www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N...
Effective URL:
https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b13985563...
Submission: On December 24 via api (December 24th 2020, 12:11:01 pm UTC) from DE

Summary HTTP 248 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 59 IPs in 7 countries across 45 domains to perform 248 HTTP transactions. The main IP is 2.18.233.28, located in Ascension Island and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 28th 2020. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.2 199.60.103.2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4 52	2.18.233.28 2.18.233.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 9	2.18.233.169 2.18.233.169	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
10	104.75.88.206 104.75.88.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.21.37.152 2.21.37.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:215... 2600:9000:2156:600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:c200:4:77d:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:215... 2600:9000:2156:9600:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
3	92.122.106.155 92.122.106.155	16625 (AKAMAI-AS) (AKAMAI-AS)
4	184.24.9.204 184.24.9.204	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:5800:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
9	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2 4	2600:9000:212... 2600:9000:2127:d200:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.94.113 143.204.94.113	16509 (AMAZON-02) (AMAZON-02)
9	100.26.6.156 100.26.6.156	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:212... 2600:9000:2127:5000:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	184.31.90.174 184.31.90.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.59.116.27 52.59.116.27	16509 (AMAZON-02) (AMAZON-02)
1	65.9.96.43 65.9.96.43	16509 (AMAZON-02) (AMAZON-02)
1 4	34.241.138.222 34.241.138.222	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
8	54.76.139.236 54.76.139.236	16509 (AMAZON-02) (AMAZON-02)
1	52.212.154.51 52.212.154.51	16509 (AMAZON-02) (AMAZON-02)
5	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
1 1	99.81.11.244 99.81.11.244	16509 (AMAZON-02) (AMAZON-02)
1	80.252.91.53 80.252.91.53	15830 (EQUINIX-C...) (EQUINIX-CONNECT-EMEA)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
2	13.226.89.119 13.226.89.119	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:eb:... 2a02:26f0:eb:3a3::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1 2	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
2 4	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::729 2a04:4e42:3::729	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
9	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2006	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	65.9.7.85 65.9.7.85	16509 (AMAZON-02) (AMAZON-02)
5	2a04:4e42:1b:... 2a04:4e42:1b::539	54113 (FASTLY) (FASTLY)
2	52.49.200.205 52.49.200.205	16509 (AMAZON-02) (AMAZON-02)
1	50.19.224.62 50.19.224.62	14618 (AMAZON-AES) (AMAZON-AES)
17	3.226.16.32 3.226.16.32	14618 (AMAZON-AES) (AMAZON-AES)
2	52.210.126.126 52.210.126.126	16509 (AMAZON-02) (AMAZON-02)
1	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
5	18.235.108.184 18.235.108.184	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4002:c09::78	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:45::8	15169 (GOOGLE) (GOOGLE)
8	2.16.186.24 2.16.186.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
248	59

2 199.60.103.2 (Canada) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2.18.233.28 (Ascension Island) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com

www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.233.169 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.75.88.206 (Netherlands)

ASN16625 (AKAMAI-AS, US)

resourcesssl.newscdn.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.37.152 (France)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-37-152.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:c200:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:9600:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.122.106.155 (Ascension Island)

ASN16625 (AKAMAI-AS, US)

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.24.9.204 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-9-204.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

ts2020-indies-client.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5800:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2127:d200:1e:a43d:b640:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-113.fra50.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 100.26.6.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-6-156.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:5000:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

seccdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.90.174 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-90-174.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.116.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

uconnect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.241.138.222 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-138-222.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.76.139.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.154.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-154-51.eu-west-1.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.11.244 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-11-244.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.252.91.53 (Netherlands)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bcc671d4074fca4a55c00cd5c9c283d0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.89.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-89-119.prg50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:eb:3a3::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f38.1e100.net

8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.89 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::729 (Ascension Island)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.232.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.7.85 (Seattle, United States)

ASN16509 (AMAZON-02, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:1b::539 (Ascension Island)

ASN54113 (FASTLY, US)

manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.200.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-200-205.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.224.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 3.226.16.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.126.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.145 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.235.108.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

newscorpau.hb.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4002:c09::78 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:45::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednee.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.186.24 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

skynewsau-vod.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	heraldsun.com.au 4 redirects www.heraldsun.com.au metrics.heraldsun.com.au	1 MB
32	adsafeprotected.com static.adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com dt.adsafeprotected.com	296 KB
14	googlesyndication.com pagead2.googlesyndication.com bcc671d4074fca4a55c00cd5c9c283d0.safeframe.googlesyndication.com tpc.googlesyndication.com	45 KB
13	doubleclick.net 1 redirects ad.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net 8228261.fls.doubleclick.net googleads.g.doubleclick.net	136 KB
13	imrworldwide.com 2 redirects cdn-gl.imrworldwide.com secure-gl.imrworldwide.com seccdn-gl.imrworldwide.com secure-dcr.imrworldwide.com	93 KB
12	api.news content.api.news	182 KB
11	brightcove.com metrics.brightcove.com edge.api.brightcove.com	8 KB
10	newscdn.com.au resourcesssl.newscdn.com.au	130 KB
9	chartbeat.net ping.chartbeat.net	1 KB
9	news.com.au 1 redirects tags.news.com.au	234 KB
8	akamaized.net skynewsau-vod.akamaized.net	2 MB
6	adnxs.com 2 redirects acdn.adnxs.com secure.adnxs.com ib.adnxs.com	7 KB
5	omtrdc.net newscorpau.hb.omtrdc.net	1 KB
5	boltdns.net cf-images.ap-southeast-2.prod.boltdns.net Failed manifest.prod.boltdns.net	12 KB
5	demdex.net 1 redirects dpm.demdex.net newscorpau.demdex.net	6 KB
4	adsrvr.org js.adsrvr.org insight.adsrvr.org	5 KB
4	google.com adservice.google.com www.google.com	564 B
4	tiqcdn.com tags.tiqcdn.com	21 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	googletagservices.com www.googletagservices.com	85 KB
3	google.de adservice.google.de www.google.de	853 B
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	20 KB
3	newscorpaustralia.com login.newscorpaustralia.com
3	vidora.com assets.vidora.com api.vidora.com	5 KB
2	gvt1.com 1 redirects redirector.gvt1.com r2---sn-4g5ednee.gvt1.com	16 KB
2	googleapis.com imasdk.googleapis.com	109 KB
2	googleadservices.com www.googleadservices.com	24 KB
2	licdn.com snap.licdn.com	3 KB
2	silobreaker.com 1 redirects info.silobreaker.com	3 KB
1	gstatic.com csi.gstatic.com	331 B
1	twitter.com analytics.twitter.com	284 B
1	2mdn.net s0.2mdn.net	11 KB
1	zencdn.net vjs.zencdn.net	7 KB
1	t.co t.co	170 B
1	mookie1.com au-gmtdmp.mookie1.com	608 B
1	googletagmanager.com www.googletagmanager.com	38 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	tealiumiq.com uconnect.tealiumiq.com	454 B
1	newscgp.com au.tags.newscgp.com	48 KB
1	chartbeat.com static.chartbeat.com	23 KB
1	web.app ts2020-indies-client.web.app	3 KB
1	brightcove.net players.brightcove.net	237 KB
1	speedcurve.com cdn.speedcurve.com	7 KB
0	digitaleditions.com.au Failed heraldsun.digitaleditions.com.au Failed
248	45

	Domain	Requested by
40	www.heraldsun.com.au	4 redirects info.silobreaker.com www.heraldsun.com.au
17	dt.adsafeprotected.com	www.heraldsun.com.au
12	content.api.news	www.heraldsun.com.au resourcesssl.newscdn.com.au
10	resourcesssl.newscdn.com.au	www.heraldsun.com.au resourcesssl.newscdn.com.au ts2020-indies-client.web.app
9	metrics.brightcove.com	www.heraldsun.com.au
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
9	ping.chartbeat.net	www.heraldsun.com.au
9	tags.news.com.au	1 redirects resourcesssl.newscdn.com.au tags.tiqcdn.com au.tags.newscgp.com
8	skynewsau-vod.akamaized.net	players.brightcove.net
8	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.heraldsun.com.au static.adsafeprotected.com
7	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net info.silobreaker.com www.heraldsun.com.au
6	cdn-gl.imrworldwide.com	resourcesssl.newscdn.com.au www.heraldsun.com.au seccdn-gl.imrworldwide.com cdn-gl.imrworldwide.com
6	static.adsafeprotected.com	resourcesssl.newscdn.com.au pixel.adsafeprotected.com www.heraldsun.com.au
5	newscorpau.hb.omtrdc.net	tags.news.com.au
5	manifest.prod.boltdns.net	players.brightcove.net
5	metrics.heraldsun.com.au	tags.news.com.au www.heraldsun.com.au
4	secure.adnxs.com	2 redirects www.heraldsun.com.au
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ad.doubleclick.net
4	dpm.demdex.net	1 redirects www.heraldsun.com.au tags.news.com.au
4	secure-gl.imrworldwide.com	2 redirects secure-gl.imrworldwide.com www.heraldsun.com.au
4	tags.tiqcdn.com	www.heraldsun.com.au tags.tiqcdn.com
3	www.google.com	securepubads.g.doubleclick.net www.heraldsun.com.au
3	www.googletagservices.com	securepubads.g.doubleclick.net
3	login.newscorpaustralia.com	www.heraldsun.com.au
2	secure-dcr.imrworldwide.com	www.heraldsun.com.au
2	insight.adsrvr.org	js.adsrvr.org
2	edge.api.brightcove.com	players.brightcove.net
2	imasdk.googleapis.com	players.brightcove.net imasdk.googleapis.com
2	www.google.de	www.heraldsun.com.au
2	px.ads.linkedin.com	1 redirects www.heraldsun.com.au
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com
2	8228261.fls.doubleclick.net	1 redirects info.silobreaker.com
2	snap.licdn.com	info.silobreaker.com snap.licdn.com
2	js.adsrvr.org	secure-ds.serving-sys.com
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	assets.vidora.com	resourcesssl.newscdn.com.au assets.vidora.com
2	info.silobreaker.com	1 redirects
1	r2---sn-4g5ednee.gvt1.com
1	redirector.gvt1.com	1 redirects
1	csi.gstatic.com	imasdk.googleapis.com
1	ib.adnxs.com	www.heraldsun.com.au
1	api.vidora.com	resourcesssl.newscdn.com.au
1	analytics.twitter.com	static.ads-twitter.com
1	s0.2mdn.net	imasdk.googleapis.com
1	vjs.zencdn.net	players.brightcove.net
1	www.linkedin.com	1 redirects
1	t.co	www.heraldsun.com.au
1	au-gmtdmp.mookie1.com	www.heraldsun.com.au
1	acdn.adnxs.com	info.silobreaker.com
1	www.googletagmanager.com	secure-ds.serving-sys.com
1	static.ads-twitter.com	info.silobreaker.com
1	bcc671d4074fca4a55c00cd5c9c283d0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	cdn.adsafeprotected.com	tags.news.com.au
1	uconnect.tealiumiq.com	www.heraldsun.com.au
1	seccdn-gl.imrworldwide.com	tags.news.com.au
1	au.tags.newscgp.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	ad.doubleclick.net	tags.tiqcdn.com
1	ts2020-indies-client.web.app	www.heraldsun.com.au
1	players.brightcove.net	resourcesssl.newscdn.com.au
1	cdn.speedcurve.com	www.heraldsun.com.au
0	cf-images.ap-southeast-2.prod.boltdns.net Failed	www.heraldsun.com.au
0	heraldsun.digitaleditions.com.au Failed	www.heraldsun.com.au
248	70

This site contains links to these domains. Also see Links.

