D2
2020-10-03 -
2021-01-01
3 months crt.sh
*.api.brightcove.com
Amazon
2019-10-21 -
2020-11-21
a year crt.sh
*.ratecity.com.au
Go Daddy Secure Certificate Authority - G2
2020-04-23 -
2022-06-22
2 years crt.sh
*.prod.boltdns.net
Amazon
2019-12-19 -
2021-01-19
a year crt.sh
brightcove.com
GlobalSign CloudSSL CA - SHA256 - G3
2020-09-28 -
2021-04-20
7 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.hb.omtrdc.net
DigiCert SHA2 High Assurance Server CA
2019-12-11 -
2021-12-15
2 years crt.sh
*.gstatic.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.c.docs.google.com
GTS CA 1O1
2020-09-22 -
2020-12-01
2 months crt.sh
vidora.com
Let's Encrypt Authority X3
2020-09-05 -
2020-12-04
3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1
2020-07-15 -
2021-09-13
a year crt.sh

This page contains 31 frames:

Primary Page: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Frame ID: 27D13352A0300BB38B60A7ED82590109
Requests: 217 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=H7AtbAPih4L-BbAJAljOlPxNhlO-f7lx&nonce=ab04-Fm02CTmw.JiNIkrFOP4Qp7Pp7lo&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: EE29DF0D968864BC70EADF6B0604E86B
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=q.rCL~nA3p~jQ38FHkxBB_gikl-C01OT&nonce=Gn3efjnx1VQBxIlKVnJ6silnXw.n83gx&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: F3CE9266049E78C0CDBC32B53CA0F30B
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=x4chIgjDf8gSE0L75Px4kbltQNNMS4AK&nonce=BKz2.Z5UjozdH6gDqsPlpAPHVTAd8YSE&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 012C572F0EF2C2E1C7CBEC50F67EC7B3
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: D101E3BAE83D854241E05B9DD1E84DAC
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 475F00703D9B1F551EDA731EAB1E963D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuC47avxF8nNNp7VyqhjmgxI6R9Bl5jJ36NQcCnSVABodSuL8irOrE8I5Ixr-Y85WhVwIgxSMgUPWd1uTqpDh5M_ndXmMBVVcvCfONboqzAE_JYQBrO93-JTWK4ShJIf5sFXQDUK7MgsGlZlv-2mXNWQ5xbva8LXoJTJgrYi1jPgs-lPJstpwWnkusjQ20HEojscwVgOtY8uy8nNenQnhDjlIHpQGywEiQc1q0MoMitLxgcA937xPJdSe9a8A1flxEVn3pJr0EOVzInuA7Dg-TeqA&sig=Cg0ArKJSzJikfJcDDqXUEAE&adurl=
Frame ID: 8570102F449A0C9906E6B8B11B70588E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKr29UsgdM07guSbL3FGuhxvsHOzQJR97hB2zs0kfg8P_mDTrt87-Qqc_dh_i54jkrHsw6cpyBtYai_FBQJnCg0S2mM66193h_DPHY1BYOuxPWrV4Nn9bs__ysVbubJ_REAcX-IAviA92i_PHUqIJ2qYaDayJffFqzywfBrIp6wj6gJmSZld8U5wP8TYYH91QAw_hvVjl9SdQDVbqNrfThpNgCfbv_2ryYemXwBr901yHQo7I7faxkjGKYaNJyx2odFwsYES2fDa7z9SCzDvgG-g&sig=Cg0ArKJSzFxb0GZGX3P8EAE&adurl=
Frame ID: 42B9888C632D7108C382A720EA3D1DF4
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=403454622&custom=video&custom3=168400391&adsafe_par&impId=ed77a492-0630-11eb-9f65-0a791baeecf6
Frame ID: 4040759F598E06D6D52D7D176CA99B7E
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1558117510&custom=video&custom3=168400391&adsafe_par&impId=ed77a493-0630-11eb-9f65-0a791baeecf6
Frame ID: 5659AC1ED4A433B19A1C348DFEF88701
Requests: 2 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: D9CF9D0D9CF6FFFE80F7A4D881A59D36
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 0905BFCE7E62AEE7EC05ED78CB921D4D
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 3D42D29F76EDF0FD1FA285452A703CF3
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: A7678C005ABA8F4FF036687E8007174D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: BBCE8F7C5CF1FD31EA73367F76D288DE
Requests: 2 HTTP requests in this frame

Frame: https://s.yimg.com/wi/ytc.js
Frame ID: 794297114FE9C4D43D90E9C7FC455339
Requests: 3 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIbbq8jkmuwCFczruwgdwqsLsQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5771613234907.606
Frame ID: 3F42A1B6E27DC747132BFB6F066B6C36
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 6A70B03FCEEE8F044938FDA6B6FE304A
Requests: 4 HTTP requests in this frame

Frame: https://r.turn.com/r/beacon?b2=p6XQ5Fc0adnznNpXL-pWH4UvNVDMRPMx8zrBFX6RFzv3Fa5NQOlD9S8IcQQSxWc9vEVgdRInyjPO9fW63tV3cg&cid=
Frame ID: D464700BFCFD694FDCD81AB04605AA4D
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_804370&src.rand=[timestamp]&
Frame ID: C0D30F2D4A60197F4E875360F7EDAAF7
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171454%26seg%3D19476739%26t%3D2
Frame ID: B2B8244470DEEC0F22BF8CEAB52BB0D4
Requests: 1 HTTP requests in this frame

Frame: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10041060&js=no&url=heraldsunsitevisitors020419
Frame ID: 95C502A15BFDEEF0309E3AAC876FE9CE
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: A483A4055E3B03F0D6C3125146619371
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 9DE292F154530B0A8ED953CF4E5C0066
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 757C73CB1C1D51566509D28299899648
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: C54B68D9458ECCEE084F9B60893ED966
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 2D29CE0D9BB5A637CDE09B3C2293D50D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&upid=ekg5qxt&upv=1.1.0
Frame ID: DFEAFD2391A6A70E04CAAE755B554736
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.414.0_en.html
Frame ID: 74B198FAA17E368EE67F2E8F71712EC4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 1C9206B17548623E06EB46363B46EE37
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 4375097816D8DF76B2B4B5A8068132DF
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_L... HTTP 307
    https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before... HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnat... HTTP 302
    https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before... HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews... HTTP 302
    https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

267
Requests

96 %
HTTPS

37 %
IPv6

55
Domains

87
Subdomains

76
IPs

9
Countries

3628 kB
Transfer

9340 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1?_ud=06b4e9ee-8e99-42cd-b2ec-966d5dcb0ce5&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0 HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2fvideo%2f9105f7389d35056433c6997d45cd840c%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0 HTTP 302
    https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0 HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2fvideo%2f9105f7389d35056433c6997d45cd840c%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&1601809273622536029 HTTP 302
    https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://secure-gl.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 82
  • https://cm.everesttech.net/cm/dd?d_uuid=12663755442056900841796904397957494091 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X3mreQAAAIYUyC@A&d_uuid=12663755442056900841796904397957494091
Request Chain 91
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1601809277809&ns_c=UTF-8&cv=3.5&c8=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%C2%A0Announcement%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1601809277809&ns_c=UTF-8&cv=3.5&c8=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%C2%A0Announcement%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&c9=&cs_ak_ss=1
Request Chain 94
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1601809277822&ci=newscorp&js=1&cg=0&ts=vidora-client.1.x.x.min.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&sr=1600x1200&id=lstrg-b93395f2f4372dd3618ea9cb5c968186&tz=2 HTTP 302
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1601809277822&ci=newscorp&js=1&cg=0&ts=vidora-client.1.x.x.min.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&sr=1600x1200&id=lstrg-b93395f2f4372dd3618ea9cb5c968186&tz=2&ja=1
Request Chain 135
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5771613234907.606 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIbbq8jkmuwCFczruwgdwqsLsQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5771613234907.606
Request Chain 139
  • https://secure.adnxs.com/px?id=1171454&seg=19476739&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171454%26seg%3D19476739%26t%3D2
Request Chain 142
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Request Chain 144
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Request Chain 159
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1601809278663 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1601809278663%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1601809278663&liSync=true
Request Chain 236
  • https://redirector.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1601830886/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/451B570F29FCA747384FE407F54705A0FD8CB4B2.7D1158B52EC4CD2AE9BA34AF689DA2684F290E0C/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5ednee.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1601830886/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/7E5D0925ECB73DD6112D436BF72A3678877BA8B5.5FDFF1915D3026722C77D13383F50CC0C0A8209E/key/cms1/cms_redirect/yes/mh/Bl/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5ednee/ms/nvh/mt/1601809159/mv/m/mvi/2/pl/40/file/file.mp4

267 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8B...
info.silobreaker.com/e2t/tc/
9 KB
3 KB
Document
General
Full URL
https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7bb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 04 Oct 2020 11:01:12 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=dde4c046e3317baebeba987266545d0701601809272; expires=Tue, 03-Nov-20 11:01:12 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=29c2fe0876933add3d74914b94f1317620c674a0-1601809272; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
5dce674fa99716ea-FRA
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0594dee5c9000016ea6e0f9200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
server
cloudflare
content-encoding
br
Primary Request 9105f7389d35056433c6997d45cd840c
www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wr...
  • https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANq...
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcem...
  • https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANq...
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announc...
  • https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANq...
235 KB
50 KB
Document
General
Full URL
https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3b30fff29c4975fc0a2a8c84a81b6bbfce44ba5b2c5c25a8f47728852dca064c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.heraldsun.com.au
:scheme
https
:path
/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
n_regis=123456789
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1

Response headers

status
200
server
nginx
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=d0uGDlSunW3nVLP0uJkRD0nAEhnhCPHxYTUeaEXeqlFtc6CRcqVZARIVGq1kpcEzyVkAavaAtQw00elwLCBCVquoZvLEDJS6HK6gTFyy2QEwpVvKyTs8dcR0P7ro; Expires=Sun, 11 Oct 2020 11:01:13 GMT; Path=/ nk=6838a54e69a0184a96b28fe78e89066e; expires=Wed, 04 Oct 2023 11:01:15 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=d0uGDlSunW3nVLP0uJkRD0nAEhnhCPHxYTUeaEXeqlFtc6CRcqVZARIVGq1kpcEzyVkAavaAtQw00elwLCBCVquoZvLEDJS6HK6gTFyy2QEwpVvKyTs8dcR0P7ro; Expires=Sun, 11 Oct 2020 11:01:13 GMT; Path=/; SameSite=None; Secure
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
vary
User-Agent Accept-Encoding
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2fvideo%2f9105f7389d35056433c6997d45cd840c%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0%26nk%3d6838a54e69a0184a96b28fe78e89066e-1601809273&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=9105f7389d35056433c6997d45cd840c&session=6838a54e69a0184a96b28fe78e89066e
x-arrrg5
BlaizeHappened
x-ac
1.ewr _dca
x-xss-protection
1
content-encoding
gzip
expires
Sun, 04 Oct 2020 11:01:16 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:16 GMT

Redirect headers

status
302
server
AkamaiGHost
content-length
154
content-type
text/html
location
https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
set-cookie
nk=6838a54e69a0184a96b28fe78e89066e; expires=Wed, 04 Oct 2023 11:01:13 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary
Accept-Encoding
etag
"05563c72b22b39afb384f19701c03047:1600838589.100191"
expires
Sun, 04 Oct 2020 11:01:13 GMT
cache-control
max-age=0, no-cache
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:13 GMT
widget-text.css
www.heraldsun.com.au/wp-content/mu-plugins/widgets/css/
573 B
790 B
Stylesheet
General
Full URL
https://www.heraldsun.com.au/wp-content/mu-plugins/widgets/css/widget-text.css?m=1496871851h&ver=20170607
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
51c1782a181bb3acc78b433b321ae4a87472c7f264e5c1b14c5b90b9774784b1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5bfee318-33c"
vary
User-Agent
content-type
text/css
status
200
expires
Sun, 04 Oct 2020 11:02:08 GMT
cache-control
max-age=52
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-ac
1.ewr _dca
content-length
224
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
social-logos.css
s0.wp.com/wp-content/mu-plugins/social-logos/
12 KB
8 KB
Stylesheet
General
Full URL
https://s0.wp.com/wp-content/mu-plugins/social-logos/social-logos.css?m=1593615436h&cssminify=yes
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
89da36867769b4f54e0273692785a7fec286a04456b9ed4f21ecc7ab01936c7b

Request headers

Referer
https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5efca459-312f"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
2.ams _dfw
expires
Thu, 01 Jul 2021 15:08:02 GMT
jquery-2.2.4.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:24:41 GMT
server
nginx
status
200
etag
W/"573f4859-14e4a"
vary
Accept-Encoding
x-hw
1601809276.dop204.fr8.t,1601809276.cds258.fr8.hn,1601809276.cds130.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
/
s0.wp.com/_static/
3 KB
1 KB
Script
General
Full URL
https://s0.wp.com/_static/??-eJyVzTsOAjEMANELYSxg+TSIswQn2k1E7Ci2yfWBAiFERTvFPBwNSNgSG9qSalK854achpL0Fhws8NxDBc+onbAo2lwgdmlRBtfEjjGr/VSgW35e10VX+C9CUps4x5dFENwWuLqZsL6t7/qxLvW82R9303Y6HabyACJNU2k=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
559c041f56a4324314e4e23ed7aec3c9164344e846b07b5be948ae9f7271c661

Request headers

Referer
https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
last-modified
Mon, 11 Nov 2019 00:58:27 GMT
server
nginx
etag
W/"5dc8b233-b40"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
2.ams _dfw
expires
Tue, 10 Nov 2020 00:59:42 GMT
anon.png
identityssl.newscdn.com.au/legacy/img/
0
0
Image
General
Full URL
https://identityssl.newscdn.com.au/legacy/img/anon.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/
248 KB
78 KB
Script
General
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ab1fa701f7f71e91144a3121d115aa2d525dc7490c56d0009719403ec65e3d17
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
AkamaiNetStorage
etag
"7b257b78da69ef17784b8ea623e96f63:1600745933.304238"
vary
User-Agent, Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=762
date
Sun, 04 Oct 2020 11:01:16 GMT
is-https
true
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Sun, 04 Oct 2020 11:13:58 GMT
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
3 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-136.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f95d6a83a19d73efefc3b8dcf24225b978cd179e2280ff6ee357eeca314996f9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 05:18:22 GMT
server
AkamaiNetStorage
etag
"83c0c023e93725ac47b986fc925098dd:1601270302.519995"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
1236
expires
Sun, 04 Oct 2020 11:06:16 GMT
popular-combined
i1.wp.com/pixel.tcog.cp1.news.com.au/track/component/
95 B
352 B
Image
General
Full URL
https://i1.wp.com/pixel.tcog.cp1.news.com.au/track/component/popular-combined?esi=true&t_domain=heraldsun.com.au,adelaidenow.com.au,couriermail.com.au,dailytelegraph.com.au,themercury.com.au,theaustralian.com.au,news.com.au&t_product=AdelaideNow&td_module-classes=most-popular&td_primary_bound=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
1743b80176c7a9b725d2e472694b728ae510bbdae78ee5d33d58278221f552d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 5
date
Sun, 04 Oct 2020 11:01:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Jun 2020 20:23:41 GMT
server
nginx
etag
"bac8d731701d1a5c"
vary
Accept
content-type
image/png
status
200
cache-control
public, max-age=63115200
link
<http://pixel.tcog.cp1.news.com.au/track/component/popular-combined>; rel="canonical"
content-length
95
expires
Sat, 11 Jun 2022 08:23:41 GMT
vidora-tracking-client.js
resources.newscdn.com.au/cs/chronicle/tg_articlepage/latest/assets/js/
6 KB
3 KB
Script
General
Full URL
https://resources.newscdn.com.au/cs/chronicle/tg_articlepage/latest/assets/js/vidora-tracking-client.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ba76dadc813053b910de8643b53804babc65017c8ac2ccf6ef3e91c04ef30e18

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:17 GMT
Content-Encoding
gzip
x-amz-request-id
B25AD231F2FB8B26
Connection
keep-alive
Content-Length
2602
x-amz-id-2
c5fyR2z1bz2Vw1iiJyTZVydqo7PjnrMiFLq71en9e6PHkI/CWR9UYYi4sYb9Iyp9OdEYCjdPgz0=
Last-Modified
Mon, 28 Sep 2020 02:14:22 GMT
Server
AmazonS3
ETag
"0a4681c40e9cd1cf65e04c2c0cac4be0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1793
Accept-Ranges
bytes
Expires
Sun, 04 Oct 2020 11:31:10 GMT
exodus_loader-client.js
resources.newscdn.com.au/cs/networksales/loader/latest/assets/js/
283 KB
74 KB
Script
General
Full URL
https://resources.newscdn.com.au/cs/networksales/loader/latest/assets/js/exodus_loader-client.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
af233099755b93f495d5309de64d8de4be8cbeaf829467c6f343c6290765405c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:16 GMT
Content-Encoding
gzip
x-amz-request-id
A59E0C8822A9F03C
Connection
keep-alive
Content-Length
74778
x-amz-id-2
53YhEM/bMKuJkZnijzJ52NVZVe8uTccMl3m4JKmcUWEYsd+kapv+CTAht0S+TVpEoCj+uOFLpMw=
Last-Modified
Thu, 11 Oct 2018 03:31:18 GMT
Server
AmazonS3
ETag
"005625b1ebfe9f5cebe4abbfbd23a19d"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1225
Accept-Ranges
bytes
Expires
Sun, 04 Oct 2020 11:21:41 GMT
campaigns.json
i1.wp.com/pixel.tcog.cp1.news.com.au/track/component/resource/networksales/exoduscampaigns/
95 B
285 B
Image
General
Full URL
https://i1.wp.com/pixel.tcog.cp1.news.com.au/track/component/resource/networksales/exoduscampaigns/campaigns.json?esi=true&t_product=HeraldSun&t_template=s3/networksales-loader/index&td_channel=desktop&td_domain=heraldsun.com.au&td_pagetype=index_mr&td_section=news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
1743b80176c7a9b725d2e472694b728ae510bbdae78ee5d33d58278221f552d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sun, 04 Oct 2020 11:01:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Jun 2020 20:25:52 GMT
server
nginx
etag
"1d6e07b31a0d768d"
vary
Accept
content-type
image/png
status
200
cache-control
public, max-age=63115200
link
<http://pixel.tcog.cp1.news.com.au/track/component/resource/networksales/exoduscampaigns/campaigns.json>; rel="canonical"
content-length
95
expires
Sat, 11 Jun 2022 08:25:52 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
72 KB
19 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-136.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6b99ab37fb5e8540d8968acc1d2cad0ed05b511c4e99174026cc8de40bb3b587

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 05:18:24 GMT
server
AkamaiNetStorage
etag
"928a173c97e2d1506f641b742fec3477:1601270303.893627"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
19275
expires
Sun, 04 Oct 2020 11:06:17 GMT
jquery.js
s0.wp.com/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://s0.wp.com/wp-includes/js/jquery/jquery.js?m=1558356653h
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5ce2a2b4-17a69"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
2.ams _dfw
expires
Wed, 19 May 2021 12:51:58 GMT
mobile-useragent-info.js
www.heraldsun.com.au/wp-content/js/
9 KB
2 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/js/mobile-useragent-info.js?m=1368567117h
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
448edd17d85b0f45d04d16bdd64bcab8ffc962e1dd2183f0e817f2ec42eef4be
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5c066eb1-4802"
vary
User-Agent
content-type
application/javascript
status
200
expires
Sun, 04 Oct 2020 11:02:12 GMT
cache-control
max-age=56
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-ac
1.ewr _dca
content-length
1594
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
/
s1.wp.com/_static/
18 KB
7 KB
Script
General
Full URL
https://s1.wp.com/_static/??-eJytk91OxCAQRl9IdrRJm3hhfJYpTFoqDGSgbXafXlpt7KqJMe0NYT7gHH4CzFHpwJk4Q+7JU4LJRmCakw4ScVReIJOPDnMZi9iVtsVE4PB2TfZG6eItX4b0AH+iMnIn6NVoIYmGIUHuBmUEZxIwNuVdrbSzhXQEnLQE577AH/UJ4P7aijWqReb9xu/iMzSEZgGF8GZpp9nHRzQ6+BhGNotNq5mwrBIVWHnicfP9GDhiJFcmcV6E9HmOqSodCZvuW3y+jHH6xVXSf6nuPsV6j7yqcMz9oyrvtyq2qjBf/ctTXdfVc9M01fAOa3ZMyQ==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
93b9d3ca506cba13ec8d643440bb852a8fb8be12bbfde812dc53ef9436b1af2c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
last-modified
Mon, 15 Apr 2019 02:55:08 GMT
server
nginx
etag
W/"5cb3f28c-461a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
2.ams _dfw
expires
Wed, 14 Apr 2021 02:58:51 GMT
player.js
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/
207 KB
51 KB
Script
General
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
84125d1a37cd08350c71d2847ecdd6b13212066978341d6666f115ea72512f73

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:16 GMT
Content-Encoding
gzip
x-amz-request-id
505EC8C3976E74F1
Connection
keep-alive
Content-Length
51954
x-amz-id-2
V3pFxWoQDHRLpz7Z9ZccEplMpFVoAx/F2UV1qAVD9gAwXE2MSZc2I7tlZpZRAvY9hXp1KmnET48=
Last-Modified
Tue, 29 Sep 2020 01:08:05 GMT
Server
AmazonS3
ETag
"37e46c0844e769d9a64082c433f784ab"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=313
Accept-Ranges
bytes
Expires
Sun, 04 Oct 2020 11:06:29 GMT
jquery-migrate.min.js
s1.wp.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://s1.wp.com/wp-includes/js/jquery/jquery-migrate.min.js?m=1466523978h
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"57696159-2748"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
2.ams _dfw
expires
Wed, 03 Feb 2021 04:48:58 GMT
pending.js
www.heraldsun.com.au/wp-content/mu-plugins/twitter-blackbird-pie/
883 B
1 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/mu-plugins/twitter-blackbird-pie/pending.js?m=1408998121h&ver=20130322
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c53d6dc81211bf7c4cb78004c5fb4c6d266ede9f72cb899d4c940c2cb89138ab
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5bfee31f-569"
vary
User-Agent
content-type
application/javascript
status
200
expires
Sun, 04 Oct 2020 11:01:48 GMT
cache-control
max-age=32
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-ac
1.ewr _dca
content-length
497
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
neverending.js
www.heraldsun.com.au/wp-content/mu-plugins/twitter-blackbird-pie/
153 B
703 B
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/mu-plugins/twitter-blackbird-pie/neverending.js?m=1349449263h&ver=20121005
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3c18a16be79b6c4db237b4377ef214b4e36e813b58e60774823bf2b0a4e91e48
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5bfee31f-99"
vary
User-Agent
content-type
application/javascript
status
200
expires
Sun, 04 Oct 2020 11:02:10 GMT
cache-control
max-age=54
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-ac
1.ewr _dca
content-length
128
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
iframe-async-loader.js
www.heraldsun.com.au/wp-content/themes/vip/newscorpau-plugins/widget-library/assets/js/
134 B
699 B
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-plugins/widget-library/assets/js/iframe-async-loader.js?m=1435015861h
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bf95a592db7a202f5b93dbe166c591037640069f4aa8343ee2e5fab008466b43
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5bffef87-b6"
vary
User-Agent
content-type
application/javascript
status
200
expires
Sun, 04 Oct 2020 11:08:27 GMT
cache-control
max-age=431
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-ac
1.ewr _dca
content-length
123
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
vip-analytics.js
www.heraldsun.com.au/wp-content/mu-plugins/2-vip/js/
996 B
1 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/mu-plugins/2-vip/js/vip-analytics.js?m=1411795912h&ver=20140927b
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b677e0fdcbd860cbebc8c37551e05f834c48da20d953fba50345fad6427a8627
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5c066ead-506"
vary
User-Agent
content-type
application/javascript
status
200
expires
Sun, 04 Oct 2020 11:01:23 GMT
cache-control
max-age=7
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-ac
1.ewr _dca
content-length
550
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
masterbar.js
www.heraldsun.com.au/wp-content/mu-plugins/admin-bar/masterbar-overrides/
1 KB
1 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/mu-plugins/admin-bar/masterbar-overrides/masterbar.js?m=1489004139h&ver=20150909
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8f3e7e5925dc42da4621ce42327d0571887edf39a82e794b709eab7dd57fbeb0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5bfee31f-728"
vary
User-Agent
content-type
application/javascript
status
200
expires
Sun, 04 Oct 2020 11:02:16 GMT
cache-control
max-age=60
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-ac
1.ewr _dca
content-length
531
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
masterbar-tracks.js
www.heraldsun.com.au/wp-content/mu-plugins/admin-bar/
4 KB
2 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/mu-plugins/admin-bar/masterbar-tracks.js?m=1520516873h&ver=20171026
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4a70a6e4f5b7d2e76b3a5174528403bfde046edd0acb1186b9d8760ea221875e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5bffef5b-166a"
vary
User-Agent
content-type
application/javascript
status
200
expires
Sun, 04 Oct 2020 11:02:04 GMT
cache-control
max-age=48
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-ac
1.ewr _dca
content-length
1244
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
w.js
stats.wp.com/
13 KB
5 KB
Script
General
Full URL
https://stats.wp.com/w.js?61
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f45206737eac638bb52a6adda01ec197e1b62f4e40399fbf2956497308b4b63f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams
date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5e6029bb-4e62"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Thu, 04 Mar 2021 22:24:11 GMT
Roboto-Regular.woff
www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/fonts/processed/
12 KB
13 KB
Font
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/fonts/processed/Roboto-Regular.woff
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8b5f88571701095b94afc07f4c4de07be33db36d8cd7d4aa8f90d34ae665b98f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
x-ac
1.ewr _dca
status
200
is-https
true
content-length
12588
last-modified
Thu, 29 Nov 2018 13:57:57 GMT
server
nginx
etag
"5bfff065-312c"
vary
User-Agent
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
expires
Tue, 20 Oct 2020 20:23:05 GMT
cache-control
max-age=1416109
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
RobotoCondensed-Bold.woff
www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/fonts/processed/
12 KB
12 KB
Font
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/fonts/processed/RobotoCondensed-Bold.woff
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f8d509f75d93709cde9140a1341d03d85c840490bb5797dd535b5b3e732e071b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
x-ac
1.ewr _dca
status
200
is-https
true
content-length
12068
last-modified
Thu, 29 Nov 2018 13:57:57 GMT
server
nginx
etag
"5bfff065-2f24"
vary
User-Agent
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
expires
Mon, 26 Oct 2020 20:08:01 GMT
cache-control
max-age=1933605
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/
197 KB
31 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ce9d0e1a7909265d5d0efffbf3f0ca2ab7457379d66dac5f07f7412c0649b03