Domain
www.plusrewards.com.au
myaccount.heraldsun.com.au
www.escape.com.au
supercoach.com.au
tips.com.au
supercoach.heraldsun.com.au
www.facebook.com
www.twitter.com
www.instagram.com
heraldsun.com.au
myaccount.news.com.au
www.newsletters.news.com.au
www.mytributes.com.au
www.newscorpaustralia.com
www.newsphotos.com.au
www.newsconcierge.com.au
www.dailytelegraph.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.news.com.au
www.theaustralian.com.au
www.themercury.com.au
www.geelongadvertiser.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.townsvillebulletin.com.au
www.thechronicle.com.au
www.ntnews.com.au
www.weeklytimesnow.com.au
www.buysearchsell.com.au
leader.local.heraldsun.com.au
www.foxsports.com.au
www.foxtel.com.au
hipages.com.au
kayosports.com.au
www.punters.com.au
www.odds.com.au
www.racenet.com.au
apps.apple.com
play.google.com
preferences.news.com.au
vip.wordpress.com

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
news.com.au DigiCert SHA2 Secure Server CA	`2020-09-28` - `2021-09-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2020	`2020-12-09` - `2022-01-10`	a year	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-10-03`	a year	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
*.vidora.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
web.app GTS CA 1O1	`2020-04-15` - `2021-04-14`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
au.tags.newscgp.com Amazon	`2020-02-08` - `2021-03-08`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
*.tealiumiq.com Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
metrics.heraldsun.com.au DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2021-07-15`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
osff.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-17` - `2021-12-08`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
metrics.brightcove.com GTS CA 1D2	`2020-12-01` - `2021-03-01`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.api.brightcove.com Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
brightcove.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-28` - `2021-04-20`	7 months	crt.sh
vidora.com Let's Encrypt Authority X3	`2020-11-03` - `2021-02-01`	3 months	crt.sh
dt.adsafeprotected.com Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.hb.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2019-12-11` - `2021-12-15`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2020-12-08` - `2021-02-16`	2 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&nk=d20917be950c715c9fb91eb5bd855e20-1608811836
Frame ID: 26FA862D81116AA06E7F83E931C70377
Requests: 200 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=9HmMN-_BAApXEy-SRkneNF6nrAX0pQ7G&nonce=rhpZzXQoPsZDUa69FgTHtRGx8cPBEp2k&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: CE3771CBC7EECFD446670E938CB670A1
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=_~NbpQ5PixilXZmIOQvkSzXPvP0gZOul&nonce=-bThooA0_THTzQbUrx8ha.AzOQzOzB-i&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 3953DEFF137447F2C08D1816098BB7C7
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ikswuKprvC~mD6r1X1IPOiX6ONq3srNE&nonce=aAoD0k763AI15IQGcvCD5h5ePNXqeUFR&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 59D929838C443F87448DD6E10390B0E8
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 54277B3F2DA0ACE4EE10CB9D03D6F533
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 671B751968E865AEAAB2DDD2D6FCF7D1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvA9GXd6CvP-2FGlq_ODYp2ea5EDcH4k349CRBaW9ij1V_zLjHBhLn1nmWDU7ozgfGDuZiUhC2zCN56uRopkJ95yJM9l6u5CwMdr4wKEcPBQnP0jqH7R6Nrs60M-SLsc0aDNrVNHuLTCDB8egTLYZ0cZtU51jJTrTodBhggluq0snpgC46Fd_D3HoaDPgew2-0Ykk1JF2wxjNW6ObLdEGafaDiaqIo4IEOUpkD8cw4oUViCGJG0xWm-tYHS8AiKYr3kmWBpL2JHZ_7jilIdLynVRg&sig=Cg0ArKJSzISU3W46S8PLEAE&adurl=
Frame ID: B4EC3D8AA93B55A8481D10FF1EE9E823
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIgSWeC-voCTy5bfQCzRyySaO-zUHInbi13nDnzXCXmdmfKpu-xPHol9woUfXvDkf-P0-FA5LvdQYbikP0nrsjfvC6ofQVQAQErB8B-pTEF1vxyC7nsBzgbnVjW8FapA-3FeSKEb5edNgu_GxqBff5Ma_VnvfGgpkxkjp9dmHMoIusTGj_IDoqa-WwNe1gO0ulCpQWIyE86sqaWY5izmc22tyVT1I77KjDuTrWmjagSEdKnWhdXexUmdLsMVG7xwOuVwLxyYKVQGQ-gSMIjqx9gQ&sig=Cg0ArKJSzD3ukH1je0j6EAE&adurl=
Frame ID: 425AF8742A62D4DA9833BB8B1A04F293
Requests: 7 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 6B456AF960736E27C2FB9805DCA9A7F8
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 048B481FF07F9F0960536B04F47B2B7E
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: CD803A96FFC5027D8C0F685F8C2DBF1F
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 83EAE97D80EA47B58C9EF0280B5B2172
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 50600CA3C1E64839D1974892648B6753
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 4392D41F215F81842C9C1EABBA2EBF07
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKSU-JPL5u0CFYuKdwodWxoH3g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5396221498315.712
Frame ID: 66F66D2A2B7C7D74E5156D419BDDB525
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 35E25DBF2B2C3F939BE6A3B8996FF80A
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 6620124083A3BC7D3A38B5C8BCCB1D47
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 16049690A8DE5943444ABD5D1D38D0C4
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1718546796&custom=video&custom3=168400391&adsafe_par&impId=0a7cef6a-45e1-11eb-ab0d-06a809c23df0
Frame ID: 49A2322D222E429046034E56827C8DB3
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=2108448675&custom=video&custom3=168400391&adsafe_par&impId=0a7cef6b-45e1-11eb-ab0d-06a809c23df0
Frame ID: 46A0F869548023FECFE8DD02D372F93A
Requests: 2 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 3EF5CCE32590FB5385AC0443D062B22D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.432.0_en.html
Frame ID: 2A64B69C5A2A5739D534D1F4C9B7313A
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&upid=trk7f24&upv=1.1.0
Frame ID: 3B210489E78A22DC71043079F66FFE31
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&upid=ekg5qxt&upv=1.1.0
Frame ID: D075D56BA2893F7C4841D3F4AEEDFC1F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: EFA6FCD182D91B9C6DB3F00D46120CE6
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 4E52B22E739B53A0114CCF5F25475D0F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 91EA74E0AA83BE64D6CFC2B18FCE7F19
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 340D63753DAF04345F6C415214A983C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_5... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1... HTTP 307
https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/4929... HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnat... HTTP 302
https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/4929... HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews... HTTP 302
https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/4929... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

248
Requests

95 %
HTTPS

36 %
IPv6

45
Domains

70
Subdomains

59
IPs

7
Countries

4900 kB
Transfer

8018 kB
Size

7
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://www.plusrewards.com.au/heraldsun/offers
Title: Rewards

Search URL Search Domain Scan URL

URL: https://myaccount.heraldsun.com.au/s
Title: My account

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/
Title: Travel

Search URL Search Domain Scan URL

URL: https://supercoach.com.au/
Title: SuperCoach

Search URL Search Domain Scan URL

URL: http://tips.com.au/afl/?source_code=HSWEB_TIP1271
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/racing
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/nrl
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://tips.com.au/nrl/
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heraldsun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/theheraldsun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldsunphoto

Search URL Search Domain Scan URL

URL: http://heraldsun.com.au/help-rss

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_GCRACA_W52&hideRegistrationTnC=true
Title: Group/Corporate subscriptions

Search URL Search Domain Scan URL

URL: https://www.newsletters.news.com.au/heraldsun
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.mytributes.com.au/
Title: My Tributes

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/careers
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_SDO_SDO5A_M01
Title: Subscription terms

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_LAPP_17A_W04#subscribe
Title: App only subscription terms

Search URL Search Domain Scan URL

URL: http://www.newsphotos.com.au/C.aspx?VP3=CMS3&VF=Home
Title: Photo Sales

Search URL Search Domain Scan URL

URL: https://www.newsconcierge.com.au/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: The Daily Telegraph

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: Courier Mail

Search URL Search Domain Scan URL

URL: http://www.adelaidenow.com.au/
Title: The Advertiser

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: The Australian

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: The Mercury

Search URL Search Domain Scan URL

URL: https://www.geelongadvertiser.com.au/
Title: Geelong Advertiser

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: The Cairns Post

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: Gold Coast Bulletin

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: Townsville Bulletin

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: The Chronicle

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: NT News

Search URL Search Domain Scan URL

URL: https://www.weeklytimesnow.com.au/
Title: The Weekly Times

Search URL Search Domain Scan URL

URL: https://www.buysearchsell.com.au/
Title: Buy Search Sell

Search URL Search Domain Scan URL

URL: http://leader.local.heraldsun.com.au/
Title: Find Your Local

Search URL Search Domain Scan URL

URL: http://www.foxsports.com.au/
Title: Foxsports

Search URL Search Domain Scan URL

URL: https://www.foxtel.com.au/index.html
Title: Foxtel

Search URL Search Domain Scan URL

URL: https://hipages.com.au/
Title: Hipages

Search URL Search Domain Scan URL

URL: https://kayosports.com.au/
Title: Kayo

Search URL Search Domain Scan URL

URL: https://www.punters.com.au/
Title: Punters

Search URL Search Domain Scan URL

URL: https://www.odds.com.au/
Title: odds.com.au

Search URL Search Domain Scan URL

URL: https://www.racenet.com.au/
Title: racenet.com.au

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/herald-sun/id392582225

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newscorp.heraldsun

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##collect
Title: Find out more about our policy and your choices, including how to opt-out.