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
.isKPxOqwBsedeX0ScOCGW9VfIP1ffM3
content-encoding
gzip
etag
"dfab7b6a56c19b831bc0d80e8b79dbcc"
age
0
x-cache
HIT
status
200
content-length
31331
x-amz-id-2
rVZ48gH2c5bsXes3m1rW8qJD2weuFD4uP5XpkyhpN4pzjCjfoj6/bXdp2AsIxUYRB53mG6tbt0M=
x-served-by
cache-fra19130-FRA
last-modified
Thu, 01 Oct 2020 13:31:45 GMT
server
AmazonS3
x-timer
S1601809277.653109,VS0,VE496
date
Sun, 04 Oct 2020 11:01:17 GMT
vary
Accept-Encoding
x-amz-request-id
17ACD76C18C46CBD
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
71
x-cache-hits
1
main-lazy.css
www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/
478 KB
80 KB
Stylesheet
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5f132648e26fcbbeacfbc737e23cdf34f048a22d70e816c7a58605f3debcf9c4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5f6a9e83-777c1"
vary
User-Agent
content-type
text/css
status
200
expires
Sun, 04 Oct 2020 11:17:30 GMT
cache-control
max-age=974
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-ac
1.ewr _dca
content-length
81008
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
article-lazy.css
www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/
33 KB
8 KB
Stylesheet
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/article-lazy.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0d29090f37c99f2ff986ace4867496cc257ee7be66bd14b17a9038f8752f1b4d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
content-encoding
gzip
server
nginx
etag
W/"5d89d0f2-826f"
vary
User-Agent
content-type
text/css
status
200
expires
Sun, 04 Oct 2020 11:31:16 GMT
cache-control
max-age=1800
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-ac
1.ewr _dca
content-length
7468
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
player.css
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/
117 KB
22 KB
Stylesheet
General
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
09437cb0c2c180a44da0250871104b24ca7afe02c78d3871bfc7794a8678d3f8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:16 GMT
Content-Encoding
gzip
x-amz-request-id
878C051CEEFFC2B5
Connection
keep-alive
Content-Length
21852
x-amz-id-2
ndN2R1A8dD3nuzttDs27t4IkfsaHv0BvgzHjrAw2OYi/gb2yw+VzsB5+VSaY+EX13bb0MVQMDY0=
Last-Modified
Tue, 29 Sep 2020 01:08:05 GMT
Server
AmazonS3
ETag
"27d7de390828844df7a0d5d2b940e0c7"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=374
Accept-Ranges
bytes
Expires
Sun, 04 Oct 2020 11:07:30 GMT
css
fonts.googleapis.com/
901 B
513 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web&display=swap
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cce6e054d15d14409d564955ec16be3f64f55efb440c69e7276fa8df3b5449fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Oct 2020 10:02:38 GMT
server
ESF
date
Sun, 04 Oct 2020 11:01:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Oct 2020 11:01:16 GMT
css
fonts.googleapis.com/
2 KB
627 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abcaf427a40877acef435f4777ff7aeb4af5517ecd6ec9d0b4099248de71e0de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Oct 2020 09:39:42 GMT
server
ESF
date
Sun, 04 Oct 2020 11:01:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Oct 2020 11:01:16 GMT
RobotoCondensed-Bold.woff
www.dailytelegraph.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/fonts/processed/
12 KB
12 KB
Font
General
Full URL
https://www.dailytelegraph.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/fonts/processed/RobotoCondensed-Bold.woff
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f8d509f75d93709cde9140a1341d03d85c840490bb5797dd535b5b3e732e071b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
x-ac
1.ewr _dca
status
200
is-https
true
content-length
12068
last-modified
Thu, 29 Nov 2018 13:57:57 GMT
server
nginx
etag
"5bfff065-2f24"
vary
User-Agent
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
expires
Mon, 26 Oct 2020 20:04:18 GMT
cache-control
max-age=1933382
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Roboto-Regular.woff
www.dailytelegraph.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/fonts/processed/
12 KB
13 KB
Font
General
Full URL
https://www.dailytelegraph.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/fonts/processed/Roboto-Regular.woff
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8b5f88571701095b94afc07f4c4de07be33db36d8cd7d4aa8f90d34ae665b98f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:16 GMT
x-ac
1.ewr _dca
status
200
is-https
true
content-length
12588
last-modified
Tue, 04 Dec 2018 12:16:20 GMT
server
nginx
etag
"5c067014-312c"
vary
User-Agent
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
expires
Tue, 20 Oct 2020 20:28:56 GMT
cache-control
max-age=1416460
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
authorize
login.newscorpaustralia.com/ Frame EE29
0
0
Document
General
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=H7AtbAPih4L-BbAJAljOlPxNhlO-f7lx&nonce=ab04-Fm02CTmw.JiNIkrFOP4Qp7Pp7lo&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.229.57 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-229-57.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=H7AtbAPih4L-BbAJAljOlPxNhlO-f7lx&nonce=ab04-Fm02CTmw.JiNIkrFOP4Qp7Pp7lo&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

status
200
server
openresty
content-type
text/html;charset=UTF-8
ot-tracer-spanid
198af3923dc77a40
ot-tracer-traceid
073c4b920ba20482
ot-tracer-sampled
true
ot-baggage-auth0-request-id
5631-1601809277.206-2.16.110.188-1391-303233503-2-0.000
x-auth0-requestid
41568820ef5631d5e5f0
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1601809278
content-encoding
gzip
strict-transport-security
max-age=31536000
x-akamai-transformed
9 533 0 pmb=mTOE,3
expires
Sun, 04 Oct 2020 11:01:17 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:17 GMT
content-length
838
vary
Accept-Encoding
set-cookie
did=s%3Av0%3Aed2abcd0-0630-11eb-a749-350acc6667ff.m9HwI8vBeIp7pYc41IIrB9wq3aWdou%2B5PH59a4Ouzls; Max-Age=31557600; Path=/; Expires=Mon, 04 Oct 2021 17:01:17 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Aed2abcd0-0630-11eb-a749-350acc6667ff.m9HwI8vBeIp7pYc41IIrB9wq3aWdou%2B5PH59a4Ouzls; Max-Age=31557600; Path=/; Expires=Mon, 04 Oct 2021 17:01:17 GMT; HttpOnly; Secure ak_bmsc=2EB7F92F1003AC6796CA509DC2B9D0540210BB2C6D4800007DAB795FCA9B870F~plke8iAq33fxQ3N4SbpTLuhXuWC5F/poh1v4PcScq7d0voWi8PgK3TTKhevuslJyJL5Xpn4OT4xu84r5/qrIEhRFb0KLhYtcmzIvQii0R1jnf7mrrepIoc3tSkjA5zHodS4YVfxWD4w8pPifGUJk3wxDXAmfM3oeQa7z3lpbRdacwUwIY1Hdm0MFfG1EMI7L5KCS2lrhW47Ti2HbF7BaYwpI+mygVq5RylTaVY37Qg4UuT3cRrktn1ndsn2U6Kj/r8; expires=Sun, 04 Oct 2020 13:01:17 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=94264495AC4FDE650021D05DF5CFCBE0~lfbGnUVLF8fINlIiGQFfmUPT/Rpdj8IsndefD6UvIt8qo85loP5ZYo99vtP4hRyY/AMsGom56PFOrlPPINyKcW9FevxC5ASySEFDo+K1UPkp0dXgEGeRsK0xzgwEXccgecpFKxrWNsiv2hu0QAmG766j7mwjRGPWOehQDR31F1lj8wcJHv5R9nc+MGRtIhaInpelblPZWJ4IWpfeTRCZVYKL/yCRizbkiwBzS8ZHruWxmFx+3WORrdQcC+UHVWgP; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=E81C7C8C55F8244B9D90B5AC5187D846~YAAQLLsQAkrYje50AQAAw+FF8wnr2G3J7FfaOMp9ojgQQiw47f44oFptbnUxw1VS338VIvk59F2Moe4p+WzCtfH3Q+/nK4OBoOX+YngqzoR9PxtFdgGBmeSNyjpuFYP8MiTWcM58c+EWW41vkifP5garxms1hhQUiuLRwp3Zpgl73gfDzBuwC+y8YxVlmgMIvtQp2UkxujLxHnI=; Domain=.newscorpaustralia.com; Path=/; Expires=Sun, 04 Oct 2020 15:01:17 GMT; Max-Age=14400; HttpOnly _abck=077CC63B94D4077FC5201D912EB24B1B~-1~YAAQLLsQAkvYje50AQAAw+FF8wRZ/59yWQAB/vmksGjtHHi/alOi2J6qjEdVHNUQ+PuF8FX7ApXIxWSHPKORVValhoULKPCHWGM9k5sZgA1x+ca9Ex5h2nkBnbgvluv5gIKhzPEPqkjEwAI2tlcl9WMa7i1errUy8k3CvkjQOsHZqrCNIx08XG+9NBp4a0w7mYPgU5RcpG+kbGmJ9nLd/9SyrQEXmjvOvAICeeTMeSOknxhPECJcJWcwk312vXkJjjo0HuzAp79wcIzdh3aaIdNXjh8uoqY2h08Gd0Gj9g7JbUa0DIGL44GnYquwPtJK/Gi1COY=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 04 Oct 2021 11:01:17 GMT; Max-Age=31536000; Secure
adelaidenow.svg
resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/
5 KB
3 KB
Image
General
Full URL
https://resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/adelaidenow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
13e9cadd59d1a5f800069346d101e9a86c699201d7be2b6c716c81f9f1b49f75

Request headers

Referer
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:16 GMT
Content-Encoding
gzip
x-amz-request-id
140E4CFFC3503F3C
Connection
keep-alive
Content-Length
2345
x-amz-id-2
SWET+T2x3OOIeuJvS47czqfra2VXgGztqXIkNZ/gUtqyo6NO+Kdl2NpPl4S1aUK3MG5cDdeCkbY=
Last-Modified
Wed, 28 Oct 2015 06:32:26 GMT
Server
AmazonS3
ETag
"69fc62a1293d455d31a8f6f5b563b11f"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=398787
Accept-Ranges
bytes
Expires
Fri, 09 Oct 2020 01:47:43 GMT
couriermail.svg
resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/
5 KB
3 KB
Image
General
Full URL
https://resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/couriermail.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
406159867f7e5513bada37d3d4ec6ade2c4890c1c06827ba678be491c54f548f

Request headers

Referer
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:17 GMT
Content-Encoding
gzip
x-amz-request-id
864AF96B5FF1A1EF
Connection
keep-alive
Content-Length
2686
x-amz-id-2
9IG1IwBXs85T5NwRpU8kyc9A54EO64TYbBbLVHPMvEbwNO3N8Q2ddgIHHY1WuhDe7xvXmcdbggg=
Last-Modified
Wed, 28 Oct 2015 06:32:26 GMT
Server
AmazonS3
ETag
"1c7f79586c0be98e9acba49bfea91c7e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=321419
Accept-Ranges
bytes
Expires
Thu, 08 Oct 2020 04:18:16 GMT
dailytelegraph.svg
resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/
8 KB
4 KB
Image
General
Full URL
https://resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/dailytelegraph.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
201b59d144d72c6d44ae06a5cb4a9f3bf8a477eadaa3072ea4e38c988917f0f4

Request headers

Referer
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:17 GMT
Content-Encoding
gzip
x-amz-request-id
075A537A264A9F84
Connection
keep-alive
Content-Length
3591
x-amz-id-2
opy9paar+O/UYWFLAzrCWEAP2rIlzo7bI7MatOWS4otSzoRx8r0jFejksXx6CZCouLRuzwq7A94=
Last-Modified
Wed, 28 Oct 2015 06:32:26 GMT
Server
AmazonS3
ETag
"dceab39e00d5810c46f71154a5e242bf"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=48446
Accept-Ranges
bytes
Expires
Mon, 05 Oct 2020 00:28:43 GMT
mercury.svg
resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/
15 KB
7 KB
Image
General
Full URL
https://resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/mercury.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ab4633acb58cc75609531b5eb301aff69bc873f18b25e8f2bde77b0acd1c7325

Request headers

Referer
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:17 GMT
Content-Encoding
gzip
x-amz-request-id
FCE167A66D0B9F3F
Connection
keep-alive
Content-Length
6575
x-amz-id-2
SvPlVaVcpBVK2JZNURinDmv8fkziKg/tx7UJYLQIpd6Iz3bU/cuWyWHosAzAHshS86vUbF0VHgU=
Last-Modified
Tue, 31 Oct 2017 05:59:28 GMT
Server
AmazonS3
ETag
"b900d30f51b0f438b0ff12c2afcbf688"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=376777
Accept-Ranges
bytes
Expires
Thu, 08 Oct 2020 19:40:54 GMT
theaustralian.svg
resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/
15 KB
4 KB
Image
General
Full URL
https://resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/theaustralian.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f7d754162e678fffd2853e29cd5bb53036f234877d6e40f7d8d4aceb368e502b

Request headers

Referer
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:17 GMT
Content-Encoding
gzip
x-amz-request-id
3AED2F164AC4F864
Connection
keep-alive
Content-Length
3712
x-amz-id-2
WXICzBk8vCzcUufVoddLXz/+UZaoza0d/DYti2O95k9dbWKMzPxUsxAy1GB+LPuglwdrRtyRIuk=
Last-Modified
Tue, 19 Sep 2017 03:27:58 GMT
Server
AmazonS3
ETag
"f54361dd2c60e9595f7c14ece427fe8a"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=77310
Accept-Ranges
bytes
Expires
Mon, 05 Oct 2020 08:29:47 GMT
news.svg
resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/
11 KB
4 KB
Image
General
Full URL
https://resources.newscdn.com.au/cs/chronicle/dailytelegraph/latest/assets/img/news.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e88b010008b5a3a0d66b81edd0d38ec6e69615943382f0ffb58320f368b15a31

Request headers

Referer
https://www.heraldsun.com.au/wp-content/themes/vip/newscorpau-tangram-ui/src/styles/tgs-mastheadreimagine/dist/main-lazy.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:17 GMT
Content-Encoding
gzip
x-amz-request-id
ED4E026B7FF63237
Connection
keep-alive
Content-Length
4021
x-amz-id-2
60kEMX6foaOQ1iqmFfirTkRVSRz8/sYuzKzjiCzsMrMEXBYGFH2OgDvFcdats1GZbQYPo5Wb2HQ=
Last-Modified
Mon, 16 Oct 2017 03:48:08 GMT
Server
AmazonS3
ETag
"615e2db6893257740fe0a0c4f411c88f"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=343392
Accept-Ranges
bytes
Expires
Thu, 08 Oct 2020 10:24:29 GMT
utrack.js
tags.news.com.au/prod/utrack/
2 KB
1 KB
Script
General
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16018092770680.729773985044214
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
496f507875a529b613576dd312577e9b7794101ff0a7184015a9d9fd42b87d06

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
server
Apache
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status
200
cache-control
max-age=0, no-cache, no-store
content-type
application/x-javascript
content-length
837
expires
Sun, 04 Oct 2020 11:01:17 GMT
mitas.js
tags.news.com.au/prod/mitas/
666 B
898 B
Script
General
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
server
Apache
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status
200
cache-control
max-age=69757
content-type
application/x-javascript
content-length
666
B7670439;dcadv=4149947;sz=1x2;ord=273253613378.92383
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/
15 KB
5 KB
Script
General
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=273253613378.92383?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f134.1e100.net
Software
cafe /
Resource Hash
da9d783ebad74b19ea4f10ecf9caaf37b4fc638c2e656d8ac5e294d611a57bfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
authorize
login.newscorpaustralia.com/ Frame F3CE
0
0
Document
General
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=q.rCL~nA3p~jQ38FHkxBB_gikl-C01OT&nonce=Gn3efjnx1VQBxIlKVnJ6silnXw.n83gx&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.229.57 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-229-57.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=q.rCL~nA3p~jQ38FHkxBB_gikl-C01OT&nonce=Gn3efjnx1VQBxIlKVnJ6silnXw.n83gx&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

status
200
server
openresty
content-type
text/html;charset=UTF-8
ot-tracer-spanid
66f9c85c3981f4b9
ot-tracer-traceid
1689e3e479127e49
ot-tracer-sampled
true
ot-baggage-auth0-request-id
5632-1601809278.179-2.16.110.188-1391-303233898-1-0.000
x-auth0-requestid
1912e06c4da1c839e8e8
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1601809279
content-encoding
gzip
strict-transport-security
max-age=31536000
x-akamai-transformed
9 535 0 pmb=mTOE,3
expires
Sun, 04 Oct 2020 11:01:18 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
content-length
840
vary
Accept-Encoding
set-cookie
did=s%3Av0%3Aedbfa9d0-0630-11eb-99f2-b15ac88fb13b.5ssRaHgfpqveMKDzWtlaPL6bZCAvkJ5kH37ZRazAitw; Max-Age=31557600; Path=/; Expires=Mon, 04 Oct 2021 17:01:18 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Aedbfa9d0-0630-11eb-99f2-b15ac88fb13b.5ssRaHgfpqveMKDzWtlaPL6bZCAvkJ5kH37ZRazAitw; Max-Age=31557600; Path=/; Expires=Mon, 04 Oct 2021 17:01:18 GMT; HttpOnly; Secure ak_bmsc=AA208FB1202CED1C21049738BB27B49F0210BB2C6D4800007EAB795F3A23910D~plCoBPuwEnz/vv5EnpstBY0cN2FSePgehBsq62NPXP0vnTJO2bZwawQW2Uhyg1lXQKlXM7BccSIsM4BBYwg+C+B+lkpMzDR3xcI55vt9qS4ozTNRkmNlWprq/SMlVWp4qR1V1qzA1Z+mrqPf33EHlZS18Qq5/uzcjpend4GEDNcouAH1hnP1eph1FxHltPLL512vV5xTnXcLAqofOfr+dAexYZNHJHNfZRYbaNw2mvHB7j4Sbh1Djo8Jago/oMWXpB; expires=Sun, 04 Oct 2020 13:01:18 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=99F48309EAEA0D4769E3825D9400A97F~lfbGnUVLF8fINlIiGQFfmZOmE+e7w7N8mzWQmzYnWUGu7A8dXwhboHCjDH+Gih2mwH65be+DzOWT7K5LL2df+KAoz1/6u31shqODK+xvvpE9sQ2uuhqV1BDwZbYbhOkq9o5WPo8qDIqJ2COV8X1uj2yfi2Ujl1PaP+mccmHiECe4zahN9WaXlzt5uqUrXFora8SbTRe+HvhQcEw7VDq0MnwAppLx6/66npCea4aEoLkbxORmu4MDAKmMCqI4eByk; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=BF5D4DD1EBF7E397D3628D6AAC2475FF~YAAQLLsQAlXYje50AQAAmuVF8wn1jWQ/a6zfMr6zgZZVCLM6kXy2yTZAt01dL/uPoY3JM8hOAekpvZ0nRyMTM3iedsPdRbMMoLC3Gqm7vKCfXrnlnPbLRs/LvEQkPFALBLaSVhUUO/YgcDE4Uxe6dYZEEDFsj3Iy+/apa509owRRtt3pG5WLTUxolTJiE6UTj+ZtBBo/0x95ICQ=; Domain=.newscorpaustralia.com; Path=/; Expires=Sun, 04 Oct 2020 15:01:17 GMT; Max-Age=14399; HttpOnly _abck=3837F02AC97EEB6EF327E1091EF9CA7E~-1~YAAQLLsQAlbYje50AQAAmuVF8wT6qzk6O6tquNjkUkoGM/O1VAFr8X0gyZbwV7n8UJ6VlSijN4ebT4ozKD7MoCKqO5S6b2Os63IkYoxObubyrk577l3ejr6odoalcMspYHWzR0llh5zUHRz/WOeQ+JhdOnopyYQWkzb/yjRVoPXnVJNFu2gsxY6Eonwl/F7FZQKr7XrFxEv1Bw3UhH1kNmtQDKDdn08hA95CE5BnrNzXYMeJ4tvDVNk63G+wbWeTMMhkis5ot6qaU6e01l1kcz/7lGM0HLa36RrUQOCbJVh2ZSDvo7WA6Vm+BIw2KpVgVPqT6xw=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 04 Oct 2021 11:01:18 GMT; Max-Age=31536000; Secure
authorize
login.newscorpaustralia.com/ Frame 012C
0
0
Document
General
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=x4chIgjDf8gSE0L75Px4kbltQNNMS4AK&nonce=BKz2.Z5UjozdH6gDqsPlpAPHVTAd8YSE&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.229.57 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-229-57.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=x4chIgjDf8gSE0L75Px4kbltQNNMS4AK&nonce=BKz2.Z5UjozdH6gDqsPlpAPHVTAd8YSE&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

status
200
server
openresty
content-type
text/html;charset=UTF-8
ot-tracer-spanid
714adc8f21be528c
ot-tracer-traceid
39c505b6321231da
ot-tracer-sampled
true
ot-baggage-auth0-request-id
6506-1601809278.067-2.16.110.188-1391-303569396-1-0.000
x-auth0-requestid
8197e058cdc66fd925ad
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1601809279
content-encoding
gzip
strict-transport-security
max-age=31536000
x-akamai-transformed
9 534 0 pmb=mTOE,3
expires
Sun, 04 Oct 2020 11:01:18 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
content-length
843
vary
Accept-Encoding
set-cookie
did=s%3Av0%3Aedad0c30-0630-11eb-9303-67923228b40e.5uHuSgrOeSXVct4na8LhIybZhSyK5dQgq4Q1HHOXrgo; Max-Age=31557600; Path=/; Expires=Mon, 04 Oct 2021 17:01:18 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Aedad0c30-0630-11eb-9303-67923228b40e.5uHuSgrOeSXVct4na8LhIybZhSyK5dQgq4Q1HHOXrgo; Max-Age=31557600; Path=/; Expires=Mon, 04 Oct 2021 17:01:18 GMT; HttpOnly; Secure ak_bmsc=E520AF5775D4AF1F74803A01957BA3D30210BB2C6D4800007EAB795F5836F57B~plNZVPIZGyMf5B3GPLyxUJdybEztt+hoAdZIPegLdXXU+wCEwYLlEAIiGogdSsR4/0iF00wC/jbmV0CQqLqmjDlBExdsxDe04zBJOjITH685slfOshOZ91iJ0TnVY91hBtyi5Uk4gW4YY3bx5UCa8cXIiLV2aS6xOPI7q8EKSp3ztLDcXQRoDptGHC1V/3s9VT/1VlBkbFn44z1rw+NeGLq5mt0CAehw0EpKZms1oCfc026No2jVKf+2UHu9bJd5+z; expires=Sun, 04 Oct 2020 13:01:18 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=CC0FDD0C02115768727121FBF04A43AC~lfbGnUVLF8fINlIiGQFfmf3rFVSv/DCqQLH7GfvlyPHXPXOUmPlheswaddTEA7BWyYzoadtBncS67sqljmg1VWRG0fa7pRl/FmWKn0JXgjCIO58i7uJJz4hrHRjSv7233wEJ1zGk5BADmG0dxvXj3D9eDQlQBvVeoxcTFaCY3KUoCM4O1Cmr5SMoJGeRSL9xRbLOZCHn+BeqhWMG8qRqVUij71+IekfY0qKX1+087gsonmKwGmHEOX49aYA4oLXv; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=B190A2702E23F38C0E775F2BF1721CE0~YAAQLLsQAlHYje50AQAAGuVF8wn4hFMVcBHzz2RXluK6sGgzQEFD9mbV+lIOVKiuJ4aLDfTrkTZPIx0suJkVe7wEF6t0odt4NYCw4fNkwMjktjFgBwUJeh5RPMnCG5Yn6IW14QkspzbilpwPtsIWrvsUdr0Jrtr6CvEM1RVks06dguqs24R3uuLYSTeIJAdBo8LoXHNPEynxR4Q=; Domain=.newscorpaustralia.com; Path=/; Expires=Sun, 04 Oct 2020 15:01:17 GMT; Max-Age=14399; HttpOnly _abck=829E01FEA3FA2E57655139D05275C55B~-1~YAAQLLsQAlLYje50AQAAGuVF8wT3Gzz4CrfD1DHVzZi4IJYm4AW4WkTX6605CrHO6FyRp+WPjH72nFdso3bJhczOp2Lm3soiC0k/G8tManLoG+gsLhWO/lOvLJ5KOB2Qvb1exczJycrdMuJGU542ekOhjid6TmY9S8Et9npP2xnIOYEwQA+hxDxKVNDw8uNT5e0o96o6yJRqZ3cvmxiYLJMgRP7NBtN77suE1aZbofNhe05ETVBLT2Y+KLzdaD+gPf5eTTTLt4NhI+nkXG2UnIy1on4lKDQmXyu4bFKKFiWp6O50EefqeOQDurmB5Ygqg0LfZnE=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 04 Oct 2021 11:01:18 GMT; Max-Age=31536000; Secure
chartbeat_video.js
static.chartbeat.com/js/
69 KB
23 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 09:13:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Apr 2020 00:58:19 GMT
server
nginx
age
6451
etag
W/"5ea239ab-11347"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=7200
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
8U-c43ZeXiKm8BnfJ2vgDOs6DHc6OZxcTulXqlu2qkscWoLQGJq1Gw==
via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
expires
Sun, 04 Oct 2020 11:13:46 GMT
metrics.js
tags.news.com.au/prod/metrics/
174 KB
60 KB
Script
General
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-82.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f30db3530a06b2ae1acfa18944abd1c56eb3299e13229d38aa6ba4efaad72cbf

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"64088a0421c95a2815bd08975b5059a8:1600750145.22249"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status
200
cache-control
max-age=61187
content-type
application/x-javascript
tad.js
tags.news.com.au/prod/tad/
87 KB
27 KB
Script
General
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-82.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
78c788842d72e05aff9d1a4eb665235d9c72c4ae953e0a715ce21d9ae5d1b622

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"949e8142fc68539b46f87aa6c31a64a5:1601422921.376349"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status
200
cache-control
max-age=11296
content-type
application/x-javascript
content-length
27820
gpt.js
securepubads.g.doubleclick.net/tag/js/
50 KB
17 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
30c378fb34bf9bdbcc84253b0e2dd0660e89e1bdec1ba964c0c2d42fae7222c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"652 / 231 of 1000 / last-modified: 1601676732"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17350
x-xss-protection
0
expires
Sun, 04 Oct 2020 11:01:17 GMT
prebid.js
tags.news.com.au/prod/prebid/
327 KB
98 KB
Script
General
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-82.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"079b5880b9ed74f5d265d6b9199a2e85:1601422697.718452"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status
200
cache-control
max-age=84773
content-type
application/x-javascript
ncg.js
au.tags.newscgp.com/prod/ncg/
154 KB
47 KB
Script
General
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d248f431bcc069c16636e35ff10b6e760f9600c0632bb29733631a73b14852f8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 10:13:22 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 30 Sep 2020 14:06:33 GMT
Server
AmazonS3
Age
2913
ETag
"57136cf52a9e5e159b424b663a03805c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 2646a167841368615f96564f373f8d21.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZAG50-C1
X-Amz-Cf-Id
ifzZ9-L-0Zd5GyYkxfQsB_QzMBPfiXoZpR8pv4ZYErYcE0esioB6BQ==
nielsen.js
tags.news.com.au/prod/nielsen/
21 KB
9 KB
Script
General
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-82.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c626f8e43cc2841e6fb567811a84d4d961b93f5112e91925b9bac8e73d41c7c5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"55bd0fb176026ea2de2b8b48d02d2fd0:1601511652.131965"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status
200
cache-control
max-age=22218
content-type
application/x-javascript
content-length
8640
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-gl.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
21 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 23:29:02 GMT
content-encoding
gzip
age
41536
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
last-modified
Mon, 04 May 2020 13:03:46 GMT
server
AmazonS3
etag
W/"485e22c0ad60bcb2677b2f8f9b011e61"
vary
Accept-Encoding
x-amz-version-id
Atg2BNoq_w9GuxA03gYewv2lTFbMKFkY
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
y1qmWDEVcM81F5Yo95swbvWwE84sqvUc6UjNgFdkxtbny1xR7WMdmg==