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##optout
Title: Relevant ads opt-out

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30KC3g70q0J8W1xQvD64np7CsW1vtPKz8MKMFtW80Dksm5YgWRdW8lR-v85T2_5yN8RHySKrHNQwW7mS-wK65Lv-QW87jNg73nhFQMW84mlcj7PTRhLW49KZBR5vtR4ZW5NBYRk5Vwp_fW2j5lHQ1VfT1mW5ZWfm68znDmNW36pslJ2Mhnt5N8tRBVd5pgf7W8mf0_B3zFw2SVDvrKq58s7bmW6Ml3z45klL-SW7t6FPs1KLbWyN8fXJWr8KhZwN2w5fYzz8GX4W8r31W84w0BfZN9kqM_3cv_T-W6Y5-rq5989cW3bdN1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30KC3g70q0J8W1xQvD64np7CsW1vtPKz8MKMFtW80Dksm5YgWRdW8lR-v85T2_5yN8RHySKrHNQwW7mS-wK65Lv-QW87jNg73nhFQMW84mlcj7PTRhLW49KZBR5vtR4ZW5NBYRk5Vwp_fW2j5lHQ1VfT1mW5ZWfm68znDmNW36pslJ2Mhnt5N8tRBVd5pgf7W8mf0_B3zFw2SVDvrKq58s7bmW6Ml3z45klL-SW7t6FPs1KLbWyN8fXJWr8KhZwN2w5fYzz8GX4W8r31W84w0BfZN9kqM_3cv_T-W6Y5-rq5989cW3bdN1?_ud=a84ea48f-c7a5-414e-b867-eb26aefba638&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2fqantas-investigates-how-employee-contracted-covid19%2fvideo%2f49292d6899d6926b1398556364387f61%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk HTTP 302
https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2fqantas-investigates-how-employee-contracted-covid19%2fvideo%2f49292d6899d6926b1398556364387f61%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&16088118281813248539 HTTP 302
https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&nk=d20917be950c715c9fb91eb5bd855e20-1608811836 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.heraldsun.com.au/digitalprinteditions HTTP 301
https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F HTTP 0
http://heraldsun.digitaleditions.com.au/

Request Chain 32

https://www.heraldsun.com.au/subscribe HTTP 301
https://www.heraldsun.com.au/subscribe/news/1/?utm_medium=press&utm_source=vanity&utm_campaign=acq_bau_generic_use&utm_content=press&sourceCode=HSWEB_PRS100

Request Chain 74

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 84

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608811840895 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608811840895

Request Chain 94

https://cm.everesttech.net/cm/dd?d_uuid=17299438506847935750942565946102091502 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X_SFQQAAAD8F4xXj

Request Chain 102

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608811841133&ci=newscorp&js=1&cg=0&ts=ggng510.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&sr=1600x1200&id=lstrg-bd20c3a345290484995052eebab80703&tz=1 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608811841133&ci=newscorp&js=1&cg=0&ts=ggng510.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&sr=1600x1200&id=lstrg-bd20c3a345290484995052eebab80703&tz=1&ja=1

Request Chain 122

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5396221498315.712 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKSU-JPL5u0CFYuKdwodWxoH3g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5396221498315.712

Request Chain 125

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Request Chain 126

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Request Chain 139

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608811841405 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1608811841405%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608811841405&liSync=true

Request Chain 214

https://redirector.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1608833447/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/8DC8CF59C085DE9059A5EA1D5C11CC60E988806E.4642AA1ACBA452646DFEBA22DDFA66220D2B8134/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5ednee.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1608833447/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/23D10E4D6051C6DC6F2A2BBDF09D9133AD571EA9.189C13D1AF705F894FFD96C374D15932529D9471/key/cms1/cms_redirect/yes/mh/Bl/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5ednee/ms/nvh/mt/1608811219/mv/m/mvi/2/pl/40/file/file.mp4

248 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30KC3g70q0J8W1xQvD64np7CsW1vtPKz8MKMFtW80Dksm5YgWRdW8lR-v8... Show response
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 103ms
103ms Document
text/html 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30KC3g70q0J8W1xQvD64np7CsW1vtPKz8MKMFtW80Dksm5YgWRdW8lR-v85T2_5yN8RHySKrHNQwW7mS-wK65Lv-QW87jNg73nhFQMW84mlcj7PTRhLW49KZBR5vtR4ZW5NBYRk5Vwp_fW2j5lHQ1VfT1mW5ZWfm68znDmNW36pslJ2Mhnt5N8tRBVd5pgf7W8mf0_B3zFw2SVDvrKq58s7bmW6Ml3z45klL-SW7t6FPs1KLbWyN8fXJWr8KhZwN2w5fYzz8GX4W8r31W84w0BfZN9kqM_3cv_T-W6Y5-rq5989cW3bdN1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.2 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b81d31845c0af8598be3f409d10b01e8f28309f8d1f60cac1f2a6151c5d44a68

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30KC3g70q0J8W1xQvD64np7CsW1vtPKz8MKMFtW80Dksm5YgWRdW8lR-v85T2_5yN8RHySKrHNQwW7mS-wK65Lv-QW87jNg73nhFQMW84mlcj7PTRhLW49KZBR5vtR4ZW5NBYRk5Vwp_fW2j5lHQ1VfT1mW5ZWfm68znDmNW36pslJ2Mhnt5N8tRBVd5pgf7W8mf0_B3zFw2SVDvrKq58s7bmW6Ml3z45klL-SW7t6FPs1KLbWyN8fXJWr8KhZwN2w5fYzz8GX4W8r31W84w0BfZN9kqM_3cv_T-W6Y5-rq5989cW3bdN1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:27 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=ddd6af78e865944f3dc0c8f3c4797e8a71608811827; expires=Sat, 23-Jan-21 12:10:27 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=f69a5f0b1897b9d2658b2ae1f5e6540f182f61f5-1608811827; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 606a38224bb6cdb7-CDG
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 073641696d0000cdb7e9316000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request 49292d6899d6926b1398556364387f61 Show response
www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30K...
https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_...
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2fqantas-investigates-how-employee-contracted-covid19%2fvideo%2f49292d6899d6926b139855...
https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2fqantas-investigates-how-employee-contracted-covid19%2fvideo%2f49292d6899d6926b1398...
https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_...

203 KB
43 KB

3426ms
3425ms

Document
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&nk=d20917be950c715c9fb91eb5bd855e20-1608811836

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30KC3g70q0J8W1xQvD64np7CsW1vtPKz8MKMFtW80Dksm5YgWRdW8lR-v85T2_5yN8RHySKrHNQwW7mS-wK65Lv-QW87jNg73nhFQMW84mlcj7PTRhLW49KZBR5vtR4ZW5NBYRk5Vwp_fW2j5lHQ1VfT1mW5ZWfm68znDmNW36pslJ2Mhnt5N8tRBVd5pgf7W8mf0_B3zFw2SVDvrKq58s7bmW6Ml3z45klL-SW7t6FPs1KLbWyN8fXJWr8KhZwN2w5fYzz8GX4W8r31W84w0BfZN9kqM_3cv_T-W6Y5-rq5989cW3bdN1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

68d6cdbb96f4426305433e791d6edab37b560be57a20386a11e4126bae582dae

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.heraldsun.com.au
:scheme: https
:path: /news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&nk=d20917be950c715c9fb91eb5bd855e20-1608811836
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: n_regis=123456789
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30KC3g70q0J8W1xQvD64np7CsW1vtPKz8MKMFtW80Dksm5YgWRdW8lR-v85T2_5yN8RHySKrHNQwW7mS-wK65Lv-QW87jNg73nhFQMW84mlcj7PTRhLW49KZBR5vtR4ZW5NBYRk5Vwp_fW2j5lHQ1VfT1mW5ZWfm68znDmNW36pslJ2Mhnt5N8tRBVd5pgf7W8mf0_B3zFw2SVDvrKq58s7bmW6Ml3z45klL-SW7t6FPs1KLbWyN8fXJWr8KhZwN2w5fYzz8GX4W8r31W84w0BfZN9kqM_3cv_T-W6Y5-rq5989cW3bdN1

Response headers

server: nginx
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=JKlLfo45qBFvUJBDwKk5L4pbrOK3o1GWVC1rt6wyCQbvESyeCRe20ETg9XTcUIF+lr9I7GgAp8q+iibLUVAnBHMb7Q/IEOR80AtoW/YBIa3n/enThzBH0eKPZ0OA; Expires=Thu, 31 Dec 2020 12:10:36 GMT; Path=/ nk=d20917be950c715c9fb91eb5bd855e20; expires=Sun, 24 Dec 2023 12:10:38 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=JKlLfo45qBFvUJBDwKk5L4pbrOK3o1GWVC1rt6wyCQbvESyeCRe20ETg9XTcUIF+lr9I7GgAp8q+iibLUVAnBHMb7Q/IEOR80AtoW/YBIa3n/enThzBH0eKPZ0OA; Expires=Thu, 31 Dec 2020 12:10:36 GMT; Path=/; SameSite=None; Secure
x-powered-by: WordPress VIP <https://wpvip.com>
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2fqantas-investigates-how-employee-contracted-covid19%2fvideo%2f49292d6899d6926b1398556364387f61%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk%26nk%3dd20917be950c715c9fb91eb5bd855e20-1608811836&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=49292d6899d6926b1398556364387f61&session=d20917be950c715c9fb91eb5bd855e20
x-arrrg5: BlaizeHappened
x-rq: ewr4 112 153 3222
x-xss-protection: 1
x-content-type-options: nosniff
host-header: a9130478a60e5f9135f765b23f26593b
content-encoding: gzip
expires: Thu, 24 Dec 2020 12:10:39 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Thu, 24 Dec 2020 12:10:39 GMT
content-length: 42284

Redirect headers

server: AkamaiGHost
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&nk=d20917be950c715c9fb91eb5bd855e20-1608811836
set-cookie: nk=d20917be950c715c9fb91eb5bd855e20; expires=Sun, 24 Dec 2023 12:10:36 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version: 1.0
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
expires: Thu, 24 Dec 2020 12:10:36 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Thu, 24 Dec 2020 12:10:36 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 1 B
593 B 198ms
198ms Stylesheet
text/css 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&nk=d20917be950c715c9fb91eb5bd855e20-1608811836

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-rq: ewr4 114 53 3167
last-modified: Fri, 06 Nov 2020 23:21:49 GMT
server: nginx
etag: "5fa5da8d-1"
vary: User-Agent
content-type: text/css
expires: Thu, 24 Dec 2020 12:10:41 GMT
cache-control: max-age=1
date: Thu, 24 Dec 2020 12:10:40 GMT
is-https: true
content-length: 1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 22 KB
7 KB 33ms
9ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.speedcurve.com/js/lux.js?id=338391603

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

2f268d279a69b0e891b11ca271274581c29904060421bde47e2be30886a3f20c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
age: 1492
x-cache: HIT
content-length: 6924
x-served-by: cache-hhn4043-HHN
access-control-allow-origin: *
last-modified: Thu, 24 Dec 2020 11:45:47 GMT
server: Apache
x-timer: S1608811840.884555,VS0,VE0
date: Thu, 24 Dec 2020 12:10:39 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 31 Dec 2020 11:45:47 GMT
cache-control: max-age=604800
x-ua-compatible: IE=edge
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
4 KB 32ms
31ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:39 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 3055
x-rq: bom2 116 215 3090
last-modified: Fri, 06 Nov 2020 23:30:15 GMT
server: nginx
etag: W/"5fa5dc87-1f69"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1166793
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 07 Jan 2021 00:17:12 GMT

GET
H2 200 4e9159fe1881cf13abae9dd471fef2ba
content.api.news/v3/images/bin/ 94 KB
94 KB 775ms
445ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/4e9159fe1881cf13abae9dd471fef2ba
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a2b87bdb1a501267eb79ee316d884e77b2e1e682a43b2adc02487815c44d907c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 4e9159fe1881cf13abae9dd471fef2ba
date: Thu, 24 Dec 2020 12:10:40 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 305112aebb62b62234d4351e6c0001e6-4e9159fe1881cf13abae9dd471fef2ba-0
x-serial: 979
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5133285
last-modified: Wed, 23 Dec 2020 22:05:48 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 96060
expires: Sun, 21 Feb 2021 22:05:25 GMT

GET
H2 200 heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
3 KB 32ms
32ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:39 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2891
x-rq: ewr4 119 85 3119
last-modified: Tue, 01 Dec 2020 22:01:54 GMT
server: nginx
etag: W/"5fc6bd52-1e5e"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1178383
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 07 Jan 2021 03:30:22 GMT

GET
H2 200 js-critical-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 230ms
230ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

835214a28209e3b776b04069672544fd53a1b20b54f61f659d856768f717dd51

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2509
x-rq: ewr1 114 88 3108
last-modified: Wed, 16 Dec 2020 03:47:38 GMT
server: nginx
etag: W/"5fd9835a-17c3"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=26
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 24 Dec 2020 12:11:06 GMT

GET
H2 200 title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 540 B
860 B 47ms
9ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&nk=d20917be950c715c9fb91eb5bd855e20-1608811836
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:39 GMT
last-modified: Wed, 16 Sep 2020 23:56:43 GMT
server: AmazonS3
x-amz-request-id: 4R7K4V2MCP8N6R9R
etag: "4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=435954
accept-ranges: bytes
content-length: 540
x-amz-id-2: yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
expires: Tue, 29 Dec 2020 13:16:33 GMT

GET
H2 200 49292d6899d6926b1398556364387f61
www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/ 64 KB
64 KB 2344ms
2343ms Image
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 42268
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 153 3222
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2fqantas-investigates-how-employee-contracted-covid19%2fvideo%2f49292d6899d6926b1398556364387f61%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk%26nk%3dd20917be950c715c9fb91eb5bd855e20-1608811836&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=49292d6899d6926b1398556364387f61&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 47ms
10ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&nk=d20917be950c715c9fb91eb5bd855e20-1608811836
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:39 GMT
last-modified: Tue, 22 Sep 2020 06:30:09 GMT
server: AmazonS3
x-amz-request-id: B9F079BFD69B8BC1
etag: "c85615b296302af51e683eecb5e371d4"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=120652
accept-ranges: bytes
content-length: 15948
x-amz-id-2: DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
expires: Fri, 25 Dec 2020 21:41:31 GMT

GET
H2 200 charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 52ms
15ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&nk=d20917be950c715c9fb91eb5bd855e20-1608811836
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:39 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 03A09A05F9B00284
etag: "c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=257337
accept-ranges: bytes
content-length: 11472
x-amz-id-2: 7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
expires: Sun, 27 Dec 2020 11:39:36 GMT

GET
H2 200 source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 52ms
16ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&nk=d20917be950c715c9fb91eb5bd855e20-1608811836
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:39 GMT
last-modified: Tue, 01 Sep 2020 04:31:33 GMT
server: AmazonS3
x-amz-request-id: 34B4778288C88CAA
etag: "899c8f78ce650d4009d42443897aa723"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=561095
accept-ranges: bytes
content-length: 16112
x-amz-id-2: 0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
expires: Thu, 31 Dec 2020 00:02:14 GMT

GET
H2 200 title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 535 B
855 B 10ms
9ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&nk=d20917be950c715c9fb91eb5bd855e20-1608811836
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:39 GMT
last-modified: Thu, 17 Sep 2020 00:28:25 GMT
server: AmazonS3
x-amz-request-id: BX6X5G9GEK1G9M4M
etag: "b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=491228
accept-ranges: bytes
content-length: 535
x-amz-id-2: DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
expires: Wed, 30 Dec 2020 04:37:47 GMT

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 248 KB
78 KB 525ms
525ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "f1b190419095215938ba092e3e98262e:1606882430.472598"
vary: User-Agent, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=800
date: Thu, 24 Dec 2020 12:10:40 GMT
is-https: true
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 24 Dec 2020 12:24:00 GMT

GET
H2 200 js-metro-desktop-lazy.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 45 KB
15 KB 189ms
188ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dce8f620d091cc7d9a087aa5e31f9e0bb86b2ae0ef3c21c3765e54db09d0f67c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 14199
x-rq: ewr4 119 71 3102
last-modified: Wed, 16 Dec 2020 03:47:36 GMT
server: nginx
etag: W/"5fd98358-b347"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 24 Dec 2020 12:10:41 GMT

GET
H2 200 player.js Show response
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 218 KB
54 KB 10ms
10ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddfba7b7a35ae0d6e69aaad67803bb6c14079180abeb3c20ac5fe109616bf1b7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
last-modified: Mon, 14 Dec 2020 01:24:26 GMT
server: AmazonS3
x-amz-request-id: A2A6677260E37F1F
etag: "b048c2509d423af8dab7854a0467aee0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=596
accept-ranges: bytes
content-length: 54540
x-amz-id-2: j/hS+uXBYfa9f5sz/x3fPPzSOI2+wgk6TIVUCRfa/2/RedBdnJrsuWxou/5qAZcgZAl2jEASMeY=
expires: Thu, 24 Dec 2020 12:20:36 GMT

GET
H2 200 js-videohub-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 29 KB
10 KB 187ms
186ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-videohub-desktop.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0976b04038b9645197a455da158f117d8d14bae591f72c7f26f5c99191d9e777

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 9174
x-rq: ewr4 114 120 3113
last-modified: Wed, 16 Dec 2020 03:47:46 GMT
server: nginx
etag: W/"5fd98362-7241"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 24 Dec 2020 12:10:41 GMT

GET

/
heraldsun.digitaleditions.com.au/
Redirect Chain

https://www.heraldsun.com.au/digitalprinteditions
https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F
http://heraldsun.digitaleditions.com.au/

0
0

GET
H2 200 /
www.heraldsun.com.au/tributes/ 0
31 KB 1704ms
1696ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/tributes/

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx/1.12.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
etag: "de49544ad3e5fe5a536ca8dd0dcabb9d"
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-subscribed: False
is-https: true
x-forwarded-proto: https
x-device: desktop
x-ua-compatible: IE=edge,chrome=1
x-arrrg5: BlaizeHappened
server: nginx/1.12.1
date: Thu, 24 Dec 2020 12:10:41 GMT
vary: User-Agent, Accept-Encoding
x-varnish: 621916153 623887404
access-control-allow-origin: http://heraldsun.finda.production.apnarm.net.au
cache-control: max-age=49
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2ftributes%2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=d20917be950c715c9fb91eb5bd855e20
content-length: 30322
content-type: text/html; charset=utf-8
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 24 Dec 2020 12:11:30 GMT

GET
H2 200 /
www.heraldsun.com.au/subscribe/news/1/ 0
1 KB 328ms
320ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?int_medium=display&int_source=site-link&int_campaign=acq_onsite_login&int_content=link&sourceCode=HSWEB_ONS538

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Thu, 24 Dec 2020 12:10:40 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2731
is-https: true
ssl: yes
content-length: 912
expires: Thu, 24 Dec 2020 12:56:11 GMT

GET
H2 200 49292d6899d6926b1398556364387f61
www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/ 0
43 KB 3254ms
3246ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 42268
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 153 3222
server: nginx
date: Thu, 24 Dec 2020 12:10:43 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:43 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2fqantas-investigates-how-employee-contracted-covid19%2fvideo%2f49292d6899d6926b1398556364387f61%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=49292d6899d6926b1398556364387f61&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 /
www.heraldsun.com.au/ 0
63 KB 2056ms
2048ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 115 233 3111
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 leader
www.heraldsun.com.au/ 0
70 KB 2058ms
2050ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/leader

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 119 100 3097
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=leader&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 victoria
www.heraldsun.com.au/news/ 0
51 KB 1999ms
1992ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/victoria

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 113 43 3167
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=victoria&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 national
www.heraldsun.com.au/news/ 0
53 KB 2009ms
2002ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/national

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 113 203 3271
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=national&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 world
www.heraldsun.com.au/news/ 0
55 KB 2038ms
2031ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/world

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 114 53 3172
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=world&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 opinion
www.heraldsun.com.au/news/ 0
60 KB 2054ms
2047ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/opinion

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 114 120 3113
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=opinion&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 business
www.heraldsun.com.au/ 0
53 KB 2002ms
1995ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/business

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 118 150 3094
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fbusiness&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=business&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 entertainment
www.heraldsun.com.au/ 0
55 KB 2037ms
2030ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/entertainment

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 120 3185
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=entertainment&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 lifestyle
www.heraldsun.com.au/ 0
51 KB 2002ms
1995ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/lifestyle

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 113 203 3271
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=lifestyle&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 sport
www.heraldsun.com.au/ 0
69 KB 2002ms
1996ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/sport