Redirect headers

date
Sun, 04 Oct 2020 11:01:17 GMT
via
1.1 447f0defb04b912ed949f0fdd5a6492e.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
ZAG50-C1
status
301
x-cache
Miss from cloudfront
content-type
text/html
location
https://cdn-gl.imrworldwide.com:443/v60.js
content-length
134
x-amz-cf-id
FuumsC9w57LgfxINgJDwy9Ij5cE0x-qUKfgAazpr11kR78OnS9v99g==
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-136.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
last-modified
Wed, 20 Nov 2019 04:49:47 GMT
server
AkamaiNetStorage
etag
"a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=1296000
accept-ranges
bytes
content-length
900
expires
Mon, 19 Oct 2020 11:01:17 GMT
g.gif
pixel.wp.com/
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.5182861128118874
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 04 Oct 2020 11:01:17 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?blog=135638065&v=wpcom&tz=11&user_id=0&post=4603981&subd=heraldsunnewscorpau&host=www.heraldsun.com.au&ref=&fcp=4278&rand=0.880913394354536
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 04 Oct 2020 11:01:17 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/
50 B
115 B
Image
General
Full URL
https://pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1BNmNJfGhxNCVxUDExYmtib2E%2FSzdEJm0lUEtbdFU0fFk4cHZvcUFrZT90Tn4yQm1%2BR3NyNTdhX18vYmh2eEh8Wj8uOG5ZXVlncWJVOHRRfkdleEVTb1FwV35kZ0RzU29OaHF1K112Vnd2QWRVPW4%2FY2FxRWdFZzF6UGU%2FJjlmLnpULzR6WXwxdEZIPWddaGJkdnF3UlQsZXomS2xBbzc%2FVl0vPWZiWGE5NSZpRnBbRlRxW3hdN2xyTytvK3VdamtGZ11dSWVKMGpTOHlVME1udjFNbndzZUdDJlc2eGFPTC9naEg3bitHVDlq&v=wpcom-no-pv&rand=0.4273735323322745
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 04 Oct 2020 11:01:17 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
9c3571e11f96358d7859a9b9708ef845
content.api.news/v3/images/bin/
102 KB
102 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/9c3571e11f96358d7859a9b9708ef845
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
64327dcc3914dd9ac08e45ea612eed4b899058ec89f34b29d8145576c3ea3efa

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Check-Cacheable
YES
Edge-Cache-Tag
9c3571e11f96358d7859a9b9708ef845
Connection
keep-alive
Content-Length
104312
Last-Modified
Sun, 04 Oct 2020 10:35:29 GMT
Server
Akamai Image Manager
ETag
bfd3e6d4b6df97ca6dd693cf6c38d4ed-9c3571e11f96358d7859a9b9708ef845-0
X-Serial
1787
Access-Control-Allow-Methods
GET
Content-Type
image/webp
Access-Control-Allow-Origin
*
X-hobit
2B
Cache-Control
private, no-transform, max-age=5182491
Access-Control-Allow-Headers
x-newsapi-api-key
Expires
Thu, 03 Dec 2020 10:36:09 GMT
99fd73e479fcc3d42d6f6e2742db617a
content.api.news/v3/images/bin/
42 KB
43 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/99fd73e479fcc3d42d6f6e2742db617a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e7bd2020456d0d30aca9366f06a279887b2be01f44019a74d51c83656d0ad73d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Check-Cacheable
YES
Edge-Cache-Tag
99fd73e479fcc3d42d6f6e2742db617a
Connection
keep-alive
Content-Length
43058
Last-Modified
Sun, 04 Oct 2020 10:33:04 GMT
Server
Akamai Image Manager
ETag
424683b2d7117796fe05f78bdcec2bc0-99fd73e479fcc3d42d6f6e2742db617a-0
X-Serial
454
Access-Control-Allow-Methods
GET
Content-Type
image/webp
Access-Control-Allow-Origin
*
X-hobit
2B
Cache-Control
private, no-transform, max-age=5182297
Access-Control-Allow-Headers
x-newsapi-api-key
Expires
Thu, 03 Dec 2020 10:32:55 GMT
af7b5a2c767b35bcafb9e453d771691e
content.api.news/v3/images/bin/
131 KB
131 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/af7b5a2c767b35bcafb9e453d771691e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
be18a3704ec732baeeccaafcb39e8fb181006e9cfdb883ba048c0bdab66ab114

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Check-Cacheable
YES
Edge-Cache-Tag
af7b5a2c767b35bcafb9e453d771691e
Connection
keep-alive
Content-Length
133854
Last-Modified
Sun, 04 Oct 2020 10:24:28 GMT
Server
Akamai Image Manager
ETag
eca7b0b366677d6583ab08d51c5003de-af7b5a2c767b35bcafb9e453d771691e-0
X-Serial
590
Access-Control-Allow-Methods
GET
Content-Type
image/webp
Access-Control-Allow-Origin
*
X-hobit
2B
Cache-Control
private, no-transform, max-age=5181800
Access-Control-Allow-Headers
x-newsapi-api-key
Expires
Thu, 03 Dec 2020 10:24:38 GMT
efb2e0288927330840efd143bb8c3fde
content.api.news/v3/images/bin/
157 KB
158 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/efb2e0288927330840efd143bb8c3fde
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b7f6e6a7e20688d349ef02c40d6cba6872afa7d8b1bff7b6c5df602dccaa4348

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Check-Cacheable
YES
Edge-Cache-Tag
efb2e0288927330840efd143bb8c3fde
Connection
keep-alive
Content-Length
160930
Last-Modified
Sun, 04 Oct 2020 09:56:24 GMT
Server
Akamai Image Manager
ETag
19c3e76a345d2929c3d83cae573d61bf-efb2e0288927330840efd143bb8c3fde-0
X-Serial
859
Access-Control-Allow-Methods
GET
Content-Type
image/webp
Access-Control-Allow-Origin
*
X-hobit
2B
Cache-Control
private, no-transform, max-age=5179953
Access-Control-Allow-Headers
x-newsapi-api-key
Expires
Thu, 03 Dec 2020 09:53:51 GMT
ping
ping.chartbeat.net/
43 B
169 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c&u=-qX9rDnNp3TCr4oU7&d=heraldsun.com.au&g=36976&g0=news%2Cnational%2Cvideo&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2069&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4816&t=DlhmZ1DdusThS7ZgNDNJG7eBBFj_2&V=120&i=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%C2%A0Announcement%20%7C%20Herald%20Sun&tz=-120&sn=1&sv=VuPwhDBAgVjDK3tw3DjTCCzJWI61&sd=1&im=067b0ef2&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.132.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-132-182.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
ggcmb510.js
seccdn-gl.imrworldwide.com/novms/js/2/
12 KB
5 KB
Script
General
Full URL
https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:8600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
n3q_bF37_FBlZH_XRzcQNsIp2iM_eW7C
content-encoding
gzip
etag
"afa0d379b1e6e0a61fad577d0043ff26"
age
1985
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
last-modified
Mon, 31 Aug 2020 13:41:33 GMT
server
AmazonS3
date
Sun, 04 Oct 2020 10:28:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
8TLiRmt5YO2O7Wht0Xi76aB6EQomo5TG1X1RUzN470DXAO4jKJSH_A==
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/
52 KB
16 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.110.93 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-110-93.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash
4353b5e1bb568c2005f7778cda77c52b1c2eb4c026ba698549780e0306b0532e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
status
200
last-modified
Tue, 19 May 2020 11:39:04 GMT
server
Microsoft-IIS/8.5
x-powered-by
ARR/2.5, ASP.NET
etag
"0bc219d22dd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=295
accept-ranges
bytes
content-length
15807
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
202 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202009280518&cb=1601809277189
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-136.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
status
200
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Sun, 04 Oct 2020 11:11:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20201001/r20110914/elements/html/
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201001/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=273253613378.92383?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 10:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
2649
x-xss-protection
0
server
cafe
etag
804181672847865866
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Oct 2020 10:35:52 GMT
view
googleads4.g.doubleclick.net/pcs/
0
761 B
Other
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7ZqM838zY5KxauGVT94UOzfMYa8iCChVE8KKVUXvf9AIBZUbkZ-wzx7nAQyND1Zpf91-pkYz8yrLAs01iR_ZKMtPqyowsoE_JOyoeMxXJe-IFi0awN92u-R0bW6T9p8LXkvvJBdcEGJuQBxkHig&sig=Cg0ArKJSzIN0Ki17VKFdEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20201001.81465&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=273253613378.92383?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 04 Oct 2020 11:01:17 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pubads_impl_2020092201.js
securepubads.g.doubleclick.net/gpt/
264 KB
93 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Sep 2020 08:40:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94816
x-xss-protection
0
expires
Sun, 04 Oct 2020 11:01:17 GMT
iasPET.1.js
cdn.adsafeprotected.com/
22 KB
7 KB
Script
General
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-81.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 03 Oct 2020 01:14:09 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 08 Jul 2020 20:34:30 GMT
Server
AmazonS3
Age
124259
ETag
W/"a8663f72a1dbe614b19f167a59af368d"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
KkXGzOEk-Jm6JZ1QgkDyLxMVCJYLbhQEYvMiN6HrMbgDigsyuF6WZw==
index.min.js
players.brightcove.net/5348771529001/KjZtYFggZ_default/
867 KB
237 KB
Script
General
Full URL
https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.200 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-200.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
50ad3657dc7d4e79dbce08ae7fee84ace0b119dd852baeb01fa824c60130c962

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
_xvh2bgkY3Az7S31oZH0LKN6E4VyieRo
Content-Encoding
gzip
ETag
"4740ebc28da997405fbff7ecd9730c42"
x-amz-request-id
DTCV4ZAK9V2X4PBJ
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
241889
x-amz-id-2
PPac4Y0mHYphkYUug3WLmzUS5VY2NfB1EX+oBU1WdxZII/FhURzgDeHAaGuAbchQfwQ27QNC2FY=
X-BCOV-Response-Mode
1
X-Served-By
cache-dca17751-DCA
Last-Modified
Wed, 01 Jul 2020 23:52:15 GMT
Server
AmazonS3
X-Timer
S1599631345.588833,VS0,VE1
Date
Sun, 04 Oct 2020 11:01:17 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=166
Accept-Ranges
bytes
X-Cache-Hits
1
MediaSDK.min.js
tags.news.com.au/prod/heartbeat/v2.2.0/
175 KB
35 KB
Script
General
Full URL
https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
server
Apache
etag
"c347a09f51bb895d757c5e600ad18d57:1565826404"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status
200
cache-control
max-age=40451
content-type
application/x-javascript
content-length
35262
vans-adapter-google-ima.js
static.adsafeprotected.com/
19 KB
7 KB
Script
General
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Sep 2020 00:43:29 GMT
content-encoding
gzip
age
382669
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
last-modified
Mon, 16 Dec 2019 18:23:25 GMT
server
AmazonS3
etag
W/"90eaad1daab4870a6a4ed031687aa680"
vary
Accept-Encoding
x-amz-version-id
FmW9GCwMGDcYuvST0fbMtlt7Sr3UNohQ
via
1.1 168a24ef858eb187119582fbc6ac0718.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
ZAG50-C1
content-type
application/javascript
x-amz-cf-id
LZq23-T-2e884_25aS6JINrWOFdmW3jlV-Gj0swg8yeBRbd2oao9zw==
vidora-client.1.x.x.min.js
assets.vidora.com/js/
8 KB
4 KB
Script
General
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:bc00:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 03:18:01 GMT
content-encoding
gzip
last-modified
Wed, 08 Apr 2020 14:24:21 GMT
server
AmazonS3
age
27797
etag
"09285b59e7b4661ace266ee756c7b3f3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7kUhtG3YsHmg1NihY6_SqkIYyok58CquDQTJ-WhE7V63uyQcGDwMSA==
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/
3 KB
2 KB
Script
General
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
etag
"1a868d280f9424f5d82876d6cf0c46b9"
age
0
x-cache
HIT, MISS
status
200
content-length
1123
x-amz-id-2
075vkvBOxEz4nzd/HNX2wpWCMe3BUEMI9BR8L4QWl+KyhIjXdXV6LfpfQQflc4IVexdFhvp9h1I=
x-served-by
cache-lax8633-LAX, cache-hhn4061-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1601809277.420059,VS0,VE174
date
Sun, 04 Oct 2020 11:01:17 GMT
vary
Accept-Encoding,,
x-amz-request-id
3BB726D6B4B00BAD
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 0
impl.20201001-12-RELEASE.js
cdn.taboola.com/libtrc/
443 KB
102 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20201001-12-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
40051ced69bbbd6e4c5da7a9f78b7bd0d11c36bc23674d55da8070680fbbb202

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
my0tPnPD.E.WfoWFu50.eYTMV0FRpfTl
content-encoding
br
etag
"4efe3a747cc46aba0a88ed3f6fd22c8a"
age
22547
x-cache
HIT
status
200
content-length
103985
x-amz-id-2
BvVR6wZsbwtFkA2HUKTXgmd7HzB6Qe28EtavoH3m9fNOsHTliUGpvAL0daLlusq43bAdLLKr+h4=
x-served-by
cache-fra19130-FRA
last-modified
Thu, 01 Oct 2020 12:45:05 GMT
server
AmazonS3-br
x-timer
S1601809277.375802,VS0,VE0
date
Sun, 04 Oct 2020 11:01:17 GMT
vary
Accept-Encoding
x-amz-request-id
2256347403223838
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
91
x-cache-hits
22388
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Mon, 05 Oct 2020 11:01:17 GMT
id
dpm.demdex.net/
5 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1601809277308
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.79.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-79-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
99773537372378cf995e631c7ac70672d9008eb734985f85cddf93ea132a5a1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v081-0adb9c804.edge-irl1.demdex.com 5.78.0.20200908113611 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
2VM+Zim/Sso=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1499
Expires
Thu, 01 Jan 1970 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/
20 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
434d46a35ef7a3137120064f0311cc96c9ead6d400bec14b6176c425dd560fbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 10:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
8215
x-xss-protection
0
server
cafe
etag
4618384636763923224
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 04 Oct 2020 11:25:13 GMT
Cookie set dest5.html
newscorpau.demdex.net/ Frame D101
0
0
Document
General
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.191.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-191-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
newscorpau.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.heraldsun.com.au/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=12663755442056900841796904397957494091
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 09 Sep 2020 13:59:56 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=12663755442056900841796904397957494091;Path=/;Domain=.demdex.net;Expires=Fri, 02-Apr-2021 11:01:17 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
SaR9Vfe0S3A=
Content-Length
2785
Connection
keep-alive
id
metrics.heraldsun.com.au/
48 B
516 B
XHR
General
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=4.5.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=12687799202178718701794524214426117201&ts=1601809277422
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
1b653e6d249409ab2fb80aa11bfec3f56c56b4573900e9dc614a9cb9dc96d686
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Sun, 04 Oct 2020 11:01:17 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-58d4c4cffc-4hqq6
vary
Origin
x-c
master-1388.I1d56d5.M0-459
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=X3mreQAAAIYUyC@A&d_uuid=12663755442056900841796904397957494091
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=12663755442056900841796904397957494091
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X3mreQAAAIYUyC@A&d_uuid=12663755442056900841796904397957494091
0
882 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X3mreQAAAIYUyC@A&d_uuid=12663755442056900841796904397957494091
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.79.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-79-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v081-09f48a4e2.edge-irl1.demdex.com 5.78.0.20200908113611 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
uhKtM+JNQwI=
Vary
Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sun, 04 Oct 2020 11:01:16 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X3mreQAAAIYUyC@A&d_uuid=12663755442056900841796904397957494091
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
5348771529001-6197176668001
content.api.news/v3/videos/brightcove/
17 KB
3 KB
Fetch
General
Full URL
https://content.api.news/v3/videos/brightcove/5348771529001-6197176668001?api_key=6krsj3w249nk779d8fukqx9f
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx/1.14.1 /
Resource Hash
b6e8027cab51f82a3c87c343e3f42db6702788b5812357e01b01088046ea4dc0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:19 GMT
content-encoding
gzip
x-newsapi-cache
MISS
edge-cache-tag
9105f7389d35056433c6997d45cd840c
status
200
x-newsapi-timestamp
2020-10-04T11:01:18.912Z[UTC]
x-newsapi-traceid
530d314d7f603f2
content-length
2721
x-application-context
a-bootiful-client:prod:5000
access-control-allow-headers
x-newsapi-api-key
server
nginx/1.14.1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Mashery-Error-Code, X-Mashery-Responder
cache-control
max-age=600
x-newsapi-processing-time
20
x-mashery-responder
prod-j-worker-ap-southeast-2a-32.mashery.com
expires
Sun, 04 Oct 2020 11:11:19 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/
61 B
359 B
XHR
General
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-82.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
94c849dad281228761f865b170f223a1ed34a321b92cb49addd0fc3fb9f0fb86

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:17 GMT
server
AkamaiGHost
mime-version
1.0
etag
"f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
status
200
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
access-control-allow-origin
*
cache-control
max-age=0, no-cache
content-type
text/plain
content-length
61
expires
Sun, 04 Oct 2020 11:01:17 GMT
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/
15 KB
1 KB
XHR
General
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.110.93 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-110-93.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
a0e385deb57633b18f216145a994e928f44759845534a6676ca1d4c77c0991f8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
DOS_Rl.vCxXo.gmOu7RjtFUtp8Rq8sBt
content-encoding
gzip
etag
"6611cc1481623ed67be59055be5c8c8b"
x-amz-request-id
A32F513190C9DA0D
status
200
x-amz-replication-status
COMPLETED
content-length
1050
x-amz-id-2
wUUtDPAgX52r2LRZIoQZKsoAkbYrf4rk0ToeaZSnZrXboPq/lk+GPaHreIJvxZxTxRBEFu5ekik=
last-modified
Tue, 04 Aug 2020 07:57:03 GMT
server
ATS/7.1.0
date
Sun, 04 Oct 2020 11:01:17 GMT
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
truncated
/
403 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
091c2733df586042615d79b6fe413e3f33b87eb090beee72c3ac3e820110b5fd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
storageframe.html
secure-gl.imrworldwide.com/ Frame 475F
0
0
Document
General
Full URL
https://secure-gl.imrworldwide.com/storageframe.html
Requested by
Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:5600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
secure-gl.imrworldwide.com
:scheme
https
:path
/storageframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

status
200
content-type
text/html
vary
Accept-Encoding
date
Sun, 04 Oct 2020 11:01:17 GMT
server
nginx
last-modified
Thu, 10 Sep 2020 16:55:21 GMT
etag
W/"5f5a5a79-2b27"
access-control-allow-origin
*
access-control-allow-methods
POST, OPTIONS
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 447f0defb04b912ed949f0fdd5a6492e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
mNRQExIJVhwLcwxIHy7sPfQ0Pm1bVRhVdc7_0B4CFRPx0n1DTWmqxw==
pub
pixel.adsafeprotected.com/services/
538 B
776 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,728.1%5D,p:/5129/ndm.hwt/news/national,t:display%7D&slot=%7Bid:ad-block-970x250-1,ss:%5B970.250,970.50,1000.50,1000.100%5D,p:/5129/ndm.hwt/news/national,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/news/national,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=6d2e0c0e-f906-ed77-ca8d-7775ab823705&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fnews%252Fnational%252Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%252Fvideo%252F9105f7389d35056433c6997d45cd840c%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.59.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb23e4ae1bdfa6df85ef60d6ccb6c5a1c183711cc48d53f7806ad8ab08bf05ce

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
x-server-name
app26.ie.303net.net
status
200
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
all.css
use.fontawesome.com/releases/v5.6.3/css/
52 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Dec 2018 17:45:13 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"dc93d584e41f8417f6b7163320d34329"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
ggng510.js
cdn-gl.imrworldwide.com/novms/bc/3/
90 KB
20 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/bc/3/ggng510.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a2b6a1fcf2724d705818d4237c71625643b8c25ced72d6def3b84d9ac8f1f42

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
uPg9dghkfLf5QnVKvmiuXDfV8WNo6Oxf
content-encoding
gzip
etag
"3ce9be8772dc9fbb9328a338eb9024ff"
last-modified
Thu, 13 Dec 2018 15:53:58 GMT
server
AmazonS3
age
1134
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
date
Sun, 04 Oct 2020 10:42:24 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
gC0dbMZm1aAMdap8lxeUKQbTEYLD-wpz2BDwKnuOe1ja9wfB1Quulg==
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1601809277809&ns_c=UTF-8&cv=3.5&c8=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavi...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1601809277809&ns_c=UTF-8&cv=3.5&c8=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronav...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1601809277809&ns_c=UTF-8&cv=3.5&c8=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%C2%A0Announcement%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&c9=&cs_ak_ss=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:17 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1601809277809&ns_c=UTF-8&cv=3.5&c8=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%C2%A0Announcement%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:17 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
id
dpm.demdex.net/
5 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=12687799202178718701794524214426117201&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%016838a54e69a0184a96b28fe78e89066e%011&ts=1601809277815
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.79.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-79-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
149034c3859bf3aed5f4447b6e37b8a9594f9febeedb48c20d05f6d85e08343d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v081-02efb23e7.edge-irl1.demdex.com 5.78.0.20200908113611 2ms (+2ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
IbgZFmVGQOw=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1499
Expires
Thu, 01 Jan 1970 00:00:00 GMT
020b09ca-a6fd-422a-a6a8-aa30f0766975
https://www.heraldsun.com.au/
1 KB
0
Media
General
Full URL
blob:https://www.heraldsun.com.au/020b09ca-a6fd-422a-a6a8-aa30f0766975
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1601809277822&ci=newscorp&js=1&cg=0&ts=vidora-client.1.x.x.min.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fn...
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1601809277822&ci=newscorp&js=1&cg=0&ts=vidora-client.1.x.x.min.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fn...
44 B
492 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1601809277822&ci=newscorp&js=1&cg=0&ts=vidora-client.1.x.x.min.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&sr=1600x1200&id=lstrg-b93395f2f4372dd3618ea9cb5c968186&tz=2&ja=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:5600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
via
1.1 447f0defb04b912ed949f0fdd5a6492e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZAG50-C1
status
200
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
x-cache
Miss from cloudfront
content-type
image/gif
content-length
44
x-amz-cf-id
kXvL87JMe1Jaer0_vyLJapyM8BXMJKjejIILxc1AvfjssecwYMoGfQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:17 GMT
via
1.1 447f0defb04b912ed949f0fdd5a6492e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZAG50-C1
status
302
location
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1601809277822&ci=newscorp&js=1&cg=0&ts=vidora-client.1.x.x.min.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&sr=1600x1200&id=lstrg-b93395f2f4372dd3618ea9cb5c968186&tz=2&ja=1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
eLyhbVXNaBFew-CGjo6ErTfTs9r3BWV3F2d8PW9N2gSnSk4kZMgKAQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
622e0f8e-7078-40e9-ba45-46c4bb1d3f70
https://www.heraldsun.com.au/
1 KB
0
Media
General
Full URL
blob:https://www.heraldsun.com.au/622e0f8e-7078-40e9-ba45-46c4bb1d3f70
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
2a002c94-1da6-4d1b-bf56-4b3e93a5968f
https://www.heraldsun.com.au/
1 KB
0
Media
General
Full URL
blob:https://www.heraldsun.com.au/2a002c94-1da6-4d1b-bf56-4b3e93a5968f
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
772368e5-bc81-42a3-b59a-bf2712f95c08
https://www.heraldsun.com.au/
1 KB
0
Media
General
Full URL
blob:https://www.heraldsun.com.au/772368e5-bc81-42a3-b59a-bf2712f95c08
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
integrator.js
adservice.google.dk/adsid/
109 B
168 B
Script
General
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
168 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
51 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2806783019099335&correlator=151289451597928&output=ldjh&impl=fifs&hxva=1&scor=639932030535788&eid=21063047%2C21066992%2C44729242&vrg=2020092201&co=1&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20201004&iu_parts=5129%2Cndm.hwt%2Cnews%2Cnational&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C728x1%2C970x250%7C970x50%7C1000x50%7C1000x100%2C1x1&ists=1&prev_scp=pos%3D1%26id%3Ded77a492-0630-11eb-9f65-0a791baeecf6%26vw%3D40%2C50%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7Cpos%3D1%26id%3Ded77a493-0630-11eb-9f65-0a791baeecf6%26vw%3D40%26grm%3D40%2C50%26pub%3D40%7Cpos%3D1%26id%3Ded77a494-0630-11eb-9f65-0a791baeecf6&eri=1&cust_params=siteversion%3Dhwt%26tts%3Dn%26ttm%3Dn%26us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3D6838a54e69a0184a96b28fe78e89066e%26sec1%3Dnews%26sec2%3Dnational%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dvideo%26aid%3D9105f7389d35056433c6997d45cd840c%26adl%3Dfalse%26pvid%3D6838a54e69a0184a96b28fe78e89066e-9105f7389d35056433c6997d45cd840c-1601809277162-70673%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_UNSCORED_PG%252CIAS_9588_1165_KW%252CIAS_5192_KW%252CIAS_18400_2622_KW&bc=31&abxe=1&lmt=1601809277&dt=1601809277838&dlt=1601809276347&idt=1023&frm=20&biw=1600&bih=1200&oid=3&adxs=572%2C315%2C0&adys=50%2C202%2C2069&adks=3010317381%2C3134237981%2C870566375&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&dssz=78&icsg=752069191397376&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1600x0%7C1600x2068&msz=728x-1%7C970x250%7C1x1&ga_vid=667890119.1601809278&ga_sid=1601809278&ga_hid=1320052082&fws=644%2C132%2C132&ohw=1600%2C1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d6ceb1824f0d1f8ab36164affbe42a2847356090032857f332097bb3329199b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11078
x-xss-protection
0
google-lineitem-id
4682990628,4682990628,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234092474,138234082439,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d28c893a65c16b2fe3563b1e2f55ed7d.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://d28c893a65c16b2fe3563b1e2f55ed7d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Serving
bs.serving-sys.com/
8 KB
4 KB
Script
General
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=7213919465454237614&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0$$&activityValues=$$Session%3D1054942403187258327$$&ns=0&rnd=08935017155150149
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
80.252.91.52 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a3050cd3f6525aafe7b15fbb1bbe8ba1d51853495b43d50b3a62fd00ab81e074