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 151 3108
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=sport&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-akamai-transformed: 9 395906 0 pmb=mRUM,1
expires: Thu, 24 Dec 2020 12:10:42 GMT

GET
H2 200 news
www.heraldsun.com.au/ 0
53 KB 2143ms
2137ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 114 53 3172
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=news&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/subscribe
https://www.heraldsun.com.au/subscribe/news/1/?utm_medium=press&utm_source=vanity&utm_campaign=acq_bau_generic_use&utm_content=press&sourceCode=HSWEB_PRS100

0
1 KB

197ms
197ms

Other
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?utm_medium=press&utm_source=vanity&utm_campaign=acq_bau_generic_use&utm_content=press&sourceCode=HSWEB_PRS100

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Thu, 24 Dec 2020 12:10:41 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1724
is-https: true
ssl: yes
content-length: 912
expires: Thu, 24 Dec 2020 12:39:25 GMT

Redirect headers

date: Thu, 24 Dec 2020 12:10:40 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?utm_medium=press&utm_source=vanity&utm_campaign=acq_bau_generic_use&utm_content=press&sourceCode=HSWEB_PRS100
expires: Thu, 24 Dec 2020 12:10:40 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=subscribe&session=d20917be950c715c9fb91eb5bd855e20
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 app
www.heraldsun.com.au/help/ 0
43 KB 1996ms
1990ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/help/app

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 42986
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 153 3222
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fhelp%2fapp&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=app&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET digitalprinteditions
www.heraldsun.com.au/ 0
0

GET
H2 200 about
www.heraldsun.com.au/help/ 0
43 KB 1963ms
1957ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/help/about

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 113 245 3125
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fhelp%2fabout&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=about&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 journalists
www.heraldsun.com.au/ 0
133 KB 2692ms
2686ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/journalists

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 151 3108
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fjournalists&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=journalists&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 code-of-conduct
www.heraldsun.com.au/help/ 0
48 KB 950ms
944ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/help/code-of-conduct

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 118 215 3096
server: nginx
date: Thu, 24 Dec 2020 12:10:41 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:41 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fhelp%2fcode-of-conduct&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=code-of-conduct&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 my-account
www.heraldsun.com.au/help/ 0
43 KB 1986ms
1980ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/help/my-account

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 42330
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 114 88 3108
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fhelp%2fmy-account&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=my-account&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 financial-hardship
www.heraldsun.com.au/help/ 0
42 KB 2682ms
2676ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/help/financial-hardship

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 41585
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 153 3222
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fhelp%2ffinancial-hardship&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=financial-hardship&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 contact-us
www.heraldsun.com.au/help/ 0
46 KB 2697ms
2691ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/help/contact-us

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 120 3185
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fhelp%2fcontact-us&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=contact-us&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 storytips
www.heraldsun.com.au/help/ 0
41 KB 1969ms
1964ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/help/storytips

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 40919
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 116 149 3114
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fhelp%2fstorytips&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=storytips&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 help
www.heraldsun.com.au/ 0
41 KB 2694ms
2690ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/help

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 41007
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 116 88 3188
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fhelp&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=help&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 letter-to-the-editor
www.heraldsun.com.au/news/opinion/ 0
41 KB 1971ms
1966ms Other
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/opinion/letter-to-the-editor

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 40947
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 113 203 3271
server: nginx
date: Thu, 24 Dec 2020 12:10:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: max-age=0, no-cache
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion%2fletter-to-the-editor&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=letter-to-the-editor&session=d20917be950c715c9fb91eb5bd855e20
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 player.css
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 134 KB
23 KB 26ms
25ms Stylesheet
text/css 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.css
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc46316f86170bc177dfc0046bc95d6d13d8c2c5f6565a7833d947ee0abefd99

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
last-modified: Mon, 14 Dec 2020 01:24:26 GMT
server: AmazonS3
x-amz-request-id: BD7C86FD4C2C4BED
etag: "f79cdbf4274b7d23a3dac9597a644fbb"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1102
accept-ranges: bytes
content-length: 23229
x-amz-id-2: 2h3xjaxBO9ya4ivbxm3T4n6hhLtMYqkrXwKpO4cMRKZ8GpCJYvPrtZB+tjuZCUTh/MpQeEMxDoU=
expires: Thu, 24 Dec 2020 12:29:02 GMT

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5348771529001/KjZtYFggZ_default/ 867 KB
237 KB 9ms
8ms Script
application/javascript 2.21.37.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.152 , France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-37-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 50ad3657dc7d4e79dbce08ae7fee84ace0b119dd852baeb01fa824c60130c962

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _xvh2bgkY3Az7S31oZH0LKN6E4VyieRo
Content-Encoding: gzip
ETag: "4740ebc28da997405fbff7ecd9730c42"
x-amz-request-id: DTCV4ZAK9V2X4PBJ
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 241889
x-amz-id-2: PPac4Y0mHYphkYUug3WLmzUS5VY2NfB1EX+oBU1WdxZII/FhURzgDeHAaGuAbchQfwQ27QNC2FY=
X-BCOV-Response-Mode: 1
X-Served-By: cache-dca17751-DCA
Last-Modified: Wed, 01 Jul 2020 23:52:15 GMT
Server: AmazonS3
X-Timer: S1599631345.588833,VS0,VE1
Date: Thu, 24 Dec 2020 12:10:40 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=255
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 MediaSDK.min.js Show response
tags.news.com.au/prod/heartbeat/v2.2.0/ 175 KB
35 KB 31ms
30ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
server: Apache
etag: "c347a09f51bb895d757c5e600ad18d57:1565826404"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=46771
content-type: application/x-javascript
content-length: 35262

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ 19 KB
7 KB 49ms
6ms Script
application/javascript 2600:9000:2156:600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: FmW9GCwMGDcYuvST0fbMtlt7Sr3UNohQ
content-encoding: gzip
etag: "90eaad1daab4870a6a4ed031687aa680"
age: 293063
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Dec 2019 18:23:25 GMT
server: AmazonS3
date: Mon, 21 Dec 2020 02:46:18 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: rJZSAn8LowtngkN1TrIfcs2wSKz5MBRfC8b-nsTQm52IADTEPes4eQ==

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 8 KB
4 KB 58ms
6ms Script
application/javascript 2600:9000:206f:c200:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c200:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Dec 2020 22:31:22 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 14:24:21 GMT
server: AmazonS3
age: 49159
etag: "09285b59e7b4661ace266ee756c7b3f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: P52QbyxHoIDuRNFpImlqrTReNGPophpYuel6Tg1nc3G6djAqUYJ01g==

GET
BLOB 206
Partial Content 68b9deaa-9cd0-4819-b2b4-f57408efa04f
https://www.heraldsun.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/68b9deaa-9cd0-4819-b2b4-f57408efa04f
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 1470b505-28ea-47ab-9118-612b2b3cd964
https://www.heraldsun.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/1470b505-28ea-47ab-9118-612b2b3cd964
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 8c54bc06-a77a-4012-bc30-15ac458662a9
https://www.heraldsun.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/8c54bc06-a77a-4012-bc30-15ac458662a9
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content c9825c39-9b5d-40e7-99b1-17fb6198ef70
https://www.heraldsun.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/c9825c39-9b5d-40e7-99b1-17fb6198ef70
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 200
OK 66b7cfe9-4b7e-4862-b194-d6421c957dfb
https://www.heraldsun.com.au/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/66b7cfe9-4b7e-4862-b194-d6421c957dfb
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 5348771529001-6218113512001 Show response
content.api.news/v3/videos/brightcove/ 14 KB
3 KB 1721ms
1598ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.api.news/v3/videos/brightcove/5348771529001-6218113512001?api_key=6krsj3w249nk779d8fukqx9f
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: nginx/1.14.1 /
Resource Hash: 8de614aa47994ff73b7deab80430dabde17ee6856b842484a889d72bee97a840

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:42 GMT
content-encoding: gzip
x-newsapi-cache: MISS
edge-cache-tag: 49292d6899d6926b1398556364387f61
x-newsapi-timestamp: 2020-12-24T12:10:41.712Z[UTC]
x-newsapi-traceid: 963526928e522697
content-length: 2286
x-application-context: a-bootiful-client:prod:5000
access-control-allow-headers: x-newsapi-api-key
server: nginx/1.14.1
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Mashery-Error-Code, X-Mashery-Responder
cache-control: max-age=559
x-newsapi-processing-time: 19
x-mashery-responder: prod-j-worker-ap-southeast-2a-34.mashery.com
expires: Thu, 24 Dec 2020 12:20:01 GMT

GET
DATA 200
OK truncated
/ 403 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 091c2733df586042615d79b6fe413e3f33b87eb090beee72c3ac3e820110b5fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 ggng510.js Show response
cdn-gl.imrworldwide.com/novms/bc/3/ 90 KB
20 KB 9ms
9ms Script
application/javascript 2600:9000:2156:9600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/bc/3/ggng510.js
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a2b6a1fcf2724d705818d4237c71625643b8c25ced72d6def3b84d9ac8f1f42

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: uPg9dghkfLf5QnVKvmiuXDfV8WNo6Oxf
content-encoding: gzip
etag: "3ce9be8772dc9fbb9328a338eb9024ff"
last-modified: Thu, 13 Dec 2018 15:53:58 GMT
server: AmazonS3
age: 311
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
date: Thu, 24 Dec 2020 12:05:41 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8p378eyxBWzy3Wox7mmjbOSHotQa1pEIqJCElQztmXoAzjip6hNC6Q==

GET
H2 200 3000 Show response
www.heraldsun.com.au/wp-json/api/weather/ 2 KB
2 KB 432ms
432ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-json/api/weather/3000

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

026dd34e0bbccfaa6e1d71a5f05f69938edfce8dac603f2641495358cb7af054

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options: nosniff
is-https: true
content-length: 1658
x-rq: ewr4 119 100 3097
allow: GET
expires: Thu, 24 Dec 2020 12:10:43 GMT
server: nginx
date: Thu, 24 Dec 2020 12:10:40 GMT
vary: User-Agent
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=3
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame CE37 0
0 364ms
329ms Document
text/html 92.122.106.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=9HmMN-_BAApXEy-SRkneNF6nrAX0pQ7G&nonce=rhpZzXQoPsZDUa69FgTHtRGx8cPBEp2k&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.122.106.155 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=9HmMN-_BAApXEy-SRkneNF6nrAX0pQ7G&nonce=rhpZzXQoPsZDUa69FgTHtRGx8cPBEp2k&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 50aa9bdd1b4f0367
ot-tracer-traceid: 436ba3c600ab84bc
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 3784-1608811840.887-23.55.162.137-1464-696981627-23-0.000
x-auth0-requestid: 9b852865dbf96d57bddc
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1608811841
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 535 0 pmb=mTOE,3
expires: Thu, 24 Dec 2020 12:10:41 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
content-length: 844
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A0a60db50-45e1-11eb-9c9a-c1e43c43c476.gPUnrUeRdPquzHcI%2BAJJj0OckoxN24sLeNsumHejrC0; Max-Age=31557600; Path=/; Expires=Fri, 24 Dec 2021 18:10:40 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A0a60db50-45e1-11eb-9c9a-c1e43c43c476.gPUnrUeRdPquzHcI%2BAJJj0OckoxN24sLeNsumHejrC0; Max-Age=31557600; Path=/; Expires=Fri, 24 Dec 2021 18:10:40 GMT; HttpOnly; Secure ak_bmsc=9D77498372AC34FA757FA234D6B33DF9C16C5E9B381800004185E45F4B26D57E~plw/rlSzdN3ei59vKtLJcK0A/kTTE+o7jrlz92eOj/AN5ALDy7A28D8XBt9lEvr01trRDPjBxn56qgg0sJGjdA5L0lo0/iL5eTGBkG7Igd7geax3QylOpOTxtNSA7iQfeiZH9ThgVOb+bpJxv7pq76SJs9/Yjz2omi/nlAFZdwEIcCfpp7XB56MS4zlmrbc1YwuAo0S/DcOeS69YteDcxOwk13mlEbMb1uQYghZbdFK7UeV9QOFvbuo230wVQTWHyF; expires=Thu, 24 Dec 2020 14:10:41 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=D26803F5F0D777564221BB1DB87F4AC4~sdKC6h8di0TAtzDkwb8/+A5zudnuvZRdDH9aa99cSZCPArcVrd/hs5Lb4jQxDCj2gbYc9/9PskYq7uB1DYVqKI6QlaIn9j7ddXueoNYfmm6gtDvtmHR8mC1jlM61IZ26FodoX3xhHRA153ivwBsNdQAticqPq6s+MobupaTT5+xf2ByvMelbmJK1F2rdgLHOPVxcbc9iCtHs4Pp73S5Unchb2eTAPhjYBFJtawPDYRS0GSq2Jz61QVSEE2KfPJHd; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=DB382DBDBB1911211E254ACF8F5E5657~YAAQm15swXiNZnF2AQAAEoaolArDlYG6kSB7LEbOsEIvTe8KvA5kHMnqL63wKnS6djd8NZIaaoJDb3nUO+uYzWOLcmLwlrthg18BG8oon/j+sJY1VehzJb1yDswPFqyxsvBgt0BBP5P0OkxHftzGxEjZ2dvaX/PLh8rQSiMieQFMSJDnJWO6ZyNKUrM5TDyq9HomSwuP4gultr4=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 24 Dec 2020 16:10:40 GMT; Max-Age=14399; HttpOnly _abck=BAA2CF4D77FBB1D47630CF84A72848BB~-1~YAAQm15swXmNZnF2AQAAEoaolAV1zT+BzzhwUmOZh1EOttkVNJWQ5670BL453VficUBG0asVdl7JuJKlz5vbKsfZyz026mDKZRNQ3dJeY1xQEq7H7rH/BKvzvdeH6qCMXGhZv1Yb3EdwyazSrxSPw7f8ynfPb1mERF0/Oze8eeLwHq4EtKzL8XbjGlTOSFZFASbFOAcNoj7FGjwpvdiFWfjFO3KjiDkWDL236voKkN79UAikAPSOf99NVN5CwwtQ5FoRcypTQSdvXjk8nzxwRQKzOBspz6KqK6xaw+ZDp9F7x0/x4pyaQLIdYOy/NUJhttnmvrc=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 24 Dec 2021 12:10:41 GMT; Max-Age=31536000; Secure

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 57ms
39ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 34d7e05910aac6f533cb31a9dffc4e37213c93c3b90a545b4f3bcedea3e6d03c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 00:59:52 GMT
server: AkamaiNetStorage
etag: "32dbeac6f93a14f6e0b28daba07aa294:1607993992.778839"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1235
expires: Thu, 24 Dec 2020 12:15:40 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 70 KB
19 KB 60ms
41ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 37839f90f9c430af4b063874e26d8986b8ceb01ebcdad7eedb4977c833116693

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 00:59:52 GMT
server: AkamaiNetStorage
etag: "59bda7243b0fc7e08ca82d70f35e8dbe:1607993992.156774"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 18842
expires: Thu, 24 Dec 2020 12:15:40 GMT

GET
H2 200 indies-loader.js Show response
ts2020-indies-client.web.app/ 7 KB
3 KB 39ms
9ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ts2020-indies-client.web.app/indies-loader.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 17 Sep 2020 07:41:38 GMT
x-timer: S1608811841.720565,VS0,VE1
etag: "16a0649956d88d08059c392d3f4b3b1b1b6ee7a364d1e3444626bf6439417ed3-br"
x-served-by: cache-hhn4067-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Thu, 24 Dec 2020 12:10:40 GMT
accept-ranges: bytes
content-length: 2338
x-cache-hits: 1

GET
H2 200 js-vidora-client.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 145ms
145ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f2c693e926182ccfcb15af9a5a49efb21d930c9974e1fc5f9e3b257694c1d711

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2884
x-rq: ewr4 116 88 3188
last-modified: Wed, 16 Dec 2020 03:47:44 GMT
server: nginx
etag: W/"5fd98360-19e5"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 24 Dec 2020 12:10:41 GMT

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame 3953 0
0 330ms
330ms Document
text/html 92.122.106.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=_~NbpQ5PixilXZmIOQvkSzXPvP0gZOul&nonce=-bThooA0_THTzQbUrx8ha.AzOQzOzB-i&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.122.106.155 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=_~NbpQ5PixilXZmIOQvkSzXPvP0gZOul&nonce=-bThooA0_THTzQbUrx8ha.AzOQzOzB-i&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 377be67068d0e8a7
ot-tracer-traceid: 179565062a31a66d
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 3784-1608811840.891-23.55.162.137-1464-697011580-4-0.000
x-auth0-requestid: 6c52d0f6432f05c9153d
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1608811841
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 533 0 pmb=mTOE,3
expires: Thu, 24 Dec 2020 12:10:41 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
content-length: 843
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A0a617790-45e1-11eb-98d6-fb4157b5a6e6.ebD6V2dTAN8ZZ6wU3s5R8hLgYiD3yt0WwwZYoud4QzY; Max-Age=31557600; Path=/; Expires=Fri, 24 Dec 2021 18:10:40 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A0a617790-45e1-11eb-98d6-fb4157b5a6e6.ebD6V2dTAN8ZZ6wU3s5R8hLgYiD3yt0WwwZYoud4QzY; Max-Age=31557600; Path=/; Expires=Fri, 24 Dec 2021 18:10:40 GMT; HttpOnly; Secure ak_bmsc=C1745CFE59E287356144EE303368941DC16C5E9B381800004185E45F1988892E~plhf234XW/CU+Wev+221AdsWn3oP/7L2Znra5VO5FxqFSGh2oOv9AaO/5YbDlAVfsDjIYacsINV67Ktmk+rsdhq3GESbj5Cn+nckeu1QqL6M7ptfUQdCGursm6bCds8Jx/JRaMCfQV2sAZSTu9JkiF6wyP2lP4gZZbDFL0/8Op/AcNXl5ywBLO9Lb6sDyNTG2/qqSAzrlZioPHwxcXif3sqYbHbQJV8dR0egqgWwohcvJRIaFvA8+jUOmIouO3Gx/m; expires=Thu, 24 Dec 2020 14:10:41 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=C4FD0B9D98FF63611F7BF6B3AF665E32~sdKC6h8di0TAtzDkwb8/+ExZBr3I4gs0fj0TXvWZ69nokTt12vKLrArLtUUh9PjPziIOfy+q6U2wKGbJJyL5hlZnNTegJpUi6SmS9vGWehG7c2zIPjoRd3UURangTAyH0R9zejE/RICUNTeUIf4aA3BdyCaJGw/KccAoJSVkAPzW1JmLkStIPgGeKv5kqCMbLchYT1I89/1ptkh5m1rwUEeKrGwwHFGMYtJu/24Fl3USELqHStjQICDpWWndRwFX; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=2F77DDE6AB2FCFE573A3A55589D044AA~YAAQm15swXqNZnF2AQAAHIaolAqDikLZHNsSn+A/OcnJTrz0cVOM/lb/TS66sKncNRe3RqEodTZRdKzl6BAflp+xv3gsqOWK07Jj8LkQEVrpmFRaa/PA7itVsSJhzdPaXYordXwJisS7mq1aGpep5GcizPpeDsssnjBeriiKQ3GmGeUKI9IOiXls8QBtBfUSCXcRm0PYEZQZT0I=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 24 Dec 2020 16:10:40 GMT; Max-Age=14399; HttpOnly _abck=6068C35B58D075697F64274FE2E25561~-1~YAAQm15swXuNZnF2AQAAHIaolAXOdzhF7xV0atdGqIsdsk/6eijlzytzyCYlYy0DPw7Pd+VTChVqftqHtXPDG496+qsURZgwI2JWrbtXT3d+8KNhOwC2ve/PAiWmly10CErpV208ieiDmUEBEnAZd7pfyab0qJzNQwIVp9omSs+HD9AgL8VFdiSPoZxWT5QPTev+tS74Kt4a4FBggThVk4SlR479v7H3g7h6VPoLZ9pxO9G0e4ni0fYs1H2FOExOtm6P+wS+/PGSYl53dtBTZOQPi2zg0UYGuq94z+K3/hrdOCzgdj9B9NIWx2SV1zF00OywnAI=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 24 Dec 2021 12:10:41 GMT; Max-Age=31536000; Secure