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:17 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=UTF-8
Content-Length
2859
Expires
Sun, 05-Jun-2005 22:00:00 GMT
e00dadab-9a41-4027-acb8-81e90259c2ff
https://www.heraldsun.com.au/
31 B
0
Other
General
Full URL
blob:https://www.heraldsun.com.au/e00dadab-9a41-4027-acb8-81e90259c2ff
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
glcfg510.js
cdn-gl.imrworldwide.com/novms/js/2/configs/
2 KB
1 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by
Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 10:26:34 GMT
content-encoding
gzip
age
2084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
last-modified
Mon, 31 Aug 2020 13:41:33 GMT
server
AmazonS3
etag
W/"931051f801612c3a0e2782961ac3d56c"
vary
Accept-Encoding
x-amz-version-id
__18ln110DzIeDzBUZGawAoUEY8dO7wW
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
PyU7IvuguLnrw1htM2TPOo7DRTxuAbgWeG3OUI7-v8deJojXIrZldQ==
s59589766030113
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/
43 B
1 KB
Image
General
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/s59589766030113?AQB=1&ndh=1&pf=1&t=4%2F9%2F2020%2013%3A1%3A17%200%20-120&cid.&newsnkidcookie.&id=6838a54e69a0184a96b28fe78e89066e&as=1&.newsnkidcookie&.cid&vid=6838a54e69a0184a96b28fe78e89066e&mid=12687799202178718701794524214426117201&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Cnews%7Cvideo%7Cnews%20national%20trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%20video%209105f7389d35056433c6997d45cd840c%20video&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMR&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D2%2Cevent18%2Cevent63%3D50&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Cnews%7Cnational&l1=leader%3A1%7Cbillboard%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=news&c5=D%3Dv5&v5=national&c9=D%3Dv9&v9=video&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=10%3A01%20PM%7CSunday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cmac%20os%20x%7C10_14_5&c53=D%3Dv53&v53=1.0%2Btheme_news_corp_australia_mr_herald_sun&c60=D%3Dv60&v60=50&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=no%20plugins&v77=D%3Dmid&v78=dk%7Cunknown%7Ccopenhagen%7C55.67%7C12.58%7Cgmt%2B1%7Cunknown&v79=dk&v80=6838a54e69a0184a96b28fe78e89066e-9105f7389d35056433c6997d45cd840c-1601809277162-70673&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=UeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
x-content-type-options
nosniff
x-c
master-1388.I1d56d5.M0-459
p3p
CP="This is not a P3P policy"
status
200
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 05 Oct 2020 11:01:17 GMT
server
jag
xserver
anedge-58d4c4cffc-jgjbf
etag
3439859229657497600-4621758272089202594
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sat, 03 Oct 2020 11:01:17 GMT
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/
111 KB
30 KB
Script
General
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
etag
"b7fcedf037c57085d364b689ca46f32e"
age
3745288
x-cache
HIT, HIT
status
200
content-length
30954
x-amz-id-2
TG49UWLSXX/7JOu+pu/KWBF6lPU+j/sA4SNskqAGNRvS7P8ejY6LRwed0jVXlMerBXwRC25qwP8=
x-served-by
cache-lax8639-LAX, cache-hhn4061-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1601809278.936147,VS0,VE1
date
Sun, 04 Oct 2020 11:01:17 GMT
vary
Accept-Encoding,,
x-amz-request-id
9758181B46377FE5
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
3, 1
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/
31 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1e0e832496a5e992447b90c727a73f57e322129e9a535c2753dfa832035c6be

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
98cOEU2RStcSVXS4p5mvkeE5UuGNKL8D
content-encoding
gzip
etag
"f3c85024e9730e85f4556e1cd637db05"
age
1539
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
last-modified
Sat, 03 Oct 2020 11:18:17 GMT
server
AmazonS3
date
Sun, 04 Oct 2020 10:35:49 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
JY3kbuIKvVvG-gEsEe1_W6Fiw7gWtoFuqVKLbkLVHsf53ZE8mn9Yyw==
view
securepubads.g.doubleclick.net/pcs/ Frame 8570
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuC47avxF8nNNp7VyqhjmgxI6R9Bl5jJ36NQcCnSVABodSuL8irOrE8I5Ixr-Y85WhVwIgxSMgUPWd1uTqpDh5M_ndXmMBVVcvCfONboqzAE_JYQBrO93-JTWK4ShJIf5sFXQDUK7MgsGlZlv-2mXNWQ5xbva8LXoJTJgrYi1jPgs-lPJstpwWnkusjQ20HEojscwVgOtY8uy8nNenQnhDjlIHpQGywEiQc1q0MoMitLxgcA937xPJdSe9a8A1flxEVn3pJr0EOVzInuA7Dg-TeqA&sig=Cg0ArKJSzJikfJcDDqXUEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Oct 2020 11:01:18 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 8570
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 16:58:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64949
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
4444408978987076335
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Oct 2020 16:58:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 8570
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 04:40:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1330
x-xss-protection
0
server
cafe
etag
15429208973290199181
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Oct 2020 04:40:03 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 8570
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
269191242ce327a0d4f592a6e93d29b6de04d495102fc73857ccb465bc965ed7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601638337046233"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28872
x-xss-protection
0
expires
Sun, 04 Oct 2020 11:01:17 GMT
l
www.google.com/ads/measurement/ Frame 8570
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfK9JVFobgcWj6ID7MwqIYKyuJcRVWK6Cmw3IaS44f-Mfc0ruPPIUE_nZUQz2rIDBAN1Cf
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 8570
68 B
171 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:04:43 GMT
x-content-type-options
nosniff
age
93394
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Oct 2021 09:04:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 42B9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKr29UsgdM07guSbL3FGuhxvsHOzQJR97hB2zs0kfg8P_mDTrt87-Qqc_dh_i54jkrHsw6cpyBtYai_FBQJnCg0S2mM66193h_DPHY1BYOuxPWrV4Nn9bs__ysVbubJ_REAcX-IAviA92i_PHUqIJ2qYaDayJffFqzywfBrIp6wj6gJmSZld8U5wP8TYYH91QAw_hvVjl9SdQDVbqNrfThpNgCfbv_2ryYemXwBr901yHQo7I7faxkjGKYaNJyx2odFwsYES2fDa7z9SCzDvgG-g&sig=Cg0ArKJSzFxb0GZGX3P8EAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Oct 2020 11:01:18 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/ Frame 42B9
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 16:58:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64949
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
4444408978987076335
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Oct 2020 16:58:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/ Frame 42B9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201001/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 04:40:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1330
x-xss-protection
0
server
cafe
etag
15429208973290199181
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Oct 2020 04:40:03 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 42B9
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
269191242ce327a0d4f592a6e93d29b6de04d495102fc73857ccb465bc965ed7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601638337046233"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28872
x-xss-protection
0
expires
Sun, 04 Oct 2020 11:01:18 GMT
13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 42B9
3 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13503232906761715217
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 09:23:13 GMT
x-content-type-options
nosniff
age
524285
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3270
x-xss-protection
0
last-modified
Wed, 23 May 2018 04:43:28 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Sep 2021 09:23:13 GMT
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cf3d8b564224817bcd1412754de14a9da75185587f47047c878fe0b0ec12b5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601638337046233"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27576
x-xss-protection
0
expires
Sun, 04 Oct 2020 11:01:18 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/
170 KB
49 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e06775da56ca92d7943167883c849bf3e18425f19a316c54531554254a3ef753

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
5mhKBMVfyDG3meutjv0cTLS334SVXJnL
content-encoding
gzip
etag
"7091e9f855e2e7130746427316d51284"
age
663
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
last-modified
Mon, 31 Aug 2020 13:41:33 GMT
server
AmazonS3
date
Sun, 04 Oct 2020 10:50:16 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Wrs8xJcRyVQQbGTyE6Gw_XZrgqEnG2PiOnCdKSIYAeROn0xrUChoXA==
truncated
/ Frame 8570
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9536bf0efb4eaa234a85106a8a1543d5fbf0b1a48a2a887c2d0d5e370e3f109c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 4040
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=403454622&custom=video&custom3=168400391&adsafe_par&impId=ed77a492-0630-11eb-9f65-0a791baeecf6
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.59.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2be4751d99be38d07fc5cc5f82fafeabc2030978e51d246cc7fc786f7bcd3a00

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
content-encoding
gzip
x-server-name
app26.ie.303net.net
status
200
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 42B9
0
21 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxhXN2rclOkk1Ur-KOjzDUq5d6EXAvItXGQcdvVmrclzBfknUwE8tON6ccuoI3lSMmPhkOjGDciV8DFYo3ygPV-TtgsdmjSqt_paqfuX_ThffU2HpJ5ejbDX2-wrlLqzuR5yfNQc-utrW2DvCCs3x-rBtT1pqi6NBtfTA9CI0v4zv8heed8TiieZaVXiYeKW5LK-TGPMq43f2YnLbBmn8KhDb75j-r3wkVwpedb7BUfklJs2TiqPV2J_0Myy4BwZk-0RWQhJ4D1BJjFfk80sXG_paW&sig=Cg0ArKJSzJSqpVVe3W5LEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Oct 2020 11:01:18 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 42B9
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1457c29a9454ead0346290bf9958a8ece5569ee5902746b48f6b1cc40e1f4cd2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 5659
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1558117510&custom=video&custom3=168400391&adsafe_par&impId=ed77a493-0630-11eb-9f65-0a791baeecf6
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.59.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6a074bfa121b9e256df45a84dde254dbb9aee4a43ce63f77c6f0637848af82eb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
content-encoding
gzip
x-server-name
app17.ie.303net.net
status
200
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8570
0
21 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssN4qcfa_N3yeoxgbQhT7nOC_7zed98phfxsJmN9jPgn4pWA2sQm7c-Ugoc7hKDbuBRTnqxU6yy79Uv2nM6V3vdkIis5MJXTUsr8eKZmWY2fiUtPWLy4E52kaX12JeO3t1p0EX8112Z8J0j7E0kuVC6flMl-_B-KpvTYU9DHTo2K9Yj3IDjZwUb8Osk5N0gOXC8pIxF_ewFSaJBNT9SFcUetkQK4d0f2LB0Fs3nh-sdkDaXCUtGpu6y4xffWoCRGWyIo3Gk_zl0JLCU5Htgf2pi-seF&sig=Cg0ArKJSzGYDj35tEFKTEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Oct 2020 11:01:18 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
campaign.json
a.tcog.news.com.au/component/resource/networksales/exoduscampaigns/2017/07/LAN-1877-MHR/
7 KB
1 KB
Fetch
General
Full URL
https://a.tcog.news.com.au/component/resource/networksales/exoduscampaigns/2017/07/LAN-1877-MHR/campaign.json?t_template=s3/networksales-products/dailydeals_v2/index&t_product=HeraldSun&td_domain=heraldsun.com.au&td_channel=desktop&td_pagetype=index_mr
Requested by
Host: resources.newscdn.com.au
URL: https://resources.newscdn.com.au/cs/networksales/loader/latest/assets/js/exodus_loader-client.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 / Express
Resource Hash
5ea38fb5add251fac49f394c59e83fd96471fa9d574c3a13acd03310fa6043d0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:18 GMT
content-encoding
gzip
x-powered-by
Express
status
200
content-length
977
server
nginx/1.18.0
etag
W/"26696820"
vary
Accept-Encoding, Accept
x-varnish
13765406 5541501
access-control-allow-origin
*
expires
Sun, 04 Oct 2020 11:01:25 GMT
cache-control
public, must-revalidate, max-age=7
x-correlation-id
69eeea8f-fbfa-4258-ac10-5afde27677e7
accept-ranges
bytes
content-type
text/html; charset=utf-8
x-cache-tags
R:6d2285092596878778be4cfc5e81dee2
x-cache-hits
17
uwt.js
static.ads-twitter.com/ Frame D9CF
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:18 GMT
content-encoding
gzip
age
48533
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1958
x-served-by
cache-hhn4056-HHN
last-modified
Mon, 10 Aug 2020 18:10:59 GMT
x-timer
S1601809278.293142,VS0,VE0
etag
"a4cc3f907681b24a3efd540acd5d2996+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 0905
965 B
761 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=22359
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
js
www.googletagmanager.com/gtag/ Frame 3D42
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4948a8efb1384b2172539d0ed91f2d679d6aa151359102e925f87ec8182d2a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:18 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36647
x-xss-protection
0
last-modified
Sun, 04 Oct 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Oct 2020 11:01:18 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame A767
4 KB
2 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.206.235 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-206-235.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 03 Oct 2020 15:17:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
71044
ETag
"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
I2jx-UBBGS2EFTKyyxEqqq4cocBJtdbKVcPyJtwSmFQkoXNX-r1ufQ==
pixie.js
acdn.adnxs.com/dmp/up/ Frame BBCE
7 KB
3 KB
Script
General
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
Content-Encoding
gzip
Age
49911
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2601
X-Served-By
cache-lga21920-LGA, cache-hhn4023-HHN
Access-Control-Allow-Origin
*
Last-Modified
Thu, 14 May 2020 21:04:36 GMT
Server
nginx/1.13.10
X-Timer
S1601809278.385362,VS0,VE0
ETag
W/"5ebdb264-1cfb"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 15 May 2020 21:04:39 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 7977
ytc.js
s.yimg.com/wi/ Frame 7942
15 KB
6 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion
1
date
Sun, 04 Oct 2020 10:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3545
x-amz-server-side-encryption
AES256
status
200
vary
Origin, Accept-Encoding
content-length
5581
x-amz-id-2
ee+vXRoVs3BocdNzGNhe1+xaPXZ6+nUo1q3V7qJDHagIcoDhBC32YyOtHYqdW+bcAsCQwgIR1ME=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 24 Sep 2020 23:08:16 GMT
server
ATS
etag
"49db10c8315384e8dad2e92a6841ed81-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
CZDW6J7Q1Q3W2PCY
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges
bytes
content-type
application/javascript
activityi;dc_pre=CIbbq8jkmuwCFczruwgdwqsLsQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5771613234907.606
8228261.fls.doubleclick.net/ Frame 3F42
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5771613234907.606?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIbbq8jkmuwCFczruwgdwqsLsQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=577161323490...
0
0
Document
General
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIbbq8jkmuwCFczruwgdwqsLsQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5771613234907.606?
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.70 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8228261.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CIbbq8jkmuwCFczruwgdwqsLsQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5771613234907.606?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkTnbvg8udwzRduECfBjhprsfHla1iDZlun1J7dk9f02bRmHYw8kblP74Ya
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sun, 04 Oct 2020 11:01:18 GMT
expires
Sun, 04 Oct 2020 11:01:18 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
330
x-xss-protection
0
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sun, 04 Oct 2020 11:01:18 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIbbq8jkmuwCFczruwgdwqsLsQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5771613234907.606?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
conversion.js
www.googleadservices.com/pagead/ Frame 6A70
29 KB
11 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
fd63d6a5ec44215e50612d8bea8eff0a12f5d4981ab6745db8d8479f7c102845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11416
x-xss-protection
0
server
cafe
etag
7270336119834106254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 04 Oct 2020 11:01:18 GMT
beacon
r.turn.com/r/ Frame D464
43 B
426 B
Image
General
Full URL
https://r.turn.com/r/beacon?b2=p6XQ5Fc0adnznNpXL-pWH4UvNVDMRPMx8zrBFX6RFzv3Fa5NQOlD9S8IcQQSxWc9vEVgdRInyjPO9fW63tV3cg&cid=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:17 GMT
server
Apache-Coyote/1.1
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
status
200
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
activity
au-gmtdmp.mookie1.com/t/v2/ Frame C0D3
43 B
390 B
Image
General
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_804370&src.rand=[timestamp]&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
secure.adnxs.com/ Frame B2B8
Redirect Chain
  • https://secure.adnxs.com/px?id=1171454&seg=19476739&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171454%26seg%3D19476739%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171454%26seg%3D19476739%26t%3D2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.4:80
AN-X-Request-Uuid
767f5876-28f8-48bf-903b-2d9edae48a60
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid
0d16e6e6-6b7b-4dcf-986f-8cbb580c1fb6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171454%26seg%3D19476739%26t%3D2
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
spp.pl
sp.analytics.yahoo.com/ Frame 95C5
43 B
886 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10041060&js=no&url=heraldsunsitevisitors020419
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Content-Type-Options
nosniff
Age
0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
ATS
X-Frame-Options
DENY
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
no-cache, private, must-revalidate
Accept-Ranges
bytes
Expires
Sun, 04 Oct 2020 11:01:18 GMT
activity
au-gmtdmp.mookie1.com/t/v2/ Frame A483
43 B
608 B
Image
General
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
secure.adnxs.com/ Frame 9DE2
Redirect Chain
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.9:80
AN-X-Request-Uuid
1497650e-d32f-4ce2-8e5d-b3d411010ed3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.228:80
AN-X-Request-Uuid
54dc090a-72d1-4bc4-91be-1d2daf8f8d1b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activity
au-gmtdmp.mookie1.com/t/v2/
43 B
389 B
Image
General
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_692212&src.rand=[timestamp]&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
0
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.148:80
AN-X-Request-Uuid
26776104-d79b-4168-acef-de08ef41ad98
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.250:80
AN-X-Request-Uuid
cb98b521-063e-429c-8542-1266757bba52
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 757C
0
0
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn-gl.imrworldwide.com
:scheme
https
:path
/novms/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCVER=v1; IMRID=ed925840-0630-11eb-aa16-0127ad5e663d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

status
200
content-type
text/html
last-modified
Mon, 31 Aug 2020 13:41:32 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
8SzOU0T3jq5fDilujOsIQHDXhBBCvnxx
server
AmazonS3
content-encoding
gzip
date
Sun, 04 Oct 2020 10:52:19 GMT
etag
"7fa83dfc7b78314b137e2eb13834daa7"
cache-control
max-age=86400
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
alzsq6Cri91PRjTWLOKOyMRxjHua9MXx7Qb1fvy1xumO6ipAdNJSgA==
age
540
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 6A70
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1601809278509&cv=9&fst=1601809278509&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
907199b915791fbb0b4a3104fd3f1095a8bf8d7825b308065ccaa6ea3a912a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1207
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ Frame 0905
3 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2020 20:29:41 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=30971
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
main.gr.19.8.133.js
static.adsafeprotected.com/ Frame 5659
176 KB
56 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.133.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1558117510&custom=video&custom3=168400391&adsafe_par&impId=ed77a493-0630-11eb-9f65-0a791baeecf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8586835a5998a7dd38f07bfc9213d74be357f523b9bfff2d37c463fdebe61648

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 01 Oct 2020 14:45:44 GMT
content-encoding
gzip
age
245735
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
last-modified
Thu, 01 Oct 2020 14:29:17 GMT
server
AmazonS3
etag
W/"b7285a62a1113b0caeb1272d6794091c"
vary
Accept-Encoding
x-amz-version-id
bCPYcKVPgSN6Tj0f8SmHNFuma1swUjAg
via
1.1 168a24ef858eb187119582fbc6ac0718.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZAG50-C1
content-type
application/javascript
x-amz-cf-id
YhimbOtvypFwLKNJr_SNPMNWW8J7MKMZPf1oOevUUqdd-3NCzWqtzA==
main.gr.19.8.133.js
static.adsafeprotected.com/ Frame 4040
176 KB
56 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.133.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=403454622&custom=video&custom3=168400391&adsafe_par&impId=ed77a492-0630-11eb-9f65-0a791baeecf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8586835a5998a7dd38f07bfc9213d74be357f523b9bfff2d37c463fdebe61648

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 01 Oct 2020 14:45:44 GMT
content-encoding
gzip
age
245735
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
last-modified
Thu, 01 Oct 2020 14:29:17 GMT
server
AmazonS3
etag
W/"b7285a62a1113b0caeb1272d6794091c"
vary
Accept-Encoding
x-amz-version-id
bCPYcKVPgSN6Tj0f8SmHNFuma1swUjAg
via
1.1 168a24ef858eb187119582fbc6ac0718.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZAG50-C1
content-type
application/javascript
x-amz-cf-id
4G8JPAlx0izKsjHnZEC-8y_0jmLKgp2z-TqsD5tWx5Mb1_0vw4EYvQ==
10041060.json
s.yimg.com/wi/config/ Frame 7942
2 B
459 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10041060.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 10:05:53 GMT
x-content-type-options
nosniff
age
3325
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
DQ9V8PFK7W6Y9K4Y
x-amz-id-2
cLG8yDy3US4hh0txN3yE7A6LuSGY6oaM2QOp37rjUa5YVXxMhCljsYFIO+IeLIf9wCWLHzrmLKI=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
pixie
ib.adnxs.com/ Frame BBCE
42 B
352 B
Image
General
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1601809278593&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1601809278593&et=1601809278593&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.17.9
Connection
keep-alive
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 10.2.80.88:80
Content-Length
42
Content-Type
image/gif
conversion_async.js
www.googleadservices.com/pagead/ Frame 3D42
29 KB
11 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11311
x-xss-protection
0
server
cafe
etag
12833363978352728442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 04 Oct 2020 11:01:18 GMT
adsct
t.co/i/ Frame D9CF
43 B
448 B
Image
General
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Sun, 04 Oct 2020 11:01:20 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
a9f133d8af39ac286cacd75fa7f8487c
x-transaction
006168c800daca3b
expires
Tue, 31 Mar 1981 05:00:00 GMT
script.js
resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/js/
3 KB
2 KB
Script
General
Full URL
https://resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/js/script.js
Requested by
Host: resources.newscdn.com.au
URL: https://resources.newscdn.com.au/cs/networksales/loader/latest/assets/js/exodus_loader-client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
307fd8f2a00b8f9984d1fa27868cfed4021b715d723f2e48895a094f0c784e25

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
Content-Encoding
gzip
x-amz-request-id
6F37D8841688DF8D
Connection
keep-alive
Content-Length
1078
x-amz-id-2
neAueyMSv4DhUXebp9Cj3m2xV4I4yy76a0mgMfqdiPK13DKixPxIPyIFThgXS1QS9OwHd/ovjG8=
Last-Modified
Wed, 30 Oct 2019 05:19:55 GMT
Server
AmazonS3
ETag
"614f29ea9eb65e9ec068673ce90eab3c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=175
Accept-Ranges
bytes
Expires
Sun, 04 Oct 2020 11:04:13 GMT
script.js
resources.newscdn.com.au/cs/networksales/exoduscampaigns/2017/07/LAN-1877-MHR/
812 B
1 KB
Script
General
Full URL
https://resources.newscdn.com.au/cs/networksales/exoduscampaigns/2017/07/LAN-1877-MHR/script.js
Requested by
Host: resources.newscdn.com.au
URL: https://resources.newscdn.com.au/cs/networksales/loader/latest/assets/js/exodus_loader-client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
eee8b5359f2ba993c5311ebfd8d787f63c6b0fcac0a69dd2dd40f21933c453a0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
Last-Modified
Thu, 01 Oct 2020 07:04:05 GMT
Server
AmazonS3
x-amz-request-id
0S6G7KFP6PDXFZ3R
ETag
"7d803511e5d230a5828e4cd8d0c99d87"
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1773
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
812
x-amz-id-2
0+SrcDQ8yOtE6UQVMivuHObP1f0rMeEa1gZ+RowjVJRECpsGI4Kw2mMu1r0GvBsNYsk9cernU/0=
Expires
Sun, 04 Oct 2020 11:30:51 GMT
style.css
resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/css/style.css
Requested by
Host: resources.newscdn.com.au
URL: https://resources.newscdn.com.au/cs/networksales/loader/latest/assets/js/exodus_loader-client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d9a251c02c498ee7ec9a989ec272568e2c683f939715978226f74f9f09d0f60e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
Content-Encoding
gzip
x-amz-request-id
052D0528F6F0B317
Connection
keep-alive
Content-Length
1220
x-amz-id-2
gpBgp9NnexoyOAtnm+wMQb0dbigi5vOBe90fMIpOS3TckoFdtpb9tfJ0ubEJFmjlFWI6ktgwM6s=
Last-Modified
Wed, 30 Oct 2019 05:19:55 GMT
Server
AmazonS3
ETag
"e7d3ec4f37f9e25b753f7d3e8c569f61"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1737
Accept-Ranges
bytes
Expires
Sun, 04 Oct 2020 11:30:15 GMT
campaign.json
i1.wp.com/pixel.tcog.cp1.news.com.au/track/component/resource/networksales/exoduscampaigns/2017/07/LAN-1877-MHR/
95 B
314 B
Image
General
Full URL
https://i1.wp.com/pixel.tcog.cp1.news.com.au/track/component/resource/networksales/exoduscampaigns/2017/07/LAN-1877-MHR/campaign.json?t_product=HeraldSun&t_template=s3/networksales-products/dailydeals_v2/index&td_channel=desktop&td_domain=heraldsun.com.au&td_pagetype=index_mr
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
1743b80176c7a9b725d2e472694b728ae510bbdae78ee5d33d58278221f552d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 5
date
Sun, 04 Oct 2020 11:01:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Jun 2020 20:30:56 GMT
server
nginx
etag
"ccd1789090ac5623"
vary
Accept
content-type
image/png
status
200
cache-control
public, max-age=63115200
link
<http://pixel.tcog.cp1.news.com.au/track/component/resource/networksales/exoduscampaigns/2017/07/LAN-1877-MHR/campaign.json>; rel="canonical"
content-length
95
expires
Sat, 11 Jun 2022 08:30:56 GMT
moneysaver.png
resources.newscdn.com.au/cs/networksales/exoduscampaigns/2017/07/LAN-1877-MHR/img/
930 B
1 KB
Image
General
Full URL
https://resources.newscdn.com.au/cs/networksales/exoduscampaigns/2017/07/LAN-1877-MHR/img/moneysaver.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8473eaf9ddbf13b62bab7ea1060db3a48b5dab68d8a880751a970ebd00e42ff7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
Last-Modified
Thu, 01 Oct 2020 07:04:05 GMT
Server
AmazonS3
x-amz-request-id
2BDEAC56A5701C06
ETag
"246592c9e234f6bc30a2f8ae3f253425"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=455611
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
930
x-amz-id-2
kjJowZvzruAZJeGM9sRypAE4VuOnuGpSYkHQQz1IPGDIECBjDUYaH5SwAHFs+h4TmaDDSATy+/M=
Expires
Fri, 09 Oct 2020 17:34:49 GMT
collect
px.ads.linkedin.com/ Frame 0905
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1601809278663
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1601809278...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1601809278663&liSync=true
0
63 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1601809278663&liSync=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:19 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
Ugy+cA3FOhbASoSubisAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
status
302
content-length
0
x-li-uuid
FViVbA3FOhbgOVUfoCsAAA==
pragma
no-cache
x-li-pop
afd-prod-lva1
x-msedge-ref
Ref A: C5AF392E15194BD1B375B4E91C34CF4E Ref B: FRAEDGE1517 Ref C: 2020-10-04T11:01:18Z
x-frame-options
sameorigin
date
Sun, 04 Oct 2020 11:01:18 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1601809278663&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/859754747/ Frame 6A70
42 B
88 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1601809278509&cv=9&fst=1601809200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=1276629016&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/859754747/ Frame 6A70
42 B
107 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/859754747/?random=1601809278509&cv=9&fst=1601809200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=1276629016&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ Frame 7942
0
857 B
Script
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2004%20Oct%202020%2011%3A01%3A18%20GMT&n=-2d&.yp=10041060&f=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&e=https%3A%2F%2Fwww.heraldsun.com.au%2F&enc=UTF-8&isIframe=1
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
X-Content-Type-Options
nosniff
Age
0
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
ATS
X-Frame-Options
DENY
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
no-cache, private, must-revalidate
Accept-Ranges
bytes
Expires
Sun, 04 Oct 2020 11:01:18 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 3D42
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1601809278675&cv=9&fst=1601809278675&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d889f1d68f582dcab49b1a1f648612f0d01daa4d3bd76e734e79c0bf3f3dd72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
offnet-icon.svg
resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/img/
283 B
810 B
Image
General
Full URL
https://resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/img/offnet-icon.svg
Requested by
Host: resources.newscdn.com.au
URL: https://resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8681014d203e3ca43cd57fe16386952914d0759a239c8708c820be8ebceeabfa