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame 59D9 0
0 323ms
323ms Document
text/html 92.122.106.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ikswuKprvC~mD6r1X1IPOiX6ONq3srNE&nonce=aAoD0k763AI15IQGcvCD5h5ePNXqeUFR&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.122.106.155 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ikswuKprvC~mD6r1X1IPOiX6ONq3srNE&nonce=aAoD0k763AI15IQGcvCD5h5ePNXqeUFR&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 0212019b10e45964
ot-tracer-traceid: 6ffdcdaa3b728e61
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 2953-1608811840.907-23.55.162.137-1464-697079733-14-0.000
x-auth0-requestid: e90745776d8ef5e1f718
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1608811841
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 533 0 pmb=mTOE,3
expires: Thu, 24 Dec 2020 12:10:41 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
content-length: 842
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A0a62fe30-45e1-11eb-8fb2-b97319615635.xN0stWqLIjrhnYQb82KA4xb0V3cI02EQMbOgzDlHm0Y; Max-Age=31557600; Path=/; Expires=Fri, 24 Dec 2021 18:10:40 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A0a62fe30-45e1-11eb-8fb2-b97319615635.xN0stWqLIjrhnYQb82KA4xb0V3cI02EQMbOgzDlHm0Y; Max-Age=31557600; Path=/; Expires=Fri, 24 Dec 2021 18:10:40 GMT; HttpOnly; Secure ak_bmsc=D8CAF631670272BF9EC3018D10EE5E1FC16C5E9B381800004185E45F0AE3FC23~pl9bW/EH8gDMHo8GJT3aXfrwSFk7ZHmYC8nhy2eJD/sVIEd+EOZF34P0ogwzzXYv35nMiWlijsIvrYJsRgPc+3S9nprxf5W/U3xsF3EPd0FFCpgV+DxQSxKxMBtvoEktQ0JnZiIqo+r54W3cE1zvQQRMmpcttzeiWpDy6+YIlte/dohKQAxwWMaRhGhfr9Yw0zbjuQnoxBKqPVUzHzYde9W6xkR1tyfxJuW0gFaH0QvYw5foJCf60WusYMRXk9bgUK; expires=Thu, 24 Dec 2020 14:10:41 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=63F498B906E02C12B4610F48D50B8F31~sdKC6h8di0TAtzDkwb8/+CTmm7SS61NmJdwlHpn/bpw+Lh3fkki5BjGDhRsg5LshlgZW+fI2jGlaxGPxGz1VHNwOAhO515W/dIjr9nB9xzo48VmZfstj/e01FVzka+C4a+4SkZ/jzmqAFItOpEGFoNx9p6ZGgCP2Tyn/Ib0woJGYjm3vrSO+r38SZi13BtHCsEqqyo6aA1ifR5/ctQSrKGRyl0/H0seK1jq31yxFY/M9zPnT/OP9AP6XmLGAcKcR; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=3AC13DC856E54DD3F567ED6A7D0B68F5~YAAQm15swXyNZnF2AQAAJ4aolArdrAuXagb9S+HHHWu7TY6CsUVCUNKqW3bWwnFw4QwPIzL5BYGmcsfz4k7PBe6qIa1cyykt4iJwGspnaw3InU5aWzkoNmZhi9IR7QXLnj8HNyJeal/dk8cmabtL556uEVBg/SDH8DytZSFTEJEJmWHexJ4JcmE1hZF1LpJlzPxxgBZP9SOxozM=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 24 Dec 2020 16:10:40 GMT; Max-Age=14399; HttpOnly _abck=6CEB1E81B53398F2A98358DB869C1A30~-1~YAAQm15swX2NZnF2AQAAJ4aolAX0K4VDETTWCEOaT3qT3edxyBb7zZ6ADUIw+7xfLVw2KjRTsPLaerSPuWOCyXQNEH85zwIsEsJVBhu0CZnEG+6dVCLEfEVtF99HNwQVXA+9fbTTDt2DqFCj1RWDw+9+IZc5jRsdClZbKBvezPmkzGqD0DwVUDZisPQ1/I3zIboT9mb/Xp+1ZeoWFAG/RuHbuNS9H7NED0V5Lenrx10A8E4fM0CjzbBnPDZaHmCE8hPS0AhjJH6Q6VPhNyHonCkiv/yZKGY4h9jvpHBXdOSpLUDC4IBRUpQJDws+zGcVTXsusII=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 24 Dec 2021 12:10:41 GMT; Max-Age=31536000; Secure

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 25ms
24ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16088118407560.3545440437522105
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
server: Apache
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 831
expires: Thu, 24 Dec 2020 12:10:40 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
898 B 21ms
21ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
cache-control: max-age=84867
server: Apache
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 B7670439;dcadv=4149947;sz=1x2;ord=885694599014.1323 Show response
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 16 KB
6 KB 58ms
36ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=885694599014.1323?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

bd9767375fb0a2d0baeffd42583c9b96e5f21e809783b8a9bb6c2bd146bf2905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5818
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 11ms
10ms Script
application/x-javascript 2600:9000:20eb:5800:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:37:28 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 02:30:03 GMT
server: nginx
age: 1992
etag: W/"5f8662ab-112ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Pw0010sMMup-5Plg9b50c7cBhpJojOTTWyglVZ5zPbBDz1BqyneDsg==
expires: Thu, 24 Dec 2020 13:37:28 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 177 KB
61 KB 44ms
44ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "032ddabb406fd4179075624c01a76c5d:1606693368.080684"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=46325
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 98 KB
29 KB 39ms
38ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 41ec74962c8671e1e12ada91bd892906b4562a56a920f03f27b25d8c404f5b5e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "7fc980e995ceef29d31d9c137fe87650:1608083035.892431"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=71322
content-type: application/x-javascript
content-length: 29303

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 16ms
15ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

678c16283762d2d1a12c9b055cf3e4333ca3c4c6638a95741f1130084882756f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "733 / 466 of 1000 / last-modified: 1608034737"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18850
x-xss-protection: 0
expires: Thu, 24 Dec 2020 12:10:40 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 327 KB
98 KB 56ms
55ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "079b5880b9ed74f5d265d6b9199a2e85:1601422697.718452"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=49131
content-type: application/x-javascript

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 21 KB
9 KB 24ms
23ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ebaf330ad588600b4b748410b4f77f3cd9c4abc18e3a240156bc6ac9814cf896

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "25edec9c399349e0480c59ebca3d0a23:1607918432.510353"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=69268
content-type: application/x-javascript
content-length: 8648

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

6ms
6ms

Script
application/javascript

2600:9000:2156:9600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 24 Dec 2020 09:23:55 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 10006
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: V_8RXWp7jzrQsbEuvoAzNLFzUOkcnOied-CvMO7cAgCao-t4jxHmCQ==

Redirect headers

date: Thu, 24 Dec 2020 12:10:40 GMT
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: PK51tj6LDD1APrIMfRkyli5CqkT9XkQPB1WWSKcvSAx7XpU05iUgDA==

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 162ms
85ms Script
text/javascript 143.204.94.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:50:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 16 Dec 2020 00:19:19 GMT
Server: AmazonS3
Age: 1231
ETag: "a0ed145148d17426a72696cecfa585ae"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: uCacsgmXrID0B-yMW4geYdnoW4S1YXnV_2jA8gm_Jzhj60skQoAJQA==

GET
H2 200 utag.985.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 2 KB
1 KB 31ms
30ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 04:49:47 GMT
server: AkamaiNetStorage
etag: "a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 900
expires: Fri, 08 Jan 2021 12:10:40 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 310ms
103ms Image
image/gif 100.26.6.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61&u=BqDupkDM_qnVOsxYg&d=heraldsun.com.au&g=36976&g0=news%2Cnational%2Cvideo&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1945&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=13127&t=CfahzbDroKJtt5zogD_LDHLCAaIh0&V=121&i=Qantas%20investigates%20how%20employee%20contracted%20COVID-19%20%7C%20Herald%20Sun&tz=-60&_acct=anon&sn=1&sv=DiF5R8BcSCIHCtPFrXC4HABxBzYBsE&sd=1&im=06530c42&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.6.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-6-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 ggcmb510.js Show response
seccdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 44ms
13ms Script
application/javascript 2600:9000:2127:5000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: CeKWdfuThsyzKr0NmnwAM5a0VYitilJV
content-encoding: gzip
etag: "afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 1011
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 24 Dec 2020 11:53:50 GMT
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: Ed_2bRGDqXQe0F3R77t5Bb6ofVj8yW5n8AiiokpDDV4lBcnt_5AVpA==

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 26ms
8ms Script
application/javascript 184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315
accept-ranges: bytes
content-length: 15848

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 8ms
7ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202012150059&cb=1608811840808
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Thu, 24 Dec 2020 12:20:40 GMT

GET
H2 200 _error
uconnect.tealiumiq.com/ulog/ 43 B
454 B 52ms
14ms Image
image/gif 52.59.116.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uconnect.tealiumiq.com/ulog/_error?utid=newsltd/hwt/202012150059&e0=ge%3A%3A4%3A%3A%2F%2Ftags.tiqcdn.com%2Futag%2Fnewsltd%2Fhwt%2Fprod%2Futag.js%3A%3A_gaq%20is%20not%20defined
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.116.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:40 GMT
x-serverid: uconnect_i-008c4fa0bddad0074
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: _error::4:uconnect
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
x-error: _error is not supported
content-type: image/gif
x-ulver: 9203f2347e52e2662c437616eeeb3b7cdcf3da14-SNAPSHOT
content-length: 43
x-uuid: da2ab1c3-e8a9-40ea-9870-79c1affbdfb5
expires: Thu, 24 Dec 2020 12:10:40 GMT

GET
H3-Q050 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 15ms
14ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Thu, 24 Dec 2020 12:10:40 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 87ms
28ms Script
application/javascript 65.9.96.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Dec 2020 06:54:35 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 537366
ETag: W/"a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: lQYMqzgyvI7R4JLxQCbQav50WLFgXzr9rWJewXG1govW_i8dkCj2-w==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608811840895
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608811840895

5 KB
2 KB

37ms
37ms

XHR
application/json

34.241.138.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608811840895

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.138.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-138-222.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c5b6d8358e6ea94fd5e4443065a730cadbacf4203dd0184de767cde9a3c94185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-093a6cc4a.edge-irl1.demdex.com 5.80.1.20201111130852 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: uUbyKhRmRXg=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1538
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.heraldsun.com.au
X-TID: yuxHwSyHThs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608811840895
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 15 KB
1 KB 146ms
132ms XHR
application/octet-stream 184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s9D81rRzINXxbJe2GpsceLRJAdvlBAld
content-encoding: gzip
last-modified: Mon, 30 Nov 2020 08:14:17 GMT
server: ATS/7.1.0
x-amz-request-id: 82B443EE18CDE818
etag: "622b99881112d32ffad4119cdad72daf"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=558
date: Thu, 24 Dec 2020 12:10:41 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1050
x-amz-id-2: eS1KRxGFDWc5Bvp8z3XsmYinYdG2ZenyZaNbkf17wNhk5580+AVd+NNyT7hHV3rQo2w7pSRvGtM=