Request headers

Referer
https://resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:18 GMT
Last-Modified
Wed, 30 Oct 2019 05:19:55 GMT
Server
AmazonS3
x-amz-request-id
AE7CA3AB45958A85
ETag
"d3a8b5ee78d35b66df524fdbc5f4b049"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=331161
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
283
x-amz-id-2
oqg7utZG0yVdNjgQbBkDNxUDc2uIavq815Oqir+sjTEFnq459Wi17NmQLjKHxyheIynO6C7s7Nk=
Expires
Thu, 08 Oct 2020 07:00:39 GMT
sca.17.4.114.js
static.adsafeprotected.com/ Frame C54B
81 KB
22 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.4.114.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 28 Aug 2020 08:42:12 GMT
content-encoding
gzip
age
3205146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 Jan 2020 23:54:54 GMT
server
AmazonS3
etag
W/"e456dd0e5be3c2494dd734db6c5b965c"
vary
Accept-Encoding
x-amz-version-id
gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via
1.1 168a24ef858eb187119582fbc6ac0718.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZAG50-C1
content-type
application/javascript
x-amz-cf-id
0BL6uqM5JYUquOgwfuoUkqFfau89wbmN83kAO298dHxuMlLw184v0A==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1558117510&custom=video&custom3=168400391&adsafe_par&impId=ed77a493-0630-11eb-9f65-0a791baeecf6&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:df32f3cf-f7e9-a3f8-736c-7489c0e73c30,c:qaBblO,sl:outOfView,em:true,fr:true,mn:app17ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.202.10.10,am:i,cc:795.202.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:scrGuxm+11|12|13|141|15*.10507|151|16|17|18|19|1a|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l,idMap:15*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:193,oid:edc5286e-0630-11eb-88ab-0289e6fd96ae,v:19.8.133,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.59.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
x-server-name
app37.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
www.google.com/pagead/1p-user-list/707564276/ Frame 3D42
42 B
65 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1601809278675&cv=9&fst=1601809200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3324711024&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/707564276/ Frame 3D42
42 B
134 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/707564276/?random=1601809278675&cv=9&fst=1601809200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3324711024&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=df32f3cf-f7e9-a3f8-736c-7489c0e73c30&tv={c:qaBbnr,pingTime:-2,time:293,type:a,im:{pBlk:206,sf:0,pom:1,prf:{beA:460,beZ:461,mfA:584,cmA:585,inA:585,inZ:591,prA:591,prZ:599,si:652,poA:652,bl:666,poZ:666,cmZ:666,mfZ:666,loA:679,loZ:681,ltA:751,ltZ:751}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:10,h:10,t:192}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:293,n:0,pp:0,pm:0},slEvents:[{sl:o,t:191,wc:0.0.1600.1200,ac:795.202.10.10,am:i,cc:795.202.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[165~0],as:[165~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:scrGuxm+11|12|13|141|15*.10507|151|16|17|18|19|1a|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/news/national_1,google_ads_iframe_/5129/ndm.hwt/news/national_1__container__,ad-block-970x250-1,newscorpau_ads-738],sinceFw:99,readyFired:true}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:19 GMT
X-Server-Name
dt87ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
ratecity-v2.json
s3-ap-southeast-2.amazonaws.com/production-blaze-assets.ratecity.com.au/news-feed/
5 KB
5 KB
XHR
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/production-blaze-assets.ratecity.com.au/news-feed/ratecity-v2.json
Requested by
Host: resources.newscdn.com.au
URL: https://resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/js/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.47 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
90a141cc2c2c2bf75e11f691ac386a3e835183998ef252a981e3dbdf49c0f262

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:20 GMT
Last-Modified
Tue, 31 Mar 2020 03:15:43 GMT
Server
AmazonS3
x-amz-request-id
49D46B6962A3B879
ETag
"d068adf7b05b951f970ab4e71e6cb168"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Length
4938
x-amz-id-2
Rqzh55jBJ3ScbNn1988UWBHndGnUQiBEHDVMnGgH9K2xunWz7L8hEDJXLu1P3RIhnuJ9ilbHvTo=
whistleout.json
r3.whistleout.com.au/public/partners/news/json/
3 KB
1 KB
XHR
General
Full URL
https://r3.whistleout.com.au/public/partners/news/json/whistleout.json
Requested by
Host: resources.newscdn.com.au
URL: https://resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/js/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.32.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21ba87011f958999014cc803ea5e6e0fc106f6f335499d46dc54463c7081751e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:19 GMT
content-encoding
gzip
cf-cache-status
UPDATING
age
3890
status
200
x-amz-request-id
E9B0D1F1B3264496
x-amz-id-2
RAokQLxia3MJ0HHlZb1rbdnJR7L/ivIu9xd52KGmpqMsErbd57nkIeVQu4a5RELMcbYmr9SBZ38=
last-modified
Sun, 04 Oct 2020 09:05:07 GMT
server
cloudflare
etag
W/"82d4ae93df2c699fe11e785ea4603cb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-request-id
0594df0026000010c153229200000001
cf-ray
5dce6779d8ba10c1-CPH
expires
Sun, 04 Oct 2020 11:31:19 GMT
whistleout.json
r3.whistleout.com.au/public/partners/news/json/
3 KB
927 B
XHR
General
Full URL
https://r3.whistleout.com.au/public/partners/news/json/whistleout.json
Requested by
Host: resources.newscdn.com.au
URL: https://resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/js/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.32.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1571f08a787b64195df5717339ef8eddc37436dc887957025dfe96db6aeb8ce8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:19 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
2DE9A06884F4142F
status
200
x-amz-id-2
vgprKGJb46LmZrkhjTslSgpP3lzx5mLmrpDeFGQQce0XvRo3fjurQw2NUeJuPSMzb5eptoF52Wc=
last-modified
Sun, 04 Oct 2020 10:05:09 GMT
server
cloudflare
etag
W/"eb7a7e890c6a6cce24858ab52ba97af6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-request-id
0594df0026000010c15322a200000001
cf-ray
5dce6779d8bd10c1-CPH
expires
Sun, 04 Oct 2020 11:31:19 GMT
ratecity-v2.json
s3-ap-southeast-2.amazonaws.com/production-blaze-assets.ratecity.com.au/news-feed/
5 KB
5 KB
XHR
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/production-blaze-assets.ratecity.com.au/news-feed/ratecity-v2.json
Requested by
Host: resources.newscdn.com.au
URL: https://resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/js/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.47 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
90a141cc2c2c2bf75e11f691ac386a3e835183998ef252a981e3dbdf49c0f262

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:21 GMT
Last-Modified
Tue, 31 Mar 2020 03:15:43 GMT
Server
AmazonS3
x-amz-request-id
EA87A939133E58A0
ETag
"d068adf7b05b951f970ab4e71e6cb168"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Length
4938
x-amz-id-2
U2s7tdfFP9Q86TViZvhR4z6xlhA8PMuT9byr61vpI4s9uvTp8IPBRwlZILpDsebuJi9rTsaOAjA=
ratecity-v2.json
s3-ap-southeast-2.amazonaws.com/production-blaze-assets.ratecity.com.au/news-feed/
5 KB
5 KB
XHR
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/production-blaze-assets.ratecity.com.au/news-feed/ratecity-v2.json
Requested by
Host: resources.newscdn.com.au
URL: https://resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/js/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.47 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
90a141cc2c2c2bf75e11f691ac386a3e835183998ef252a981e3dbdf49c0f262

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:21 GMT
Last-Modified
Tue, 31 Mar 2020 03:15:43 GMT
Server
AmazonS3
x-amz-request-id
2XBN1QBT5G1Y4VBM
ETag
"d068adf7b05b951f970ab4e71e6cb168"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Length
4938
x-amz-id-2
Iq9mo3C20X91/Y3LlTnAEu0KVdHHONQlKu/c1/R6A/vSCb4wttUFbkAtWxrpRmIW35c/whRZ3TM=
ratecity-v2.json
s3-ap-southeast-2.amazonaws.com/production-blaze-assets.ratecity.com.au/news-feed/
5 KB
5 KB
XHR
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/production-blaze-assets.ratecity.com.au/news-feed/ratecity-v2.json
Requested by
Host: resources.newscdn.com.au
URL: https://resources.newscdn.com.au/cs/networksales/products/latest/assets/dailydeals_v2/js/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.47 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
90a141cc2c2c2bf75e11f691ac386a3e835183998ef252a981e3dbdf49c0f262

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:21 GMT
Last-Modified
Tue, 31 Mar 2020 03:15:43 GMT
Server
AmazonS3
x-amz-request-id
A3ECC6A5548552D0
ETag
"d068adf7b05b951f970ab4e71e6cb168"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Length
4938
x-amz-id-2
1P1sNG+csg0zjbFK7Itars0kcA9OQqW6j1DrbJUjwUz4AWaPCcZSmgZp7A0KqRrMC3M4t88bKjI=
sca.17.4.114.js
static.adsafeprotected.com/ Frame 2D29
81 KB
22 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.4.114.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 28 Aug 2020 08:42:12 GMT
content-encoding
gzip
age
3205146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 Jan 2020 23:54:54 GMT
server
AmazonS3
etag
W/"e456dd0e5be3c2494dd734db6c5b965c"
vary
Accept-Encoding
x-amz-version-id
gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via
1.1 168a24ef858eb187119582fbc6ac0718.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZAG50-C1
content-type
application/javascript
x-amz-cf-id
V5fCfbKTJ6J-Wh86dmifGOBXYFN2lqwwzKk1ZEUkYrntuz1NEfqZWg==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=403454622&custom=video&custom3=168400391&adsafe_par&impId=ed77a492-0630-11eb-9f65-0a791baeecf6&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:c3b5155e-3f54-1f91-5391-6d00accbf91b,c:qaBbnI,sl:outOfView,em:true,fr:true,mn:app26ie,pt:1-5-15,wc:0.0.1600.1200,ac:1299.104.1.1,am:i,cc:1299.104.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:scrGuxp+11|12|13|14*.10507|141|151|152|16|17|18|19|1a|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l,idMap:14*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:307,oid:edc57676-0630-11eb-9f65-0a791baeecf6,v:19.8.133,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.59.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:18 GMT
x-server-name
app24.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c3b5155e-3f54-1f91-5391-6d00accbf91b&tv={c:qaBbpp,pingTime:-2,time:412,type:a,im:{sf:0,pom:1,prf:{beA:480,beZ:482,mfA:776,cmA:777,inA:777,inZ:779,prA:779,prZ:783,si:788,poA:788,poZ:793,cmZ:793,mfZ:793,loA:868,loZ:869,ltA:892,ltZ:892}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:307}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:412,n:0,pp:0,pm:0},slEvents:[{sl:o,t:306,wc:0.0.1600.1200,ac:1299.104.1.1,am:i,cc:1299.104.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[115~0],as:[115~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:scrGuxp+11|12|13|14*.10507|141|151|152|16|17|18|19|1a|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/news/national_0,google_ads_iframe_/5129/ndm.hwt/news/national_0__container__,ad-block-728x90-1],sinceFw:104,readyFired:true}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:19 GMT
X-Server-Name
dt87ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=df32f3cf-f7e9-a3f8-736c-7489c0e73c30&tv={c:qaBbqy,time:486,type:e,im:{pWait:7},env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:486,n:0,pp:0,pm:0},slEvents:[{sl:o,t:191,wc:0.0.1600.1200,ac:795.202.10.10,am:i,cc:795.202.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[359~0],as:[359~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:scrGuxm+11|12|13|14.10507|141|15*.10507|151|16|17|18|19|1a|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l,idMap:15*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:19 GMT
X-Server-Name
dt87ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c3b5155e-3f54-1f91-5391-6d00accbf91b&tv={c:qaBbqA,time:485,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:485,n:0,pp:0,pm:0},slEvents:[{sl:o,t:306,wc:0.0.1600.1200,ac:1299.104.1.1,am:i,cc:1299.104.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[188~0],as:[188~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:scrGuxp+11|12|13|14*.10507|141|151|152|16|17|18|19|1a|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:19 GMT
X-Server-Name
dt87ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
Cheapest-NBN-plans_149x86px.png
r3.whistleout.com.au/public/images/articles/2020/03/
16 KB
16 KB
Image
General
Full URL
https://r3.whistleout.com.au/public/images/articles/2020/03/Cheapest-NBN-plans_149x86px.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.32.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cee8c276517a2bfffab161035419b9571fd6e49a04586a668cb90d20355eb884

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:20 GMT
cf-cache-status
HIT
age
487238
cf-polished
origSize=19859
cf-ray
5dce6780d9ee10f3-CPH
status
200
content-length
16310
x-amz-id-2
8NINNgl9juYV9+lakyUBvQFTpKz8HsXZIOtmCe1oG9Yq4inRuK3B3W3jQnovx2EEX6mCYqQnLSg=
last-modified
Tue, 10 Mar 2020 03:46:12 GMT
server
cloudflare
etag
"95f713ec1abb7ec78230bb0bfba54a1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
F76433A9DE0FDB77
expires
Mon, 12 Oct 2020 11:01:20 GMT
cache-control
public, max-age=691200
cf-request-id
0594df0488000010f3a021c200000001
accept-ranges
bytes
content-type
image/png
cf-bgj
imgq:85,h2pri
Cheapest_phone_plans_newsltd_330x190.jpg
r3.whistleout.com.au/public/images/articles/2018/08/
11 KB
12 KB
Image
General
Full URL
https://r3.whistleout.com.au/public/images/articles/2018/08/Cheapest_phone_plans_newsltd_330x190.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.32.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a577f5ee79f09b84a59d236e25095aa02e47522ac79107040c2c92ff41e53ba7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:20 GMT
cf-cache-status
HIT
age
100786
cf-polished
degrade=85, origSize=70562
cf-ray
5dce6780d9f110f3-CPH
status
200
content-length
11584
x-amz-id-2
oVa+t9/i2TRGr647CkcBwTacY996NbSUg0jlVo3XM8dX1HXrGhi3pmye8aEO44ljEyumndPGj6U=
last-modified
Wed, 15 Aug 2018 06:36:07 GMT
server
cloudflare
etag
"3cb386df385df18c6a2419638f4a62bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
34B346CAF4A19C9B
expires
Mon, 12 Oct 2020 11:01:20 GMT
cache-control
public, max-age=691200
cf-request-id
0594df0488000010f3a021d200000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
imgq:85
adsct
analytics.twitter.com/i/ Frame D9CF
31 B
651 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Sun, 04 Oct 2020 11:01:19 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
523e9130b0abda81006e4427eee96f8b
x-transaction
0018edb10009ea2a
expires
Tue, 31 Mar 1981 05:00:00 GMT
up
insight.adsrvr.org/track/ Frame DFEA
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.37.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-37-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&upid=ekg5qxt&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TDID=3ceefb9b-5f30-4fac-bb14-aa7574589d26; TDCPM=CAESGQoKbGl2ZWludGVudBILCMKqsIjbl_Q4EAUSEgoDYWFtEgsIgK_cpduX9DgQBRgBIAEoAjILCICn39Lxl_Q4EAU4AVoDYWFtYAI.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

status
200
date
Sun, 04 Oct 2020 11:01:19 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=df32f3cf-f7e9-a3f8-736c-7489c0e73c30&tv={c:qaBbuE,pingTime:-10,time:740,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTEyMHx8TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1601809279311||c2f6953e378e64279cf4a41323ea7a45||71ff54ebddb1e090fbf173d96e2342c8||f8c40b2bccab574d737f628ef49df102||f8a295c8470673ba738a6146768d86c4||734ec866d40918509d42af5d8a9eba51||3d78b35bd68d84fa0d2563ce9cd1dda1||bcb134f51ab5544105cb6625f499ef7e||1576000828}
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:19 GMT
X-Server-Name
dt84ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
vtt.global.min.js
vjs.zencdn.net/vttjs/0.12.5/
20 KB
7 KB
Script
General
Full URL
https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:19 GMT
content-encoding
gzip
last-modified
Thu, 31 Aug 2017 21:04:55 GMT
status
200
etag
"f30dac97e5c2aaa10a7695b93cc66699"
x-served-by
cache-fra19182-FRA
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7231
x-cache-hits
36818
ad3ce574a624a20e2ccfe9fe8e92c755
content.api.news/v3/images/bin/
44 KB
45 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/ad3ce574a624a20e2ccfe9fe8e92c755
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7528de4f373487c7f3999b83d276379cee1c1cc607a41240bd76fe316091aa24

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Edge-Cache-Tag
ad3ce574a624a20e2ccfe9fe8e92c755
Date
Sun, 04 Oct 2020 11:01:20 GMT
Last-Modified
Sat, 03 Oct 2020 18:36:59 GMT
Server
Akamai Image Manager
ETag
77a0981c7afb70d69a5b57cbf6135bc5-ad3ce574a624a20e2ccfe9fe8e92c755-0
Access-Control-Allow-Methods
GET
Content-Type
image/webp
Access-Control-Allow-Origin
*
X-hobit
2B
Cache-Control
private, no-transform, max-age=5124920
Connection
keep-alive
Access-Control-Allow-Headers
x-newsapi-api-key
Content-Length
45560
Expires
Wed, 02 Dec 2020 18:36:40 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
296 KB
102 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e53dd3a2ab75c6cd6e2b737c0090c429b67a6a2ef7c90b76d16dbe82cc9a78dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104172
x-xss-protection
0
expires
Sun, 04 Oct 2020 11:01:19 GMT
tracker
metrics.brightcove.com/v2/
35 B
175 B
Image
General
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=7d712940ac373fd0994bf88f&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&platform_version=6.42.4&player=players.brightcove.com%2F5348771529001%2FKjZtYFggZ_default&player_name=%5BPROD%5D%20-%20Redesign%20v6.42.4-%202020-07-02&source=&event=player_init&time=1601809279375&seq=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 04 Oct 2020 11:01:19 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
tracker
metrics.brightcove.com/v2/
35 B
94 B
Image
General
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=7d712940ac373fd0994bf88f&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&platform_version=6.42.4&player=players.brightcove.com%2F5348771529001%2FKjZtYFggZ_default&player_name=%5BPROD%5D%20-%20Redesign%20v6.42.4-%202020-07-02&source=&usage=inpage-embed&event=player_load&time=1601809279389&qos.performance.memory.jsHeapSizeLimit=4294705152&qos.performance.memory.usedJSHeapSize=30747655&qos.performance.memory.totalJSHeapSize=36168723&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=1601809277109&qos.performance.timing.domContentLoadedEventStart=1601809277097&qos.performance.timing.domInteractive=1601809277097&qos.performance.timing.domLoading=1601809276347&qos.performance.timing.responseEnd=1601809276368&qos.performance.timing.responseStart=1601809276341&qos.performance.timing.requestStart=1601809273669&qos.performance.timing.secureConnectionStart=0&qos.performance.timing.connectEnd=1601809273666&qos.performance.timing.connectStart=1601809273666&qos.performance.timing.domainLookupEnd=1601809273666&qos.performance.timing.domainLookupStart=1601809273666&qos.performance.timing.fetchStart=1601809273666&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1601809272368&qos.player.dimensions=%5B%5B1601809279389%2C%220x0%22%2C%22100x100%22%5D%5D&qos.player.pixelratio=%5B%5B1601809279389%2C1%5D%5D&qos.player.screendimensions=%5B%5B1601809279389%2C%221600x1200%22%5D%5D&seq=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 04 Oct 2020 11:01:19 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
bridge3.414.0_en.html
imasdk.googleapis.com/js/core/ Frame 74B1
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.414.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.414.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
195787
date
Thu, 01 Oct 2020 08:06:51 GMT
expires
Fri, 01 Oct 2021 08:06:51 GMT
last-modified
Wed, 30 Sep 2020 14:48:28 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
269668
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/
26 KB
11 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10523
x-xss-protection
0
expires
Sun, 04 Oct 2020 11:01:19 GMT
validate
assets.vidora.com/v1/
0
313 B
Other
General
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:bc00:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 04 Oct 2020 11:01:19 GMT
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA50-C1
status
200
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
JM8uZVo8h0QCyjjDaaQ65fSnl0Io-xOzLNyqwQ24ju3dpnSkuJ_8Mw==
expires
Sun, 04 Oct 2020 11:01:18 GMT
6197176668001
edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/ Frame
0
0
Other
General
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/6197176668001
Protocol
HTTP/1.1
Server
143.204.202.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-127.fra53.r.cloudfront.net
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
accept
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors

Response headers

Content-Length
0
Connection
keep-alive
Server
Varnish
Retry-After
0
access-control-max-age
86400
Accept-Ranges
bytes
Date
Sun, 04 Oct 2020 11:01:20 GMT
Via
1.1 varnish, 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
X-Served-By
cache-hhn4079-HHN
X-Cache-Hits
0
X-Timer
S1601809281.574351,VS0,VE0
BCOV-Debug-Cache-Stats
unknown
BCOV-instance
unknown
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Cache-Control
max-age=0, no-cache, no-store
X-Cache
Miss from cloudfront
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
FeQ3VXerzCgQw4z67IzRB-KARS2woYTAD9ywFJQoQUKZik7on6mZsA==
6197176668001
edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/
4 KB
6 KB
XHR
General
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/6197176668001
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-127.fra53.r.cloudfront.net
Software
/
Resource Hash
55271f57733354a571300102e52934ab6d00d6cb33268cfdcca6e9a1fabfe10a

Request headers

Accept
application/json;pk=BCpkADawqM2_330AZUx3hOhw08ByXIIKL1qVDScQT4-Y20iQov_t7uCKQ2OMBzj46A_jfmEwilabuEUd5-JeBhNlW6TrJws1fMwsZUbidjRxZrjRA1MDtkGXpXE-NQdMPsIQ1XSQarOExJ-4
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:20 GMT
Powered-From
eu-central-1a
Bcov-Request-Id
06a54a00-10af-40ef-81d2-9f4837ad3d7a
Age
0
Policy-Key-Accountid
5348771529001
X-Cache
Miss from cloudfront
Connection
keep-alive
Powered-By
BC
Content-Length
4510
Via
1.1 varnish, 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
X-Served-By
cache-hhn4025-HHN
BCOV-instance
unknown
Policy-Key-Raw
BCpkADawqM2_330AZUx3hOhw08ByXIIKL1qVDScQT4-Y20iQov_t7uCKQ2OMBzj46A_jfmEwilabuEUd5-JeBhNlW6TrJws1fMwsZUbidjRxZrjRA1MDtkGXpXE-NQdMPsIQ1XSQarOExJ-4
X-Timer
S1601809281.631610,VS0,VE172
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control
max-age=0, no-cache, no-store
Account-Status
APPROVED
BCOV-Debug-Cache-Stats
unknown
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id
eL_U2naqHy8FQM_XjODpOak_mOy6LT_x3DmiFWYmIpTRRHtmaEsgUg==
X-Cache-Hits
0
tracker
metrics.brightcove.com/v2/
35 B
94 B
Image
General
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=7d712940ac373fd0994bf88f&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&platform_version=6.42.4&player=players.brightcove.com%2F5348771529001%2FKjZtYFggZ_default&player_name=%5BPROD%5D%20-%20Redesign%20v6.42.4-%202020-07-02&source=&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F5348771529001%2Fvideos%2F6197176668001&time=1601809279487&seq=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 04 Oct 2020 11:01:19 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
activeview
pagead2.googlesyndication.com/pcs/ Frame 42B9
42 B
70 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssg3ODBJlDpxL3qLfTdWBm6C071QD05b7TKe3dtfEbue-F0l71IxOmc9SYvhUs6aaFwZcA2Z32TH7L-VK-B78LPyfZoNY_PTx5-v6CMWqY&sig=Cg0ArKJSzLgMXLg-pMmuEAE&adk=3134237981&tt=-1&bs=1600%2C1200&mtos=1086,1086,1086,1086,1086&tos=1086,0,0,0,0&p=202,795,212,805&postrxl=1&mcvt=1086&rs=0&ht=0&tfs=377&tls=1463&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=5&niot_cbk=103&md=2&btr=0&cpmav=0&lm=2&rst=1601809278001&dlt&rpt=372&isd=0&msd=0&xdi=0&ps=1600%2C2426&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-10-3-9-9-0-0-0&tvt=1461&is=10%2C10&iframe_loc=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&r=v&id=osdim&vs=4&uc=10&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=10x10&itpl=3&v=20201002
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=df32f3cf-f7e9-a3f8-736c-7489c0e73c30&tv={c:qaBbFR,time:1435,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1435,n:0,pp:0,pm:0},slEvents:[{sl:o,t:191,wc:0.0.1600.1200,ac:795.202.10.10,am:i,cc:795.202.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1307~0],as:[1307~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:131,fm:scrGuxm+11|12|13|14.10507|141|15*.10507|151|16|17|18|19|1a|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l,idMap:15*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:21 GMT
X-Server-Name
dt51ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c3b5155e-3f54-1f91-5391-6d00accbf91b&tv={c:qaBbHt,time:1532,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1532,n:0,pp:0,pm:0},slEvents:[{sl:o,t:306,wc:0.0.1600.1200,ac:1299.104.1.1,am:i,cc:1299.104.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1235~0],as:[1235~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:140,fm:scrGuxp+11|12|13|14*.10507|141|151|152|16|17|18|19|1a|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:21 GMT
X-Server-Name
dt51ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
large_image_homeloan5.png
production-blaze-assets.ratecity.com.au/news-feed/
25 KB
25 KB
Image
General
Full URL
https://production-blaze-assets.ratecity.com.au/news-feed/large_image_homeloan5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:dc01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05c4482d09d9e4c287ebeeba762cb0dd1edbfa6af7879224818a336e3199eb5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:20 GMT
cf-cache-status
HIT
age
3159
cf-polished
origFmt=png, origSize=34583
cf-ray
5dce67811a6d0742-FRA
status
200
content-disposition
inline; filename="large_image_homeloan5.webp"
content-length
25188
x-amz-id-2
ajlmFj1zACsKljjzYN/rl+q8VC4hn4+rZIEq64U+mjLOuVsuHWE7TM9+bhgENN3r/2pX2mwbYIw=
last-modified
Tue, 31 Mar 2020 03:13:44 GMT
server
cloudflare
etag
"f83ebce7fdd6aab73abd5c7f45860ba9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
31367D9F0A51814A
cf-request-id
0594df04aa00000742b097d200000001
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c3b5155e-3f54-1f91-5391-6d00accbf91b&tv={c:qaBbKw,pingTime:-10,time:1721,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTEyMHx8TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1601809279311||c2f6953e378e64279cf4a41323ea7a45||71ff54ebddb1e090fbf173d96e2342c8||f8c40b2bccab574d737f628ef49df102||f8a295c8470673ba738a6146768d86c4||734ec866d40918509d42af5d8a9eba51||3d78b35bd68d84fa0d2563ce9cd1dda1||bcb134f51ab5544105cb6625f499ef7e||1576000828,sca:{spg:df32f3cf-f7e9-a3f8-736c-7489c0e73c30}}
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:21 GMT
X-Server-Name
dt51ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
large_image_creditcard5.png
production-blaze-assets.ratecity.com.au/news-feed/
20 KB
21 KB
Image
General
Full URL
https://production-blaze-assets.ratecity.com.au/news-feed/large_image_creditcard5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:dc01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e188ad099d51d7ceb1ab620aadd578c4e0d05d9419cf386952ba0f76eef92d78

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:20 GMT
cf-cache-status
HIT
age
3158
cf-polished
origFmt=png, origSize=29595
cf-ray
5dce6782aff10742-FRA
status
200
content-disposition
inline; filename="large_image_creditcard5.webp"
content-length
20876
x-amz-id-2
VioFGCVIPFYWTsX4O4P7SAy8pWcecK1xKtlybr50rjK6xKjtDxdBiwHscXy7bWVaaoMZd1ZuxA8=
last-modified
Tue, 31 Mar 2020 03:13:41 GMT
server
cloudflare
etag
"50558a3f28e8594fcf06c0e33d4a8bf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
44DB0507A98D40FF
cf-request-id
0594df05ad00000742b0996200000001
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
large_image_personalloan3.png
production-blaze-assets.ratecity.com.au/news-feed/
17 KB
18 KB
Image
General
Full URL
https://production-blaze-assets.ratecity.com.au/news-feed/large_image_personalloan3.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:dc01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca7ed003254787959c83562ed3561e716dca27e97cdc9ced4f89106073b7beb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:20 GMT
cf-cache-status
HIT
age
2805
cf-polished
origFmt=png, origSize=28455
cf-ray
5dce6784aec40742-FRA
status
200
content-disposition
inline; filename="large_image_personalloan3.webp"
content-length
17756
x-amz-id-2
6gGGdRPU63PD8BtHRYRolSBiWIhqcfHh+ZiqTp774GeS8Cw1dneYNleVDuf+AyG9C7ywGaO9VtM=
last-modified
Tue, 31 Mar 2020 03:13:48 GMT
server
cloudflare
etag
"937ca9e2117cd8585a9f3d3883caba36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
40D7098F0E9A10A4
cf-request-id
0594df06e700000742b09bb200000001
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
tracker
metrics.brightcove.com/v2/
35 B
94 B
Image
General
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=7d712940ac373fd0994bf88f&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&platform_version=6.42.4&player=players.brightcove.com%2F5348771529001%2FKjZtYFggZ_default&player_name=%5BPROD%5D%20-%20Redesign%20v6.42.4-%202020-07-02&source=&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F5348771529001%2Fvideos%2F6197176668001&time=1601809280836&response_time_ms=1349&seq=3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 04 Oct 2020 11:01:20 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/jit/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/main/650x365/18s564ms/match/
63 KB
64 KB
Image
General
Full URL
https://cf-images.ap-southeast-2.prod.boltdns.net/v1/jit/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/main/650x365/18s564ms/match/image.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.152 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-152.fra50.r.cloudfront.net
Software
/ BC
Resource Hash
715f7c6f45fce02b0672aa020f9c8f6b96a4658e31a45ecb123f23a762ec6389

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 03 Oct 2020 18:47:12 GMT
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
58448
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA50-C1
Content-Length
64977
X-Amz-Cf-Id
wEzL5hPMurulTImFu4VSSBtWWcCy3DLZ-ygsd_a5uoEtWKxVSb1-cw==
Expires
Sun, 03 Oct 2021 18:47:12 GMT
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/10s/
3 KB
3 KB
XHR
General
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/10s/master.m3u8?fastly_token=NWY5ZTk5MmZfZDU4ZWJmOWFlZmQzY2YwYWFmNTcyNWNiMDMwZjBiZTlkYjljZTM4NDQ5Y2NiNjI1NjAwMGQyMTk1MTU0Y2ViZg%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
bd40cc5912fd9a0a70e94e433c9797174091f7559d9713c093eec9d2dbf79e3c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:20 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
status
200
x-bolt-device-group
desktop-chrome
content-length
2842
x-served-by
cache-hhn4075-HHN
x-device-group
desktop-chrome
x-timer
S1601809281.911679,VS0,VE54
x-powered-from
eu-west-1a
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
truncated
/
515 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31ed7d7f64a4159b3f29cecb04fad647048669ac05c4bc660a291d69e23a4fc6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6cf74a8b79c44a7bc435b400f7704246ed5dc79c31bb6defb4b58de5c79f9df

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
be9c1fa1-66af-4d12-ba24-aa1bfb02280f
https://www.heraldsun.com.au/
6 KB
0
Other
General
Full URL
blob:https://www.heraldsun.com.au/be9c1fa1-66af-4d12-ba24-aa1bfb02280f
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78019648f069149488cb2c763d86dcce82ad1e600e2c1909c770efc0be1a2543

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
5922
Content-Type
application/javascript
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=6197176668001&i=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&g0=news%2Cnational%2Cvideo&u=BE3b1TDFEpVqCIJGL8&t=_i7m9h6qEDx3Ok_BKN2cpBR7Dt&x=0&y=0&V=120&VS=BCN&n=1&b=7014&r=&_vd=-1&_vi=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%C2%A0Announcement%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c&_vh=heraldsun.com.au&_pu=-qX9rDnNp3TCr4oU7&_pt=DlhmZ1DdusThS7ZgNDNJG7eBBFj_2&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=1.54&_vpt=0&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fjit%2F5348771529001%2F789fa58e-bfc2-4642-a15e-055cb3825399%2Fmain%2F152x85%2F18s564ms%2Fmatch%2Fimage.jpg&_vaup=unkn&_vce=0&c=0.03&W=0&R=0&I=1&E=0&j=75&tz=-120&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.132.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-132-182.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
tracker
metrics.brightcove.com/v2/
35 B
94 B
Image
General
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=7d712940ac373fd0994bf88f&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&platform_version=6.42.4&player=players.brightcove.com%2F5348771529001%2FKjZtYFggZ_default&player_name=%5BPROD%5D%20-%20Redesign%20v6.42.4-%202020-07-02&source=&time=1601809280917&event=video_impression&web_ad_info=%7B%22plugin%22%3A%22ima3%22%2C%22pluginVersion%22%3A%223.4.4%22%2C%22adTech%22%3A%22html5%22%2C%22requestMode%22%3A%22onplay%22%2C%22timeout%22%3A4200%7D&video=6197176668001&video_name=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&video_duration=37&autoplay=false&preload=none&qos.content.sourceMimeType=application%2Fvnd.apple.mpegurl&seq=4_0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 04 Oct 2020 11:01:20 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
gn
secure-dcr.imrworldwide.com/cgi-bin/
44 B
527 B
Image
General
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_news_S&asn=news&sessionId=tN8oR8s34o1Xt7RwdIvaOwSwCFHZn1601809278&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,national&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,UUa0L32aKVY9Z3YjZGUOBdIKEy33S1601809278&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16018092783861139&c30=bldv,6.0.0.537&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1601809277879&c3=st,c&c64=starttm,1601809280&adid=1601809277879&c58=isLive,false&c59=sesid,&c61=createtm,1601809279&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&c66=mediaurl,&c62=sendTime,1601809279&rnd=762974
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.114.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:20 GMT
server
nginx
status
200
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/6fdc3e38-1b6c-4020-8a33-88a8995b3b45/10s/
2 KB
2 KB
XHR
General
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/6fdc3e38-1b6c-4020-8a33-88a8995b3b45/10s/rendition.m3u8?fastly_token=NWY5ZTk5MmZfOTRiNjQ0ZTcwNzdkN2Q3NWI2MjNmMGQ4MzI1MTk2NzlkM2NhYThmZjk4NmZiZWVlMTNmODNiNDEyMWZlMDE2MA%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
a822a6ae61ad5f04202ce5fe2caeb23fc3f28cc8f348c68bb5bbad1c37e98b61

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:21 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
status
200
content-length
1697
x-served-by
cache-hhn4075-HHN
x-device-group
desktop-chrome
x-timer
S1601809281.977194,VS0,VE322
x-powered-from
eu-west-1b
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
large_image_personalloan6.png
production-blaze-assets.ratecity.com.au/news-feed/
17 KB
18 KB
Image
General
Full URL
https://production-blaze-assets.ratecity.com.au/news-feed/large_image_personalloan6.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:dc01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c84e3b7adbebacd2b274b2fbf70fd4c84cab39b29e2fcc38c028f664bcf5d56

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:21 GMT
cf-cache-status
HIT
age
2998
cf-polished
origFmt=png, origSize=29447
cf-ray
5dce67869d380742-FRA
status
200
content-disposition
inline; filename="large_image_personalloan6.webp"
content-length
17580
x-amz-id-2
HH4gJPQuclqLZUsm6O1clr9bee1ATdyR/puF4eFxhKzIEThT2yNEYW+P6fRXDjgBhCPm1x/VXsA=
last-modified
Tue, 31 Mar 2020 03:13:48 GMT
server
cloudflare
etag
"057023ca59aad15886e35b740bd58792"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
EN5N5V8M8H6XAYDY
cf-request-id
0594df082300000742b09d9200000001
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/10s/
2 KB
2 KB
XHR
General
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/10s/rendition.m3u8?fastly_token=NWY5ZTk5MmZfMmIzZDA2ZTdiZTMwMDc5NTlmOTkyNDJmNGQ2Y2U4YjZlZDYzZmYwYWZjZjk3MjMyM2MwMGE4MzFkNjcwMmZmMw%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
7346af782bbe5b5c571511676141b576695482a2aa53c400938ef201b5981c81

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:21 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
status
200
content-length
1694
x-served-by
cache-hhn4075-HHN
x-device-group
desktop-chrome
x-timer
S1601809281.313765,VS0,VE351
x-powered-from
eu-west-1c
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020092201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b9f16bfff9caea6e7b6a06128351ed37099539998462b1e2fd64be7491de60b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Oct 2020 11:01:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6381
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Sun, 04 Oct 2020 11:01:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 1C92
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Sun, 04 Oct 2020 10:13:51 GMT
expires
Mon, 04 Oct 2021 10:13:51 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2850
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
45 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020092201&jk=2806783019099335&bg=!jY6ljpZYroUm0hhhabkCAAAAuFIAAAAPCgIQtwOw69tqK-noC9NIs5oyFK63tm91qVNZsycErLgyLHyDE1BFpxAQ5VHD5bu-4Asela57_eFlNT-y35vUP9R_-ECAH-8FHxB3Oyxfh8IBb7Xi3K2SLuySv3Mkj7RtUmDxSwczhz73k-soqj8V9nD7nPnoD4R38bYjd9oUsHEVGsqb8pb1h0w4OEC4ek_x1w2Xwc9u_fZ2k8ki9xHyLWJhbdpdoZtAim4v-AVkXbWHFNitCS4BosNvc2oh1buY8qvWe7-MJAk4RxKpc_AqW0-bgPzqKKcLYRlt5yWmy01x5T2QruyiKq1lrcYZXBHN4CMc0vrpsZMCPqSNnKMZQAWigSYGkl8djQvRr3ApY3cWKt3E8Nu00B6QpW6WVtmZ9-KqAyXBRiXYFpkTIIkwqA8gPihB5pe7pwazkBAuIOshf7dMRcMZksIygLn2v7AcDjAmA5x5EiTPv4zmMBXmIZjwen5El81tbh8BMlD63WydWAjXjr5pSeZ4BwaNTDAjbVKq_TSamJL5E8vP9SFWz86q6oPDjTVnuurQTKBMpK2g07X96oa0Cy58Ypk6GtlW0EApd7DKlRLuD3BSLHeUTEHOcBWMRW5KE8Z95BlXbFoDiAmTy1Qo8DXcoDOuYXjfjQlrDYLEFizbpX--vmTVv9aeQDqNfSdKgUmOXW_7pG2V6R-Rh1xVQhOif8beRd9yqOWpmQGtNvqv3gFXAu4Cgqc0Ev48r2TTzvJjMlCll0UXfyyr-PIGv5WhbT6kNCRqA371mOZGqmrkCTByM18KzkivWs08IZmLFWpJYN4AMzrZ_Kba3AxslGCgexXRnNb1-5krN0gr5km6yhuL3PQBxvow6vpc1uuHJ-BCRvwe2ENPVThDgT5BkLgkVAwXOXNPrHBxtfd90222lptsScN5IGep-s1iaD0MVUkMoFn4qqbPG8LIFXrkjW7aPMDc5Uij6K_0Kpw7VuFro_3EXnEQIcRUh71ioPjMgE4hA_mCZTSgy6eLovtuYc9GvEs7NKpdc1N_T2XgGZWjpHqBfDcdH7W08S6hkt-CW5b7JFtpMZ8zQlvx_IRddrYWVPw2YNMZrZqmH1_LEjc3KOl0XqVweaqtjGKBKME_Yc7OPSsv7_8YJHpdceNGJ5oAjHkb3vIePq6iRTl-Ccrq3gfD10g1qfz8R3UA95CVLjeffVJ1A17INC7Kkf1XD08-lV4Ammy84NLiv7ryQg2jD5Yo0HIvee1qsqSa_ImH8kq913ElvDJspH2kJjhXCADSRj--gwJf63na
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c&u=-qX9rDnNp3TCr4oU7&d=heraldsun.com.au&g=36976&g0=news%2Cnational%2Cvideo&g1=No%20Author&n=1&f=00001&c=0.08&x=0&m=0&y=2426&o=1600&w=1200&j=30&R=1&W=0&I=0&E=4&e=4&r=&b=4816&t=DlhmZ1DdusThS7ZgNDNJG7eBBFj_2&V=120&tz=-120&_vi=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&_vp=6197176668001&_vdd=video%40heraldsun.com.au&_vs=s1&_vt=ct&_vap=&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fjit%2F5348771529001%2F789fa58e-bfc2-4642-a15e-055cb3825399%2Fmain%2F152x85%2F18s564ms%2Fmatch%2Fimage.jpg&_vd=-1&sn=2&sv=VuPwhDBAgVjDK3tw3DjTCCzJWI61&sd=1&im=067b0ef2&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.132.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-132-182.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=df32f3cf-f7e9-a3f8-736c-7489c0e73c30&tv={c:qaBcIn,time:5436,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5436,n:0,pp:0,pm:0},slEvents:[{sl:o,t:191,wc:0.0.1600.1200,ac:795.202.10.10,am:i,cc:795.202.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5308~0],as:[5308~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1106,fm:scrGuxm+11|12|13|14.10507|141|15*.10507|151|16|17|18|19|1a|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l,idMap:15*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:24 GMT
X-Server-Name
dt51ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c3b5155e-3f54-1f91-5391-6d00accbf91b&tv={c:qaBcK2,time:5535,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5535,n:0,pp:0,pm:0},slEvents:[{sl:o,t:306,wc:0.0.1600.1200,ac:1299.104.1.1,am:i,cc:1299.104.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5238~0],as:[5238~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:888,fm:scrGuxp+11|12|13|14*.10507|141|151|152|16|17|18|19|1a|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:24 GMT
X-Server-Name
dt51ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
5fe61c8b533204850a490d4d-adobeorg.xml
newscorpau.hb.omtrdc.net/settings/
228 B
493 B
XHR
General
Full URL
https://newscorpau.hb.omtrdc.net/settings/5fe61c8b533204850a490d4d-adobeorg.xml?r=1601809285900
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.80.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
openresty /
Resource Hash
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:26 GMT
Last-Modified
Mon, 14 Sep 2020 14:20:31 GMT
Server
openresty
ETag
"5f5f7c2f-e4"
Content-Type
text/xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
228
s5290795249680
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/
43 B
212 B
XHR
General
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/s5290795249680
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 04 Oct 2020 11:01:25 GMT
x-content-type-options
nosniff
x-c
master-1388.I1d56d5.M0-459
p3p
CP="This is not a P3P policy"
status
200
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 05 Oct 2020 11:01:25 GMT
server
jag
xserver
anedge-58d4c4cffc-tx5zk
etag
3439859246837366784-4621723858126873964
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Sat, 03 Oct 2020 11:01:25 GMT
/
newscorpau.hb.omtrdc.net/
0
139 B
XHR
General
Full URL
https://newscorpau.hb.omtrdc.net/?s:sc:rsid=newscorpau-hsweb%2Cnewscorpau-global&s:sc:tracking_server=metrics.heraldsun.com.au&h:sc:ssl=1&s:sp:channel=National%2C%20News&s:sp:player_name=NewsCorp%20Brightcove%20Video%20Player&s:sp:hb_version=js-2.2.0.223-05c3c4&l:sp:hb_api_lvl=4&s:event:sid=1601809285903353945599&s:event:type=start&l:event:duration=0&l:event:playhead=0&l:event:ts=1601809285911&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&s:asset:video_id=6197176668001&s:asset:publisher=5FE61C8B533204850A490D4D%40AdobeOrg&l:asset:length=37&s:stream:type=vod&l:stream:bitrate=5000&l:stream:fps=24&l:stream:dropped_frames=10&l:stream:startup_time=0&s:meta:channel=National%2C%20News%2C%20Bedminster-New%20Jersey%2C%20Presidency%20of%20Donald%20Trump&s:meta:brand=herald%20sun&s:meta:site=herald%20sun%20web&s:meta:autoPlay=true&s:meta:videoSource=storyful&s:meta:advtType=CSAI&s:meta:a.media.network=herald%20sun&s:meta:mediacontenttype=Standard&s:meta:a.media.streamType=video
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.80.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 04 Oct 2020 11:01:26 GMT
Server
openresty
Connection
keep-alive
/
content.api.news/v3/search/
74 KB
7 KB
Fetch
General
Full URL
https://content.api.news/v3/search/?size=7&page=1&query=type:%20video%20%20AND%20target.sections.id:%201226490441611%20%20AND%20target.domains:%20heraldsun.com.au%20%20AND%20-rightsMetadata.originatedSource:(Rightster_hollyscoop%20%20OR%20Rightster_the_savory%20OR%20Rightster_celebrity_wire)%20AND%20-rightsMetadata.usage:fair_dealing%20AND%20platform.id:5348771529001-*%20&api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx/1.14.1 /
Resource Hash
3e74a085916b98d9849a56d3c7d37f3ec849d8db466092fcb3c11100d402cd76

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:26 GMT
content-encoding
gzip
x-newsapi-cache
HIT
status
200
x-newsapi-timestamp
2020-10-04T11:01:26.127Z[UTC]
x-newsapi-traceid
92af7255d8e2b6a2
content-length
6962
x-application-context
a-bootiful-client:prod:5000
access-control-allow-headers
x-newsapi-api-key
server
nginx/1.14.1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Mashery-Error-Code, X-Mashery-Responder
cache-control
max-age=1730
x-newsapi-processing-time
17
x-mashery-responder
prod-j-worker-ap-southeast-2b-33.mashery.com
expires
Sun, 04 Oct 2020 11:30:16 GMT
truncated
/
403 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
359ae88af34132a98271ad73e6915d0d2bf125c3b8f5a0c03162c619ba249800

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
tracker
metrics.brightcove.com/v2/
35 B
94 B
Image
General
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=7d712940ac373fd0994bf88f&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&platform_version=6.42.4&player=players.brightcove.com%2F5348771529001%2FKjZtYFggZ_default&player_name=%5BPROD%5D%20-%20Redesign%20v6.42.4-%202020-07-02&source=&time=1601809285895&event=play_request&video=6197176668001&video_name=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&video_duration=37&seq=5_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 04 Oct 2020 11:01:25 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=6197176668001&i=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&g0=news%2Cnational%2Cvideo&u=BE3b1TDFEpVqCIJGL8&t=_i7m9h6qEDx3Ok_BKN2cpBR7Dt&x=0&y=0&V=120&VS=BCN&n=1&b=7014&_vd=37000&_vi=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%C2%A0Announcement%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c&_vh=heraldsun.com.au&_pu=-qX9rDnNp3TCr4oU7&_pt=DlhmZ1DdusThS7ZgNDNJG7eBBFj_2&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s3&_vcs=0&_vbr=-1&_vvs=6.571&_vpt=0&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fjit%2F5348771529001%2F789fa58e-bfc2-4642-a15e-055cb3825399%2Fmain%2F152x85%2F18s564ms%2Fmatch%2Fimage.jpg&_vaup=unkn&_vce=0&c=0.11&W=0&R=0&I=1&E=0&j=75&tz=-120&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.132.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-132-182.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
s53006976879216
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/
43 B
142 B
Image
General
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/s53006976879216?AQB=1&ndh=1&pf=1&t=4%2F9%2F2020%2013%3A1%3A25%200%20-120&cid.&newsnkidcookie.&id=6838a54e69a0184a96b28fe78e89066e&as=1&.newsnkidcookie&.cid&vid=6838a54e69a0184a96b28fe78e89066e&mid=12687799202178718701794524214426117201&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Cnews%7Cvideo%7Cnews%20national%20trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%20video%209105f7389d35056433c6997d45cd840c%20video&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMR&cc=AUD&events=event8%2Cevent54&v1=news%20corp%20au&v2=herald%20sun&v3=herald%20sun%20web&v4=news&v5=national&v9=video&v10=D%3DpageName&v11=D%3Dvid&v14=anonymous&v22=10%3A01%20PM%7CSunday&v24=New&v34=D%3Dg&v77=D%3Dmid&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=UeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:25 GMT
x-content-type-options
nosniff
x-c
master-1388.I1d56d5.M0-459
p3p
CP="This is not a P3P policy"
status
200
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 05 Oct 2020 11:01:25 GMT
server
jag
xserver
anedge-58d4c4cffc-vxrgc
etag
3439859246837366784-4621583236065541600
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sat, 03 Oct 2020 11:01:25 GMT
/
newscorpau.hb.omtrdc.net/
0
139 B
XHR
General
Full URL
https://newscorpau.hb.omtrdc.net/?s:sc:rsid=newscorpau-hsweb%2Cnewscorpau-global&s:sc:tracking_server=metrics.heraldsun.com.au&h:sc:ssl=1&s:user:mid=12687799202178718701794524214426117201&s:user:id=6838a54e69a0184a96b28fe78e89066e&s:aam:blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&l:aam:loc_hint=6&s:cuser:newsnkidcookie.id=6838a54e69a0184a96b28fe78e89066e&s:cuser:newsnkidcookie.as=1&s:sp:channel=National%2C%20News&s:sp:player_name=NewsCorp%20Brightcove%20Video%20Player&s:sp:hb_version=js-2.2.0.223-05c3c4&l:sp:hb_api_lvl=4&s:event:sid=1601809285903353945599&s:event:type=aa_start&l:event:duration=0&l:event:playhead=0&l:event:ts=1601809285949&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&s:asset:video_id=6197176668001&s:asset:publisher=5FE61C8B533204850A490D4D%40AdobeOrg&l:asset:length=37&s:stream:type=vod&l:stream:bitrate=5000&l:stream:fps=24&l:stream:dropped_frames=10&l:stream:startup_time=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.80.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 04 Oct 2020 11:01:26 GMT
Server
openresty
Connection
keep-alive
jsvid
pixel.adsafeprotected.com/
218 KB
72 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jsvid?videoId=1edf8dd964a58640cacf8467163d8a77&anId=928981&campId=645x362&chanId=/5129/ndm.hwt/news/national&placementId=5249645958&pubCreative=138298193489
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.59.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
68483f961a727be6cf16cd005fef1c172acb25074188ba9328ce8a811b43bdc6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:26 GMT
content-encoding
gzip
x-server-name
app18.ie.303net.net
status
200
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
tracker
metrics.brightcove.com/v2/
35 B
94 B
Image
General
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=7d712940ac373fd0994bf88f&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&platform_version=6.42.4&player=players.brightcove.com%2F5348771529001%2FKjZtYFggZ_default&player_name=%5BPROD%5D%20-%20Redesign%20v6.42.4-%202020-07-02&source=&event=ad_start&video=6197176668001&video_name=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&video_duration=37&time=1601809286301&seq=6_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 04 Oct 2020 11:01:26 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
csi
csi.gstatic.com/
0
53 B
Other
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kfuzvy5z&c=1221395609384&slotId=610697804692&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:818::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
status
204
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r2---sn-4g5ednee.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1601830886/sparams/acao,ctier,ex...
Redirect Chain
  • https://redirector.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1601830886/sparams/ip,ipbits,e...
  • https://r2---sn-4g5ednee.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1601830886/sparams/acao,...
15 KB
15 KB
Media
General
Full URL
https://r2---sn-4g5ednee.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1601830886/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/7E5D0925ECB73DD6112D436BF72A3678877BA8B5.5FDFF1915D3026722C77D13383F50CC0C0A8209E/key/cms1/cms_redirect/yes/mh/Bl/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5ednee/ms/nvh/mt/1601809159/mv/m/mvi/2/pl/40/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:45::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
275f5949b25822667e45802442749d2577795339deb1dab9e5b4fc0b4bb283bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 18 Dec 2019 00:56:16 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-15003/15004
Cache-Control
private, max-age=21300
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
15004
Expires
Sun, 04 Oct 2020 11:01:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:26 GMT
server
ClientMapServer
status
302
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-4g5ednee.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1601830886/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/7E5D0925ECB73DD6112D436BF72A3678877BA8B5.5FDFF1915D3026722C77D13383F50CC0C0A8209E/key/cms1/cms_redirect/yes/mh/Bl/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5ednee/ms/nvh/mt/1601809159/mv/m/mvi/2/pl/40/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
695
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.4.114.js
static.adsafeprotected.com/ Frame 4375
81 KB
22 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.4.114.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 28 Aug 2020 08:42:12 GMT
content-encoding
gzip
age
3205154
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 Jan 2020 23:54:54 GMT
server
AmazonS3
etag
W/"e456dd0e5be3c2494dd734db6c5b965c"
vary
Accept-Encoding
x-amz-version-id
gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via
1.1 168a24ef858eb187119582fbc6ac0718.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZAG50-C1
content-type
application/javascript
x-amz-cf-id
C4CgBZdC0phhnaOh_cWQYM8upgBngK5kLgMnhRtXLf6cPLsvgxiVZA==
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3cc98c59-4cf1-0d89-96f6-f73cb14b21f8&tv={c:qaBdmf,pingTime:-2,time:71,type:a,im:{sf:0,pom:1,prf:{beA:14040,beZ:14042,mfA:14043,cmA:14044,inA:14044,inZ:14052,prA:14052,prZ:14062,si:14071,poA:14071,poZ:14087,cmZ:14087,mfZ:14087,loA:14106,loZ:14107,ltA:14110,ltZ:14110}},env:{gca:false,cca:false,gca2:false},clog:[{piv:100,vs:o,r:v,w:645,h:363,t:29}],ve:{vEventCount:1,vEvents:[{t:-108,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:0,o:71,n:0,pp:0,pm:0},slEvents:[{sl:o,t:29,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:v,bkn:{piv:[64~100],as:[64~645.363]}}],slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:0,fm:scrGuxm+1*.928981|11|12|13|14.10507|141|142|15.10507|151|152|16|17|18|19|1a1|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l|1m,idMap:1*,rmeas:1,rend:1,renddet:env,slid:[],sinceFw:39,readyFired:true}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:26 GMT
X-Server-Name
dt51ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?videoId=1edf8dd964a58640cacf8467163d8a77&anId=928981&campId=645x362&chanId=/5129/ndm.hwt/news/national&placementId=5249645958&pubCreative=138298193489&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:3cc98c59-4cf1-0d89-96f6-f73cb14b21f8,c:qaBdlA,sl:outOfView,em:false,fr:true,mn:app18ie,pt:2-5-15,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:v,br:u,abv:na,an:n,oam:0,vc:jv3,scm:publ2.grpm2.vidqua_4_so_2,nbld:0,fm:scrGwzK+1*.928981|11|12|13|141|142|151|152|16|17|18|19|1a1|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l|1m,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:jsvid,thd:1,et:31,oid:f299e1bf-0630-11eb-9390-0ab32f77e5b0,v:19.8.133,sp:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:645x362,x_xplac:5249645958,x_xpc:ima
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.59.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Oct 2020 11:01:26 GMT
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
76a7628596436926f3376b1a419bb4f9
content.api.news/v3/images/bin/
6 KB
7 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/76a7628596436926f3376b1a419bb4f9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
86942be801fc5a474a63018644e5bb6c96c0a2747328a1b87999f84d1b3b9f54

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:26 GMT
X-Check-Cacheable
YES
Edge-Cache-Tag
76a7628596436926f3376b1a419bb4f9
Connection
keep-alive
Content-Length
6088
Last-Modified
Sat, 03 Oct 2020 18:36:10 GMT
Server
Akamai Image Manager
ETag
894acaae695fc3630908aeb474857717-76a7628596436926f3376b1a419bb4f9-0
X-Serial
140
Access-Control-Allow-Methods
GET
Content-Type
image/webp
Access-Control-Allow-Origin
*
X-hobit
2B
Cache-Control
private, no-transform, max-age=5124833
Access-Control-Allow-Headers
x-newsapi-api-key
Expires
Wed, 02 Dec 2020 18:35:19 GMT
similars
api.vidora.com/v1/users/19i7ab1ah4bmd64sj0ju27qlr4gbf9/items/9105f7389d35056433c6997d45cd840c/
361 B
583 B
Fetch
General
Full URL
https://api.vidora.com/v1/users/19i7ab1ah4bmd64sj0ju27qlr4gbf9/items/9105f7389d35056433c6997d45cd840c/similars?limit=10&category=heraldsun.com.au&api_key=newsau_video.93DFAEA2BB0A788E1466709DFF2B086C
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.19.224.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f1ebc78806692a580c16d4a200029758a366c7954c48a4ff0954ff3e1091d9c1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
X-Robots-Tag
noindex
Content-Length
251
Expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3cc98c59-4cf1-0d89-96f6-f73cb14b21f8&tv={c:qaBdpo,pingTime:0,time:266,type:pf,clog:[{piv:100,vs:o,r:v,w:645,h:363,t:29},{vs:i,r:,t:266}],ve:{vEventCount:4,vEvents:[{t:-108,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:74,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:645x362,x_xplac:5249645958,x_xpc:ima},{t:87,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:87,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:0,o:266,n:0,pp:0,pm:0},slEvents:[{sl:o,t:29,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:v,bkn:{piv:[259~100],as:[259~645.363]}},{sl:i,t:266,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:,bkn:{piv:[0~100],as:[1~645.363]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:41,fm:scrGuxm+1*.928981|11|12|13|14.10507|141|142|15.10507|151|152|16|17|18|19|1a1|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l|1m,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:26 GMT
X-Server-Name
dt51ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3cc98c59-4cf1-0d89-96f6-f73cb14b21f8&tv={c:qaBdte,pingTime:-4,time:504,type:m,clog:[{piv:100,vs:o,r:v,w:645,h:363,t:29},{vs:i,r:,t:266}],ve:{vEventCount:5,vEvents:[{t:-108,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:74,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:645x362,x_xplac:5249645958,x_xpc:ima},{t:87,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:87,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:503,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:238,o:266,n:0,pp:0,pm:0},slEvents:[{sl:o,t:29,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:v,bkn:{piv:[259~100],as:[259~645.363]}},{sl:i,t:266,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:,bkn:{piv:[238~100],as:[238~645.363]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:37,fm:scrGuxm+1*.928981|11|12|13|14.10507|141|142|15.10507|151|152|16|17|18|19|1a1|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l|1m,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:26 GMT
X-Server-Name
dt51ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c&u=-qX9rDnNp3TCr4oU7&d=heraldsun.com.au&g=36976&g0=news%2Cnational%2Cvideo&g1=No%20Author&n=1&f=00001&c=0.16&x=0&m=0&y=2426&o=1600&w=1200&j=30&R=1&W=0&I=0&E=7&e=3&r=&b=4816&t=DlhmZ1DdusThS7ZgNDNJG7eBBFj_2&V=120&tz=-120&_vi=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&_vp=6197176668001&_vdd=video%40heraldsun.com.au&_vs=s3&_vt=ct&_vap=&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fjit%2F5348771529001%2F789fa58e-bfc2-4642-a15e-055cb3825399%2Fmain%2F152x85%2F18s564ms%2Fmatch%2Fimage.jpg&_vd=37000&sn=3&sv=VuPwhDBAgVjDK3tw3DjTCCzJWI61&sd=1&im=067b0ef2&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.132.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-132-182.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
571c1fc3ce64cc4094d0ee12c2309fa7
content.api.news/v3/videos/
14 KB
3 KB
Fetch
General
Full URL
https://content.api.news/v3/videos/571c1fc3ce64cc4094d0ee12c2309fa7?api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx/1.14.1 /
Resource Hash
657109ce0d6441d79480e85d82648b80e4980e78388622353848eb07ab0ffe95

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:28 GMT
content-encoding
gzip
x-newsapi-cache
HIT
edge-cache-tag
571c1fc3ce64cc4094d0ee12c2309fa7
status
200
x-newsapi-timestamp
2020-10-04T11:01:27.822Z[UTC]
x-newsapi-traceid
ad8a5003baa2951d
content-length
2244
x-application-context
a-bootiful-client:prod:5000
access-control-allow-headers
x-newsapi-api-key
server
nginx/1.14.1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Mashery-Error-Code, X-Mashery-Responder
cache-control
max-age=1800
x-newsapi-processing-time
12
x-mashery-responder
prod-j-worker-ap-southeast-2b-35.mashery.com
expires
Sun, 04 Oct 2020 11:31:28 GMT
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3cc98c59-4cf1-0d89-96f6-f73cb14b21f8&tv={c:qaBdxf,pingTime:-7,time:753,type:qf,vv:3.6.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:488,o:266,n:0,pp:0,pm:0},slEvents:[{sl:o,t:29,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:v,bkn:{piv:[259~100],as:[259~645.363]}},{sl:i,t:266,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:,bkn:{piv:[488~100],as:[488~645.363]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:36,fm:scrGuxm+1*.928981|11|12|13|14.10507|141|142|15.10507|151|152|16|17|18|19|1a1|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l|1m,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:27 GMT
X-Server-Name
dt51ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3cc98c59-4cf1-0d89-96f6-f73cb14b21f8&tv={c:qaBdxg,pingTime:-4,time:754,type:m,clog:[{piv:100,vs:o,r:v,w:645,h:363,t:29},{vs:i,r:,t:266}],ve:{vEventCount:6,vEvents:[{t:-108,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:74,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:645x362,x_xplac:5249645958,x_xpc:ima},{t:87,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:87,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:503,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:753,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:488,o:266,n:0,pp:0,pm:0},slEvents:[{sl:o,t:29,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:v,bkn:{piv:[259~100],as:[259~645.363]}},{sl:i,t:266,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:,bkn:{piv:[488~100],as:[488~645.363]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:36,fm:scrGuxm+1*.928981|11|12|13|14.10507|141|142|15.10507|151|152|16|17|18|19|1a1|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l|1m,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:27 GMT
X-Server-Name
dt69ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
validate
assets.vidora.com/v1/
0
312 B
Other
General
Full URL
https://assets.vidora.com/v1/validate?api_key=newsau_video.93DFAEA2BB0A788E1466709DFF2B086C
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:bc00:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 04 Oct 2020 11:01:27 GMT
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA50-C1
status
200
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
w9UhOpz4b0V1isyo1HMT3CsDpn2jg7AcgDa_KAVXZyA7Gxo6vc9qwg==
expires
Sun, 04 Oct 2020 11:01:26 GMT
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3cc98c59-4cf1-0d89-96f6-f73cb14b21f8&tv={c:qaBdBl,pingTime:-4,time:1007,type:m,clog:[{piv:100,vs:o,r:v,w:645,h:363,t:29},{vs:i,r:,t:266}],ve:{vEventCount:7,vEvents:[{t:-108,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:74,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:645x362,x_xplac:5249645958,x_xpc:ima},{t:87,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:87,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:503,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:753,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:1005,tp:adVideoThirdQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:741,o:266,n:0,pp:0,pm:0},slEvents:[{sl:o,t:29,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:v,bkn:{piv:[259~100],as:[259~645.363]}},{sl:i,t:266,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:,bkn:{piv:[741~100],as:[741~645.363]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:37,fm:scrGuxm+1*.928981|11|12|13|14.10507|141|142|15.10507|151|152|16|17|18|19|1a1|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l|1m,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:27 GMT
X-Server-Name
dt69ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
tracker
metrics.brightcove.com/v2/
35 B
94 B
Image
General
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=7d712940ac373fd0994bf88f&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&platform_version=6.42.4&player=players.brightcove.com%2F5348771529001%2FKjZtYFggZ_default&player_name=%5BPROD%5D%20-%20Redesign%20v6.42.4-%202020-07-02&source=&event=ad_end&web_ad_info=%7B%22plugin%22%3A%22ima3%22%2C%22pluginVersion%22%3A%223.4.4%22%2C%22adTech%22%3A%22html5%22%2C%22requestMode%22%3A%22onplay%22%2C%22timeout%22%3A4200%2C%22adType%22%3A%22preroll%22%2C%22adPodLength%22%3A1%2C%22adPodId%22%3A0%2C%22creativeFormat%22%3A%5B%22video%2Fmp4%22%5D%2C%22creativeLength%22%3A%5B1%5D%2C%22creativeId%22%3A%5B%22138298193489%22%5D%2C%22creativeIndex%22%3A%5B0%5D%2C%22wrapperCreativeIds%22%3A%5B%5B%5D%5D%2C%22adId%22%3A%5B%225249645958%22%5D%2C%22adTitle%22%3A%5B%22CCPA%2FGDPR%20Video%20Blocking%20-%20427x240v%22%5D%2C%22adSystem%22%3A%5B%22GDFP%22%5D%2C%22firstPlayedAdIndex%22%3A0%2C%22startedInAdPod%22%3A%5B0%5D%2C%22completedInAdPod%22%3A%5B0%5D%2C%22prerollDelay%22%3A590%2C%22firstPlayInSession%22%3A1601809285895%2C%22adsRequest%22%3A1601809285934%2C%22adsResponseReceived%22%3A1601809286063%2C%22adsLoading%22%3A%5B1601809286298%5D%2C%22adsAdStarted%22%3A%5B1601809286485%5D%2C%22adsAdEnded%22%3A%5B1601809287600%5D%7D&video=6197176668001&video_name=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&video_duration=37&time=1601809287609&seq=7_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 04 Oct 2020 11:01:27 GMT
content-type
image/gif
status
200
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
truncated
/
345 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd0a53c74892b427e1b0e0dff31e91dd8734de8abeef674e3c8dc67a5d14dfed

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ed1feab9e38f9e317c07b14ad48c36d7ddca801f26ceafd590bbbeb4bcfb146

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3cc98c59-4cf1-0d89-96f6-f73cb14b21f8&tv={c:qaBdED,pingTime:-4,time:1211,type:m,clog:[{piv:100,vs:o,r:v,w:645,h:363,t:29},{vs:i,r:,t:266}],ve:{vEventCount:8,vEvents:[{t:-108,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:74,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:645x362,x_xplac:5249645958,x_xpc:ima},{t:87,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:87,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:503,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:753,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:1005,tp:adVideoThirdQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:1198,tp:adVideoComplete,sl:i,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:945,o:266,n:0,pp:0,pm:0},slEvents:[{sl:o,t:29,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:v,bkn:{piv:[259~100],as:[259~645.363]}},{sl:i,t:266,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:,bkn:{piv:[945~100],as:[945~645.363]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:37,fm:scrGuxm+1*.928981|11|12|13|14.10507|141|142|15.10507|151|152|16|17|18|19|1a1|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l|1m,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:27 GMT
X-Server-Name
dt69ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3cc98c59-4cf1-0d89-96f6-f73cb14b21f8&tv={c:qaBdEE,pingTime:-1,time:1212,type:u,clog:[{piv:100,vs:o,r:v,w:645,h:363,t:29},{vs:i,r:,t:266}],ve:{vEventCount:8,vEvents:[{t:-108,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:74,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:645x362,x_xplac:5249645958,x_xpc:ima},{t:87,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:87,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:503,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:753,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:1005,tp:adVideoThirdQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:1198,tp:adVideoComplete,sl:i,volume:0,ad_duration:1,height:0,width:0}]},ndt:6,vv:3.6.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:946,o:266,n:0,pp:0,pm:0},slEvents:[{sl:o,t:29,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:v,bkn:{piv:[259~100],as:[259~645.363]}},{sl:i,t:266,wc:0.0.1600.1200,ac:316.236.645.363,am:v,cc:316.236.645.363,piv:100,obst:0,th:0,reas:,bkn:{piv:[946~100],as:[946~645.363]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:37,metricIdList:[publ2,grpm2,vidqua_4_so_2],fm:scrGuxm+1*.928981|11|12|13|14.10507|141|142|15.10507|151|152|16|17|18|19|1a1|1b|1c|1d|1e|1f|1g|1h1|1i|1j|1k|1l|1m,idMap:1*,rmeas:1,rend:1,renddet:env,lt:7}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.39.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
amidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Oct 2020 11:01:27 GMT
X-Server-Name
dt51ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=6197176668001&i=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&g0=news%2Cnational%2Cvideo&u=BE3b1TDFEpVqCIJGL8&t=_i7m9h6qEDx3Ok_BKN2cpBR7Dt&x=0&y=0&V=120&VS=BCN&n=1&b=7014&_vd=37000&_vi=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%C2%A0Announcement%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c&_vh=heraldsun.com.au&_pu=-qX9rDnNp3TCr4oU7&_pt=DlhmZ1DdusThS7ZgNDNJG7eBBFj_2&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=8.248&_vpt=0&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fjit%2F5348771529001%2F789fa58e-bfc2-4642-a15e-055cb3825399%2Fmain%2F152x85%2F18s564ms%2Fmatch%2Fimage.jpg&_vaup=unkn&_vce=0&c=0.14&W=0&R=1&I=0&E=0&j=20&tz=-120&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.132.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-132-182.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
48e4f4ff-bc40-4457-9613-016a32746a23
https://www.heraldsun.com.au/
57 KB
0
Other
General
Full URL
blob:https://www.heraldsun.com.au/48e4f4ff-bc40-4457-9613-016a32746a23
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed13fa3f823aeb9e4ef85f0b023d01f8c7f9ee83f34ee38cd7f8597bf98daa59

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
58236
Content-Type
application/javascript
00096cd4-73fe-43cb-93d8-2f7378f4f094
https://www.heraldsun.com.au/
57 KB
0
Other
General
Full URL
blob:https://www.heraldsun.com.au/00096cd4-73fe-43cb-93d8-2f7378f4f094
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed13fa3f823aeb9e4ef85f0b023d01f8c7f9ee83f34ee38cd7f8597bf98daa59

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
58236
Content-Type
application/javascript
segment0.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/6fdc3e38-1b6c-4020-8a33-88a8995b3b45/5x/
192 KB
0
XHR
General
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/6fdc3e38-1b6c-4020-8a33-88a8995b3b45/5x/segment0.ts?akamai_token=exp=1604229424~acl=/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/6fdc3e38-1b6c-4020-8a33-88a8995b3b45/*~hmac=e13f6494e29b43a0f973827c40ab2b60d9f028169b0b8c38f199cf14be27e92d
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.50.213 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a92-122-50-213.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:29 GMT
X-Powered-By
BC
Backend-IP
52.65.88.105
BC-MID
true
Connection
keep-alive
Content-Length
1735992
X-Served-By
cache-syd10123-SYD
Akamai-Mon-Iucid-Del
733363
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1601750304.165172,VS0,VE79
X-Powered-From
gantry
ETag
"94f124eed0cd4af3f1273d1d80421961"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31477041
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 03 Oct 2021 18:38:50 GMT
X-Cache-Hits
0
segment0.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/5x/
224 KB
224 KB
XHR
General
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/5x/segment0.ts?akamai_token=exp=1604229424~acl=/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/*~hmac=048928bf3dcfe0b02650e8e97a90ad2aa94a507eaffc21bdd9538209c326e98e
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.50.213 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a92-122-50-213.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
a133a247a80328f0c8bd8a25ad1a34ffcaa3b6b2eb4953eed2dda82a0db8f3ae

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:29 GMT
X-Powered-By
BC
Backend-IP
13.210.132.237
BC-MID
true
Connection
keep-alive
Content-Length
228984
X-Served-By
cache-syd10121-SYD
Akamai-Mon-Iucid-Del
733363
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1601750304.156293,VS0,VE74
X-Powered-From
gantry
ETag
"df77f22f3e449e9b5f7163fbada3b28e"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31476971
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 03 Oct 2021 18:37:40 GMT
X-Cache-Hits
0
a68e5e8cf762f1091935c2e8b6886620
content.api.news/v3/videos/
17 KB
3 KB
Fetch
General
Full URL
https://content.api.news/v3/videos/a68e5e8cf762f1091935c2e8b6886620?api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx/1.14.1 /
Resource Hash
c40798203d363da3554c527fe82a700ae242b5c26ff532f64d05af14275c2618

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:29 GMT
content-encoding
gzip
x-newsapi-cache
HIT
edge-cache-tag
a68e5e8cf762f1091935c2e8b6886620
status
200
x-newsapi-timestamp
2020-10-04T11:01:28.835Z[UTC]
x-newsapi-traceid
f7fcd2a793cb94d4
content-length
2846
x-application-context
a-bootiful-client:prod:5000
access-control-allow-headers
x-newsapi-api-key
server
nginx/1.14.1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Mashery-Error-Code, X-Mashery-Responder
cache-control
max-age=1800
x-newsapi-processing-time
14
x-mashery-responder
prod-j-worker-ap-southeast-2b-33.mashery.com
expires
Sun, 04 Oct 2020 11:31:29 GMT
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c&u=-qX9rDnNp3TCr4oU7&d=heraldsun.com.au&g=36976&g0=news%2Cnational%2Cvideo&g1=No%20Author&n=1&f=00001&c=0.19&x=0&m=0&y=2426&o=1600&w=1200&j=30&R=0&W=0&I=1&E=7&e=0&r=&b=4816&t=DlhmZ1DdusThS7ZgNDNJG7eBBFj_2&V=120&tz=-120&_vi=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&_vp=6197176668001&_vdd=video%40heraldsun.com.au&_vs=s2&_vt=ct&_vap=&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fjit%2F5348771529001%2F789fa58e-bfc2-4642-a15e-055cb3825399%2Fmain%2F152x85%2F18s564ms%2Fmatch%2Fimage.jpg&_vd=37000&sn=4&sv=VuPwhDBAgVjDK3tw3DjTCCzJWI61&sd=1&im=067b0ef2&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.132.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-132-182.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
d40db5e6b3dda1272defd1dcfda6d5ae
content.api.news/v3/videos/
12 KB
2 KB
Fetch
General
Full URL
https://content.api.news/v3/videos/d40db5e6b3dda1272defd1dcfda6d5ae?api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx/1.14.1 /
Resource Hash
302d77b1a648f4b1c1b9924faece8a67709c1939dbab73cee39d47a30f6e6837

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:30 GMT
content-encoding
gzip
x-newsapi-cache
HIT
edge-cache-tag
d40db5e6b3dda1272defd1dcfda6d5ae
status
200
x-newsapi-timestamp
2020-10-04T11:01:30.126Z[UTC]
x-newsapi-traceid
a8c6d6aaa2361a27
content-length
1883
x-application-context
a-bootiful-client:prod:5000
access-control-allow-headers
x-newsapi-api-key
server
nginx/1.14.1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Mashery-Error-Code, X-Mashery-Responder
cache-control
max-age=1800
x-newsapi-processing-time
53
x-mashery-responder
prod-j-worker-ap-southeast-2a-34.mashery.com
expires
Sun, 04 Oct 2020 11:31:30 GMT
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/fd0624d6-459d-409a-a536-e2af5ec7c013/10s/
2 KB
2 KB
XHR
General
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/fd0624d6-459d-409a-a536-e2af5ec7c013/10s/rendition.m3u8?fastly_token=NWY5ZTk5MmZfNzgwMDNhNTExYzBjOTlkYWZmNDU0MDlkMzkwMDk0YjE0N2Q5ZDdiNDFhOTRmOTI4MWVlOTI1ZjM3MmUzMDI5Mg%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
44b2cb9da570c1fa4778868e84c717f76b1e2bcdd3c086b42d3ce1e217bf234d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 04 Oct 2020 11:01:30 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
status
200
content-length
1697
x-served-by
cache-hhn4075-HHN
x-device-group
desktop-chrome
x-timer
S1601809290.098935,VS0,VE320
x-powered-from
eu-west-1c
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
segment1.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/5x/
0
0

8bdb0bf879c0c20e038083203209ad5b
content.api.news/v3/images/bin/
7 KB
8 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/8bdb0bf879c0c20e038083203209ad5b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c22f7baf4445bade8311ba0fb95b51fcf9ad6bfa6e64a02d71a8f26e8cb3d467

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:30 GMT
X-Check-Cacheable
YES
Edge-Cache-Tag
8bdb0bf879c0c20e038083203209ad5b
Connection
keep-alive
Content-Length
7270
Last-Modified
Tue, 29 Sep 2020 21:27:12 GMT
Server
Akamai Image Manager
ETag
377c7bcd30b7ce63333e17a1887de68d-8bdb0bf879c0c20e038083203209ad5b-0
X-Serial
1659
Access-Control-Allow-Methods
GET
Content-Type
image/webp
Access-Control-Allow-Origin
*
X-hobit
2B
Cache-Control
private, no-transform, max-age=4789501
Access-Control-Allow-Headers
x-newsapi-api-key
Expires
Sat, 28 Nov 2020 21:26:31 GMT
ccd5b1fc51bacf61dfec9fd06832306d
content.api.news/v3/images/bin/
6 KB
7 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/ccd5b1fc51bacf61dfec9fd06832306d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6caa5af5d7a38ee0cd8a5c5d5607676480fae2e42f288742157ca4c8494def3e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Edge-Cache-Tag
ccd5b1fc51bacf61dfec9fd06832306d
Date
Sun, 04 Oct 2020 11:01:30 GMT
Last-Modified
Sat, 03 Oct 2020 21:46:50 GMT
Server
Akamai Image Manager
ETag
449ce6cb526cd29f8df3aa881b9f7aba-ccd5b1fc51bacf61dfec9fd06832306d-0
Access-Control-Allow-Methods
GET
Content-Type
image/webp
Access-Control-Allow-Origin
*
X-hobit
2B
Cache-Control
private, no-transform, max-age=5136297
Connection
keep-alive
Access-Control-Allow-Headers
x-newsapi-api-key
Content-Length
6258
Expires
Wed, 02 Dec 2020 21:46:27 GMT
f67f646bf986db07037a3fd8c7ab7233
content.api.news/v3/images/bin/
4 KB
4 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/f67f646bf986db07037a3fd8c7ab7233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dc1b90ef5033cda57fa0dd5c6e49e5f3c442f244672850dbda8a3e0b290c5774

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:30 GMT
X-Check-Cacheable
YES
Edge-Cache-Tag
f67f646bf986db07037a3fd8c7ab7233
Connection
keep-alive
Content-Length
3918
Last-Modified
Thu, 01 Oct 2020 22:11:48 GMT
Server
Akamai Image Manager
ETag
58117e7d49c1949321b2aec8dad2e855-f67f646bf986db07037a3fd8c7ab7233-0
X-Serial
794
Access-Control-Allow-Methods
GET
Content-Type
image/webp
Access-Control-Allow-Origin
*
X-hobit
2B
Cache-Control
private, no-transform, max-age=4964910
Access-Control-Allow-Headers
x-newsapi-api-key
Expires
Mon, 30 Nov 2020 22:10:00 GMT
fallback.jpg
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/img/
8 KB
8 KB
Image
General
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/img/fallback.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
14607db250fa522f36a92a9902791cac17738aa8a79844dc4ecb73dc4204533e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:30 GMT
Last-Modified
Tue, 29 Sep 2020 01:08:05 GMT
Server
AmazonS3
x-amz-request-id
A278D75F8874CAA7
ETag
"8f5a5f8613a5e0b2617e7fd6df8ebc28"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=137263
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7795
x-amz-id-2
d4MW95YrHxaJxJPXaGdZ44yxioVz0pXk6IdFds0d+0mpoYhMLsfNSvlZvRysPhqoPIYS/VqMD9Q=
Expires
Tue, 06 Oct 2020 01:09:13 GMT
truncated
/
496 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7a3f5f8abb6b86772c206559f0c398f88e3363e7bbdeae69bc670f961cfb34d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
806 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a2c2620e4f22d82bdea9bb3457474cae16013f09cbddfdaa15099d063cd6c02

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
segment0.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/fd0624d6-459d-409a-a536-e2af5ec7c013/5x/
113 KB
0
XHR
General
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/fd0624d6-459d-409a-a536-e2af5ec7c013/5x/segment0.ts?akamai_token=exp=1604229433~acl=/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/fd0624d6-459d-409a-a536-e2af5ec7c013/*~hmac=ec51ff56d4bab8387796e927d1b31f506c53edab70b71098a8803f43a5b67273
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.50.213 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a92-122-50-213.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:31 GMT
X-Powered-By
BC
Backend-IP
13.210.132.237
BC-MID
true
Connection
keep-alive
Content-Length
677176
X-Served-By
cache-syd10148-SYD
Akamai-Mon-Iucid-Del
733363
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1601750307.099532,VS0,VE74
X-Powered-From
gantry
ETag
"ac9e790160e5851db4be4a2a33c66bcd"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31477020
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 03 Oct 2021 18:38:31 GMT
X-Cache-Hits
0
segment0.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/5x/
224 KB
224 KB
XHR
General
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/5x/segment0.ts?akamai_token=exp=1604229424~acl=/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/*~hmac=048928bf3dcfe0b02650e8e97a90ad2aa94a507eaffc21bdd9538209c326e98e
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.50.213 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a92-122-50-213.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
a133a247a80328f0c8bd8a25ad1a34ffcaa3b6b2eb4953eed2dda82a0db8f3ae

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:30 GMT
X-Powered-By
BC
Backend-IP
13.210.132.237
BC-MID
true
Connection
keep-alive
Content-Length
228984
X-Served-By
cache-syd10121-SYD
Akamai-Mon-Iucid-Del
733363
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1601750304.156293,VS0,VE74
X-Powered-From
gantry
ETag
"df77f22f3e449e9b5f7163fbada3b28e"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31476970
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 03 Oct 2021 18:37:40 GMT
X-Cache-Hits
0
segment1.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/5x/
242 KB
242 KB
XHR
General
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/5x/segment1.ts?akamai_token=exp=1604229424~acl=/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/*~hmac=048928bf3dcfe0b02650e8e97a90ad2aa94a507eaffc21bdd9538209c326e98e
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.50.213 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a92-122-50-213.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
2c195d061a0dab1152446c123d839b976e33d5c479722c5ce44010370475da7a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 04 Oct 2020 11:01:31 GMT
X-Powered-By
BC
Backend-IP
13.237.194.50
BC-MID
true
Connection
keep-alive
Content-Length
247408
X-Served-By
cache-syd10120-SYD
Akamai-Mon-Iucid-Del
733363
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1601750307.750228,VS0,VE71
X-Powered-From
gantry
ETag
"3e2e020ecc07a8e1968d1a747e087449"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31477047
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 03 Oct 2021 18:38:58 GMT
X-Cache-Hits
0
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c&u=-qX9rDnNp3TCr4oU7&d=heraldsun.com.au&g=36976&g0=news%2Cnational%2Cvideo&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=2426&o=1600&w=1200&j=45&R=0&W=0&I=1&E=7&e=0&r=&b=4816&t=DlhmZ1DdusThS7ZgNDNJG7eBBFj_2&V=120&tz=-120&_vi=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&_vp=6197176668001&_vdd=video%40heraldsun.com.au&_vs=s2&_vt=ct&_vap=&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fjit%2F5348771529001%2F789fa58e-bfc2-4642-a15e-055cb3825399%2Fmain%2F152x85%2F18s564ms%2Fmatch%2Fimage.jpg&_vd=37000&sn=5&sv=VuPwhDBAgVjDK3tw3DjTCCzJWI61&sd=1&im=067b0ef2&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.132.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-132-182.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Sun, 04 Oct 2020 11:01:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
segment2.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/5x/
0
0

ping
ping.chartbeat.net/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nws-bolt-amd-prod.akamaized.net
URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/5x/segment1.ts?akamai_token=exp=1604229424~acl=/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/*~hmac=048928bf3dcfe0b02650e8e97a90ad2aa94a507eaffc21bdd9538209c326e98e
Domain
nws-bolt-amd-prod.akamaized.net
URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/5x/segment2.ts?akamai_token=exp=1604229424~acl=/media/v1/hls/v4/clear/5348771529001/789fa58e-bfc2-4642-a15e-055cb3825399/8205f3a9-4047-4890-9f80-1e794d066b94/*~hmac=048928bf3dcfe0b02650e8e97a90ad2aa94a507eaffc21bdd9538209c326e98e
Domain
ping.chartbeat.net
URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=6197176668001&i=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%20Announcement&g0=news%2Cnational%2Cvideo&u=BE3b1TDFEpVqCIJGL8&t=_i7m9h6qEDx3Ok_BKN2cpBR7Dt&x=0&y=0&V=120&VS=BCN&n=1&b=7014&_vd=37000&_vi=Trump%20Leaves%20Washington%20for%20New%20Jersey%20Fundraiser%20Hours%20Before%20Coronavirus%C2%A0Announcement%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fnews%2Fnational%2Ftrump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2Fvideo%2F9105f7389d35056433c6997d45cd840c&_vh=heraldsun.com.au&_pu=-qX9rDnNp3TCr4oU7&_pt=DlhmZ1DdusThS7ZgNDNJG7eBBFj_2&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=13.248&_vpt=0&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fjit%2F5348771529001%2F789fa58e-bfc2-4642-a15e-055cb3825399%2Fmain%2F152x85%2F18s564ms%2Fmatch%2Fimage.jpg&_vaup=unkn&_vce=5&c=0.22&W=0&R=1&I=0&E=5&j=20&tz=-120&_

Verdicts & Comments Add Verdict or Comment

319 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| news_config function| addLoadEvent object| _authQ function| FontFaceObserver function| loadCSS object| _taboola object| _authConfig function| $ function| jQuery function| Rampart function| webpackHotUpdateRampart object| __core-js_shared__ object| utag_data object| auth object| vidoraConfig object| exodus object| bruce_rtget object| ads_api object| ads_extra object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag undefined| isAsync undefined| httpGetAsync undefined| parseResponse object| utag object| _gaq object| pageTracker number| _sf_startpt object| _sf_async_config object| _cbq function| Nielsen_Event object| trac function| _tealium_old_error boolean| __tealium_twc_switch object| newskey object| nb function| Krux object| lazySizesConfig object| lazySizes string| scrollDirection object| scrollBreakpoints object| wpcomVipAnalytics function| st_vt object| _tkq object| _stq undefined| mobileStatsQueryString function| LFCommentCount object| sectionData number| _sf_endpt number| gptPluginLoaded object| wpcom_mobile_user_agent_info object| _vms object| jQuery112407971519760424932 function| st_go function| ex_go function| re_go function| linktracker_init object| wpcom object| m object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| nn function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc object| googletag object| ggeac object| google_js_reporting_queue object| ads_core string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| __iasPET object| kw_ignore object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts function| omrhp function| pbjsChunk object| pbjs object| _pbjsGlobals function| AppNexusPrebidAnalytics function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ads_ready object| NOLCMB object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| ADB object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData object| vidora function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick object| V60 object| NOLBUNDLE string| localstorageframe object| googleImaVansAdapter object| diagPixSentCodes object| __iasAdRefreshConfig function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs function| videojsFlash object| videojsFlashlsSourceHandler object| videojsHttpStreaming function| videojsPerSourceBehaviors function| videojsBcAnalytics function| videojsErrors function| videojsBcCatalog object| videojsDock function| videojsPlaylist function| videojsSsai function| bc function| udm_ object| ns_p object| COMSCORE number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error string| google_ad_output string| google_flash_version boolean| google_webgl_support string| google_ad_section string| google_country object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal string| ptclString string| s_tnt string| f0 object| s_i_newscorpau-hsweb_newscorpau-global boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| NT function| vidoraTrackExtraElements function| vidoraTrackItems object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg boolean| _tb_vd_pg function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb undefined| oneTagObj object| bsResponseObj function| _typeof object| ns object| paramsPassed object| stateObject string| BUILDVERSION object| stateEvents object| tbopt object| dailydealsUtils object| dailydealsComponent object| thisCamp1358 string| trackingId object| offers object| el string| partner string| offer string| type string| jsonURL object| payload number| nowTS object| localData object| __IntegralASExec function| WebVTT object| vttjs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| ima object| google object| closure_lm_133404 object| closure_lm_811481 object| GoogleGcLKhOms object| google_image_requests object| linkTrackVars function| __IntegralASDiagnosticCall object| __IntegralASConfig object| __IASScope boolean| isDomless object| __IASOmidVerificationClient undefined| __IntegralAS_3cc98c594cf10d8996f6f73cb14b21f8_919

5 Cookies

Domain/Path Name / Value
.imrworldwide.com/ Name: IMRID
Value: ef689ee0-0630-11eb-a996-2111d1717d3a
.imrworldwide.com/ Name: SSCVER
Value: v1
.demdex.net/ Name: demdex
Value: 12663755442056900841796904397957494091
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Cnews%257Cvideo%257Cnews%2520national%2520trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement%2520video%25209105f7389d35056433c6997d45cd840c%2520video%2C49%2C49%2C1200
.heraldsun.com.au/ Name: tp
Value: 2426

22 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VWNF8L5WMRzPW6gT7SP42SWJLW93kvSZ4gMDRBN3JhCFN4Zc_LV3Zsc37CgVH9Vz9f_M3H2D3pW2q1Qrb5DL6cFW6xXKH337R-5PW4pG77R4W3rGyVwQT6v1L5yDXW7wLgxc586pC2N8wrZHnT1-Z1W2msG-C8Td7BbW42L7P97FtWMXW7k0MV95QdVsFVW0s3c8BNt4wN2LMNb6sRTwKW6RMtyg3_1WSnW7LF0_799VxB-N3qjSHgG_ZswW3zNgLd8gH4m9W5dLSxr7gf_z4N8w2m_j_Z4QQW1CQ5W16gfdHrVpHrl05gF_6BW273TjF8TsDVjW2rmgc52pBJlkVwmpLY5_QVNnW5ScWf75W-4J2W7K7wS16fD0hhW8htQ-217KczcVxqj_C5_YCf7W1zZvGK66M9HMW4Z1wMY5f-mRqW2cgCYK2Bly2dW3RsFJx7kR8H5W73q-YK5PWFjTW5hlMPQ2sRpWkW5C_kPS2GkD1bW8N-Wm45gnfqhW6KlBTY8vdJBS32nc1(Line 13)
Message:
toS
console-api log URL: https://s1.wp.com/wp-includes/js/jquery/jquery-migrate.min.js?m=1466523978h(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://resources.newscdn.com.au/cs/networksales/loader/latest/assets/js/exodus_loader-client.js(Line 1)
Message:
Equator: Successfully loaded
console-api log URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js(Line 2)
Message:
NewsCorp - RePlayer 1.3.18
console-api log URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18)
Message:
UTRACK loaded (from tealium)
console-api warning URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: A plugin named "contribAds6Shim" already exists. You may want to avoid re-registering plugins!
console-api warning URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api log URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3)
Message:
vidora-client 1.3.3 68d5ea1ec45c96bafd89f1a57b8aa2345fbf87f3
console-api error URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3)
Message:
vidora-client included twice!
console-api error URL: https://www.heraldsun.com.au/news/national/trump-leaves-washington-for-new-jersey-fundraiser-hours-before-coronavirus-announcement/video/9105f7389d35056433c6997d45cd840c?_hsmi=88974744&_hsenc=p2ANqtz--IRP1F0wqU6UhrFBiN_h0oI2UqcYQln57zKaUt3SBCtSk3hds1e7dMRUeB3eid9zihS87btYIFZ1uzqwxKMVkrtMSPnHOLqknEOk_9yDb9oVpWgN0&nk=6838a54e69a0184a96b28fe78e89066e-1601809273(Line 1625)
Message:
***** rampart error ***** getLoginStatus [object Object]
console-api debug URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32)
Message:
a: 0.001953125 ms
console-api log URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1)
Message:
VIDEOJS: Setting up IMA middleware
console-api log URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3)
Message:
vidora-client 1.3.3 68d5ea1ec45c96bafd89f1a57b8aa2345fbf87f3
console-api error URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1)
Message:
VIDEOJS: ERROR: SSAI plugin not in use.
console-api log URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js(Line 2)
Message:
Play unmuted was blocked, muting content.
console-api warning URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api warning URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: A plugin named "chartbeat" already exists. You may want to avoid re-registering plugins!
console-api log URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1)
Message:
VIDEOJS: ima3-started
console-api log URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1)
Message:
VIDEOJS: ima3-complete
console-api log URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js(Line 59)
Message:
[13:01:27 GMT+0200 (Central European Summer Time).600] [ERROR] [RuleEngine] API:trackEvent(AdComplete) - MediaHeartbeat is not tracking any AdBreak, call "API:trackEvent(AdBreakStart)" to begin tracking AdBreak
console-api log URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js(Line 59)
Message:
[13:01:27 GMT+0200 (Central European Summer Time).601] [ERROR] [RuleEngine] API:trackEvent(AdBreakComplete) - MediaHeartbeat is not tracking any AdBreak, call "API:trackEvent(AdBreakStart)" to begin tracking AdBreak
console-api warning URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: Problem encountered with the current HLS playlist. Aborted early because there isn't enough bandwidth to complete the request without rebuffering. Switching to another playlist.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
a.tcog.news.com.au
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.dk
analytics.twitter.com
api.vidora.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.taboola.com
cf-images.ap-southeast-2.prod.boltdns.net
cm.everesttech.net
code.jquery.com
content.api.news
csi.gstatic.com
d28c893a65c16b2fe3563b1e2f55ed7d.safeframe.googlesyndication.com
dpm.demdex.net
dt.adsafeprotected.com
edge.api.brightcove.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i1.wp.com
ib.adnxs.com
identityssl.newscdn.com.au
imasdk.googleapis.com
info.silobreaker.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
manifest.prod.boltdns.net
metrics.brightcove.com
metrics.heraldsun.com.au
newscorpau.demdex.net
newscorpau.hb.omtrdc.net
nws-bolt-amd-prod.akamaized.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.wp.com
players.brightcove.net
production-blaze-assets.ratecity.com.au
px.ads.linkedin.com
r.turn.com
r2---sn-4g5ednee.gvt1.com
r3.whistleout.com.au
redirector.gvt1.com
resources.newscdn.com.au
resourcesssl.newscdn.com.au
s.yimg.com
s0.2mdn.net
s0.wp.com
s1.wp.com
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
stats.wp.com
t.co
tags.news.com.au
tags.tiqcdn.com
tpc.googlesyndication.com
use.fontawesome.com
vjs.zencdn.net
widget.perfectmarket.com
www.dailytelegraph.com.au
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.linkedin.com
nws-bolt-amd-prod.akamaized.net
ping.chartbeat.net
104.103.110.93
104.111.215.136
104.111.215.200
104.111.229.57
104.111.238.139
104.16.32.37
104.244.39.20
104.244.42.195
104.244.42.197
104.75.88.206
104.79.88.36
142.250.74.194
143.204.201.81
143.204.202.127
143.204.206.235
143.204.90.152
15.236.9.100
151.101.112.157
151.101.113.108
151.101.113.181
151.101.13.44
172.217.16.194
185.33.221.89
192.0.76.3
192.0.77.2
192.0.77.32
2.18.233.28
2001:4de0:ac19::1:b:1a
212.82.100.181
216.58.206.2
216.58.207.70
216.58.212.134
23.111.9.35
23.210.249.82
2600:9000:20d7:3c00:8:48e:53c0:93a1
2600:9000:20d7:5600:1e:a43d:b640:93a1
2600:9000:20d7:8600:2:42d9:3100:93a1
2600:9000:214f:b400:18:1fcd:34e:d2a1
2600:9000:2156:bc00:4:77d:a0c0:93a1
2600:9000:21f3:fa00:2:42d9:3100:93a1
2606:4700::6811:7bb4
2606:4700::6813:dc01
2607:f8b0:4006:818::2003
2620:1ec:21::14
2a00:1288:f03d:1fa::4000
2a00:1450:4001:45::8
2a00:1450:4001:814::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2004
2a00:1450:4001:81d::2006
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2008
2a00:1450:4001:821::200a
2a00:1450:4001:824::2001
2a00:1450:4001:825::2001
2a00:1450:4001:825::2002
2a02:26f0:10c:58e::25ea
2a04:4e42:1b::539
2a04:4e42:3::729
2a05:f500:10:101::b93f:9105
34.246.59.179
35.227.202.26
35.244.232.184
46.228.164.11
50.17.132.182
50.19.224.62
52.17.114.244
52.214.79.253
52.30.191.169
52.95.129.47
54.198.80.12
63.34.37.82
65.9.187.113
66.117.28.86
80.252.91.52
92.122.50.213
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f
091c2733df586042615d79b6fe413e3f33b87eb090beee72c3ac3e820110b5fd
09437cb0c2c180a44da0250871104b24ca7afe02c78d3871bfc7794a8678d3f8
0a2c2620e4f22d82bdea9bb3457474cae16013f09cbddfdaa15099d063cd6c02
0d29090f37c99f2ff986ace4867496cc257ee7be66bd14b17a9038f8752f1b4d
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554
13e9cadd59d1a5f800069346d101e9a86c699201d7be2b6c716c81f9f1b49f75
1457c29a9454ead0346290bf9958a8ece5569ee5902746b48f6b1cc40e1f4cd2
14607db250fa522f36a92a9902791cac17738aa8a79844dc4ecb73dc4204533e
149034c3859bf3aed5f4447b6e37b8a9594f9febeedb48c20d05f6d85e08343d
1571f08a787b64195df5717339ef8eddc37436dc887957025dfe96db6aeb8ce8
1743b80176c7a9b725d2e472694b728ae510bbdae78ee5d33d58278221f552d9
1b653e6d249409ab2fb80aa11bfec3f56c56b4573900e9dc614a9cb9dc96d686
1ed1feab9e38f9e317c07b14ad48c36d7ddca801f26ceafd590bbbeb4bcfb146
201b59d144d72c6d44ae06a5cb4a9f3bf8a477eadaa3072ea4e38c988917f0f4
21ba87011f958999014cc803ea5e6e0fc106f6f335499d46dc54463c7081751e
269191242ce327a0d4f592a6e93d29b6de04d495102fc73857ccb465bc965ed7
275f5949b25822667e45802442749d2577795339deb1dab9e5b4fc0b4bb283bf
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2be4751d99be38d07fc5cc5f82fafeabc2030978e51d246cc7fc786f7bcd3a00
2c195d061a0dab1152446c123d839b976e33d5c479722c5ce44010370475da7a
2ce9d0e1a7909265d5d0efffbf3f0ca2ab7457379d66dac5f07f7412c0649b03
302d77b1a648f4b1c1b9924faece8a67709c1939dbab73cee39d47a30f6e6837
307fd8f2a00b8f9984d1fa27868cfed4021b715d723f2e48895a094f0c784e25
30c378fb34bf9bdbcc84253b0e2dd0660e89e1bdec1ba964c0c2d42fae7222c1
31ed7d7f64a4159b3f29cecb04fad647048669ac05c4bc660a291d69e23a4fc6
359ae88af34132a98271ad73e6915d0d2bf125c3b8f5a0c03162c619ba249800
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924
3b30fff29c4975fc0a2a8c84a81b6bbfce44ba5b2c5c25a8f47728852dca064c
3c18a16be79b6c4db237b4377ef214b4e36e813b58e60774823bf2b0a4e91e48
3c84e3b7adbebacd2b274b2fbf70fd4c84cab39b29e2fcc38c028f664bcf5d56
3e74a085916b98d9849a56d3c7d37f3ec849d8db466092fcb3c11100d402cd76
40051ced69bbbd6e4c5da7a9f78b7bd0d11c36bc23674d55da8070680fbbb202
406159867f7e5513bada37d3d4ec6ade2c4890c1c06827ba678be491c54f548f
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
434d46a35ef7a3137120064f0311cc96c9ead6d400bec14b6176c425dd560fbf
4353b5e1bb568c2005f7778cda77c52b1c2eb4c026ba698549780e0306b0532e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448edd17d85b0f45d04d16bdd64bcab8ffc962e1dd2183f0e817f2ec42eef4be
44b2cb9da570c1fa4778868e84c717f76b1e2bcdd3c086b42d3ce1e217bf234d
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4948a8efb1384b2172539d0ed91f2d679d6aa151359102e925f87ec8182d2a90
496f507875a529b613576dd312577e9b7794101ff0a7184015a9d9fd42b87d06
4a70a6e4f5b7d2e76b3a5174528403bfde046edd0acb1186b9d8760ea221875e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
50ad3657dc7d4e79dbce08ae7fee84ace0b119dd852baeb01fa824c60130c962
51c1782a181bb3acc78b433b321ae4a87472c7f264e5c1b14c5b90b9774784b1
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
55271f57733354a571300102e52934ab6d00d6cb33268cfdcca6e9a1fabfe10a
559c041f56a4324314e4e23ed7aec3c9164344e846b07b5be948ae9f7271c661
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7
5ea38fb5add251fac49f394c59e83fd96471fa9d574c3a13acd03310fa6043d0
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f132648e26fcbbeacfbc737e23cdf34f048a22d70e816c7a58605f3debcf9c4
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
64327dcc3914dd9ac08e45ea612eed4b899058ec89f34b29d8145576c3ea3efa
657109ce0d6441d79480e85d82648b80e4980e78388622353848eb07ab0ffe95
68483f961a727be6cf16cd005fef1c172acb25074188ba9328ce8a811b43bdc6
6a074bfa121b9e256df45a84dde254dbb9aee4a43ce63f77c6f0637848af82eb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b99ab37fb5e8540d8968acc1d2cad0ed05b511c4e99174026cc8de40bb3b587
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
6caa5af5d7a38ee0cd8a5c5d5607676480fae2e42f288742157ca4c8494def3e
6cf3d8b564224817bcd1412754de14a9da75185587f47047c878fe0b0ec12b5e
6d889f1d68f582dcab49b1a1f648612f0d01daa4d3bd76e734e79c0bf3f3dd72
715f7c6f45fce02b0672aa020f9c8f6b96a4658e31a45ecb123f23a762ec6389
7346af782bbe5b5c571511676141b576695482a2aa53c400938ef201b5981c81
7528de4f373487c7f3999b83d276379cee1c1cc607a41240bd76fe316091aa24
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78019648f069149488cb2c763d86dcce82ad1e600e2c1909c770efc0be1a2543
78c788842d72e05aff9d1a4eb665235d9c72c4ae953e0a715ce21d9ae5d1b622
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
84125d1a37cd08350c71d2847ecdd6b13212066978341d6666f115ea72512f73
8473eaf9ddbf13b62bab7ea1060db3a48b5dab68d8a880751a970ebd00e42ff7
8586835a5998a7dd38f07bfc9213d74be357f523b9bfff2d37c463fdebe61648
8681014d203e3ca43cd57fe16386952914d0759a239c8708c820be8ebceeabfa
86942be801fc5a474a63018644e5bb6c96c0a2747328a1b87999f84d1b3b9f54
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
89da36867769b4f54e0273692785a7fec286a04456b9ed4f21ecc7ab01936c7b
8b5f88571701095b94afc07f4c4de07be33db36d8cd7d4aa8f90d34ae665b98f
8f3e7e5925dc42da4621ce42327d0571887edf39a82e794b709eab7dd57fbeb0
907199b915791fbb0b4a3104fd3f1095a8bf8d7825b308065ccaa6ea3a912a1e
90a141cc2c2c2bf75e11f691ac386a3e835183998ef252a981e3dbdf49c0f262
93b9d3ca506cba13ec8d643440bb852a8fb8be12bbfde812dc53ef9436b1af2c
93ee1cf33c2f89ea4b40725a3fa6e12ef339841146b9725bab9d7607afd25f39
94c849dad281228761f865b170f223a1ed34a321b92cb49addd0fc3fb9f0fb86
9536bf0efb4eaa234a85106a8a1543d5fbf0b1a48a2a887c2d0d5e370e3f109c
99773537372378cf995e631c7ac70672d9008eb734985f85cddf93ea132a5a1e
9a2b6a1fcf2724d705818d4237c71625643b8c25ced72d6def3b84d9ac8f1f42
9b9f16bfff9caea6e7b6a06128351ed37099539998462b1e2fd64be7491de60b
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e385deb57633b18f216145a994e928f44759845534a6676ca1d4c77c0991f8
a133a247a80328f0c8bd8a25ad1a34ffcaa3b6b2eb4953eed2dda82a0db8f3ae
a1e0e832496a5e992447b90c727a73f57e322129e9a535c2753dfa832035c6be
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3050cd3f6525aafe7b15fbb1bbe8ba1d51853495b43d50b3a62fd00ab81e074
a577f5ee79f09b84a59d236e25095aa02e47522ac79107040c2c92ff41e53ba7
a7a3f5f8abb6b86772c206559f0c398f88e3363e7bbdeae69bc670f961cfb34d
a822a6ae61ad5f04202ce5fe2caeb23fc3f28cc8f348c68bb5bbad1c37e98b61
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
ab1fa701f7f71e91144a3121d115aa2d525dc7490c56d0009719403ec65e3d17
ab4633acb58cc75609531b5eb301aff69bc873f18b25e8f2bde77b0acd1c7325
abcaf427a40877acef435f4777ff7aeb4af5517ecd6ec9d0b4099248de71e0de
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca7ed003254787959c83562ed3561e716dca27e97cdc9ced4f89106073b7beb
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af233099755b93f495d5309de64d8de4be8cbeaf829467c6f343c6290765405c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b677e0fdcbd860cbebc8c37551e05f834c48da20d953fba50345fad6427a8627
b6cf74a8b79c44a7bc435b400f7704246ed5dc79c31bb6defb4b58de5c79f9df
b6e8027cab51f82a3c87c343e3f42db6702788b5812357e01b01088046ea4dc0
b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda
b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245
b7f6e6a7e20688d349ef02c40d6cba6872afa7d8b1bff7b6c5df602dccaa4348
ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d
ba76dadc813053b910de8643b53804babc65017c8ac2ccf6ef3e91c04ef30e18
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0
bd40cc5912fd9a0a70e94e433c9797174091f7559d9713c093eec9d2dbf79e3c
be18a3704ec732baeeccaafcb39e8fb181006e9cfdb883ba048c0bdab66ab114
bf95a592db7a202f5b93dbe166c591037640069f4aa8343ee2e5fab008466b43
c05c4482d09d9e4c287ebeeba762cb0dd1edbfa6af7879224818a336e3199eb5
c22f7baf4445bade8311ba0fb95b51fcf9ad6bfa6e64a02d71a8f26e8cb3d467
c40798203d363da3554c527fe82a700ae242b5c26ff532f64d05af14275c2618
c53d6dc81211bf7c4cb78004c5fb4c6d266ede9f72cb899d4c940c2cb89138ab
c626f8e43cc2841e6fb567811a84d4d961b93f5112e91925b9bac8e73d41c7c5
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
cb23e4ae1bdfa6df85ef60d6ccb6c5a1c183711cc48d53f7806ad8ab08bf05ce
cce6e054d15d14409d564955ec16be3f64f55efb440c69e7276fa8df3b5449fc
cee8c276517a2bfffab161035419b9571fd6e49a04586a668cb90d20355eb884
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d248f431bcc069c16636e35ff10b6e760f9600c0632bb29733631a73b14852f8
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
d6ceb1824f0d1f8ab36164affbe42a2847356090032857f332097bb3329199b6
d9a251c02c498ee7ec9a989ec272568e2c683f939715978226f74f9f09d0f60e
da9d783ebad74b19ea4f10ecf9caaf37b4fc638c2e656d8ac5e294d611a57bfa
dc1b90ef5033cda57fa0dd5c6e49e5f3c442f244672850dbda8a3e0b290c5774
dd0a53c74892b427e1b0e0dff31e91dd8734de8abeef674e3c8dc67a5d14dfed
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e06775da56ca92d7943167883c849bf3e18425f19a316c54531554254a3ef753
e188ad099d51d7ceb1ab620aadd578c4e0d05d9419cf386952ba0f76eef92d78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53dd3a2ab75c6cd6e2b737c0090c429b67a6a2ef7c90b76d16dbe82cc9a78dd
e7bd2020456d0d30aca9366f06a279887b2be01f44019a74d51c83656d0ad73d
e88b010008b5a3a0d66b81edd0d38ec6e69615943382f0ffb58320f368b15a31
ed13fa3f823aeb9e4ef85f0b023d01f8c7f9ee83f34ee38cd7f8597bf98daa59
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eee8b5359f2ba993c5311ebfd8d787f63c6b0fcac0a69dd2dd40f21933c453a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f1ebc78806692a580c16d4a200029758a366c7954c48a4ff0954ff3e1091d9c1
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f30db3530a06b2ae1acfa18944abd1c56eb3299e13229d38aa6ba4efaad72cbf
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f45206737eac638bb52a6adda01ec197e1b62f4e40399fbf2956497308b4b63f
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f7d754162e678fffd2853e29cd5bb53036f234877d6e40f7d8d4aceb368e502b
f8d509f75d93709cde9140a1341d03d85c840490bb5797dd535b5b3e732e071b
f95d6a83a19d73efefc3b8dcf24225b978cd179e2280ff6ee357eeca314996f9
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503
fd63d6a5ec44215e50612d8bea8eff0a12f5d4981ab6745db8d8479f7c102845