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 21 KB
9 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8761
x-xss-protection: 0
server: cafe
etag: 16638491572200565323
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Dec 2020 12:29:25 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/ 6 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=885694599014.1323?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2649
x-xss-protection: 0
server: cafe
etag: 804181672847865866
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Jan 2021 11:23:22 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
437 B 18ms
17ms Other
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXF_3GTpKxp0_SSqEmybBqqftzMR1lnUfx2ExF5E-kx3eCTogeSQnTPum7cLf3wUpFk141oJwLTZtSoTMon03hRRz7Vn9q2pWfV3haAlxy2qRHjDdj0pa6NG6mr8n_n9TgKpJHhlhCISEfid2yzg&sig=Cg0ArKJSzOf2HHTgXvPGEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20201203.52007&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=885694599014.1323?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 24 Dec 2020 12:10:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 63 B
361 B 82ms
25ms XHR
text/plain 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 63
mime-version: 1.0
expires: Thu, 24 Dec 2020 12:10:41 GMT

GET
H2 200 storageframe.html
secure-gl.imrworldwide.com/ Frame 5427 0
0 123ms
122ms Document
text/html 2600:9000:2127:d200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:d200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-gl.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
vary: Accept-Encoding
date: Thu, 24 Dec 2020 12:10:41 GMT
server: nginx
last-modified: Tue, 08 Dec 2020 21:31:18 GMT
etag: W/"5fcff0a6-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: YZ4d5sBIOEWOz25ToZF54vGDI9YRcVfYXGFdWpPazj8qiZLXu0ih5A==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 421 B
659 B 112ms
40ms XHR
application/json 54.76.139.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/news/national,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/news/national,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/news/national,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=c59ba414-d944-f66f-60ab-4f841ec8f86a&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fnews%252Fnational%252Fqantas-investigates-how-employee-contracted-covid19%252Fvideo%252F49292d6899d6926b1398556364387f61%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.139.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 93db644dbc8e278d04c93eed7fdb0aedd402554287cb153d7ce484b54116d18c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:41 GMT
x-server-name: app25.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H/1.1 200
OK Cookie set dest5.html
newscorpau.demdex.net/ Frame 671B 0
0 155ms
55ms Document
text/html 52.212.154.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.154.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-154-51.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=17299438506847935750942565946102091502
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 25 Nov 2020 14:10:08 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=17299438506847935750942565946102091502;Path=/;Domain=.demdex.net;Expires=Tue, 22-Jun-2021 12:10:41 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: OA5QHSoGQBE=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
metrics.heraldsun.com.au/ 48 B
515 B 95ms
20ms XHR
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=17320425267587368930944674000173850612&ts=1608811841005

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a697f1b190735cdb8d09875e52347f85fe50016d2cf079aa63cdb28bf8c7248e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-f7bfdfcfd-btdcz
vary: Origin
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X_SFQQAAAD8F4xXj
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=17299438506847935750942565946102091502
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X_SFQQAAAD8F4xXj

42 B
915 B

36ms
36ms

Image
image/gif

34.241.138.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X_SFQQAAAD8F4xXj

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.138.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-138-222.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-05f582ca4.edge-irl1.demdex.com 5.80.1.20201111130852 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 2jMFnRXsQ94=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X_SFQQAAAD8F4xXj
Date: Thu, 24 Dec 2020 12:10:41 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 8 KB
3 KB 95ms
48ms Script
text/html 80.252.91.53
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=5794495261573458213&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk$$&activityValues=$$Session%3D8055821582926820458$$&ns=0&rnd=7180569080537222
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 80.252.91.53 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: a8b4ea50081a30c0e0595fe9b05debdd6877b852fe4ce30e433f1d8d95cd36b0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Dec 2020 12:11:06 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 2317
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 60ms
59ms XHR
application/json 34.241.138.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=17320425267587368930944674000173850612&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01d20917be950c715c9fb91eb5bd855e20%011&ts=1608811841103

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.138.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-138-222.eu-west-1.compute.amazonaws.com

Software

Resource Hash

12183e7d5baa92ec7d0e2cb945efcd6ceaca9a8cc0cec27e22645da8e7fbdd80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v086-09040c8c5.edge-irl1.demdex.com 5.80.1.20201111130852 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: ccCgedz6QQs=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1537
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
11 KB 57ms
57ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3737853879258716&correlator=2304103349292337&output=ldjh&impl=fifs&hxva=1&scor=873361776348272&eid=21068601%2C21068810%2C21069071&vrg=2020120801&co=1&npa=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201224&iu_parts=5129%2Cndm.hwt%2Cnews%2Cnational&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C1000x50%7C728x1%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D0a7cef6a-45e1-11eb-ab0d-06a809c23df0%7Cpos%3D1%26id%3D0a7cef6b-45e1-11eb-ab0d-06a809c23df0%7Cpos%3D1%26id%3D0a7cef6c-45e1-11eb-ab0d-06a809c23df0&eri=1&cust_params=tts%3Dn%26ttm%3Dn%26us%3Db%26s%3D0%26co%3D1%26kw%3Dfblink%252Ccoronavirus%252Cmsn%252Cnational%252Cyt%26nk%3Dd20917be950c715c9fb91eb5bd855e20%26sec1%3Dnews%26sec2%3Dnational%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dvideo%26adl%3Dfalse%26pvid%3Dd20917be950c715c9fb91eb5bd855e20-00000000000000000000000000000000-1608811840780-723632%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_7246_1381_KW%252CIAS_UNSCORED_PG%252CIAS_5192_KW&bc=31&abxe=1&lmt=1608811841&dt=1608811841121&dlt=1608811839849&idt=1088&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C176%2C0&adys=50%2C1303%2C1945&adks=1874270006%2C3456319620%2C870566375&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C1248x0%7C1600x1945&msz=728x50%7C1000x50%7C0x0&ga_vid=1888483519.1608811841&ga_sid=1608811841&ga_hid=1652428847&fws=640%2C128%2C128&ohw=0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

9236fff3fd1a719d8c459798778ae8cdb7c69c54f67a89c8d1554032eaa76683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11232
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234025551,138234082439,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
bcc671d4074fca4a55c00cd5c9c283d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 59ms
14ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bcc671d4074fca4a55c00cd5c9c283d0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 61ms
20ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608811841133&ci=newscorp&js=1&cg=0&ts=ggng510.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608811841133&ci=newscorp&js=1&cg=0&ts=ggng510.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2...

44 B
492 B

125ms
125ms

Image
image/gif

2600:9000:2127:d200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608811841133&ci=newscorp&js=1&cg=0&ts=ggng510.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&sr=1600x1200&id=lstrg-bd20c3a345290484995052eebab80703&tz=1&ja=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:d200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: WQdEpG0HJ8qbtxFTdQkARCQGdU4ervM3TWyk1apKAKQm8FpI5qbiAQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608811841133&ci=newscorp&js=1&cg=0&ts=ggng510.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&sr=1600x1200&id=lstrg-bd20c3a345290484995052eebab80703&tz=1&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: lY39wxhfQ635-TX8nmETbj4EfoIUfiJMqkWxG7f6rcul7mmjsAGAAw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 s45103706110286
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
439 B 24ms
23ms Image
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s45103706110286?AQB=1&ndh=1&pf=1&t=24%2F11%2F2020%2013%3A10%3A41%204%20-60&cid.&newsnkidcookie.&id=d20917be950c715c9fb91eb5bd855e20&as=1&.newsnkidcookie&.cid&vid=d20917be950c715c9fb91eb5bd855e20&mid=17320425267587368930944674000173850612&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Cnews%7Cvideo%7Cqantas%20investigates%20how%20employee%20contracted%20covid-19&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D3%2Cevent18%2Cevent63%3D132&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Cnews%7Cnational&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&l2=fblink%2Ccoronavirus%2Cmsn%2Cnational%2Cyt&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=news&c5=D%3Dv5&v5=national&c9=D%3Dv9&v9=video&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=11%3A10%20PM%7CThursday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cmac%20os%20x%7C10_14_5&c60=D%3Dv60&v60=132&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=no%20plugins&v77=D%3Dmid&v78=de%7Che%7Cfrankfurt%7C50.12%7C8.68%7Cgmt%2B1%7Cunknown&v79=de&v80=d20917be950c715c9fb91eb5bd855e20-00000000000000000000000000000000-1608811840780-723632&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=_BRGFWK6tKta7ev3QIEOXk&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:40 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 25 Dec 2020 12:10:41 GMT
server: jag
xserver: anedge-f7bfdfcfd-2nnf6
etag: 3454897121341571072-4621758935250247288
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 23 Dec 2020 12:10:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B4EC 0
0 32ms
32ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvA9GXd6CvP-2FGlq_ODYp2ea5EDcH4k349CRBaW9ij1V_zLjHBhLn1nmWDU7ozgfGDuZiUhC2zCN56uRopkJ95yJM9l6u5CwMdr4wKEcPBQnP0jqH7R6Nrs60M-SLsc0aDNrVNHuLTCDB8egTLYZ0cZtU51jJTrTodBhggluq0snpgC46Fd_D3HoaDPgew2-0Ykk1JF2wxjNW6ObLdEGafaDiaqIo4IEOUpkD8cw4oUViCGJG0xWm-tYHS8AiKYr3kmWBpL2JHZ_7jilIdLynVRg&sig=Cg0ArKJSzISU3W46S8PLEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Dec 2020 12:10:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame B4EC 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 09:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Jan 2021 09:17:51 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame B4EC 3 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 05:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Jan 2021 05:17:25 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4EC 76 KB
29 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Thu, 24 Dec 2020 12:10:41 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame B4EC 0
0 31ms
29ms Image
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVz4SY0svruswZwhVe9JC8LQqjL3X2-LmaPAEbz-vO7fsDqHrRnNLV8lGJSos3CUouOFp2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame B4EC 68 B
223 B 8ms
6ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 03:44:30 GMT
x-content-type-options: nosniff
age: 548771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Dec 2021 03:44:30 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 425A 0
0 28ms
27ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIgSWeC-voCTy5bfQCzRyySaO-zUHInbi13nDnzXCXmdmfKpu-xPHol9woUfXvDkf-P0-FA5LvdQYbikP0nrsjfvC6ofQVQAQErB8B-pTEF1vxyC7nsBzgbnVjW8FapA-3FeSKEb5edNgu_GxqBff5Ma_VnvfGgpkxkjp9dmHMoIusTGj_IDoqa-WwNe1gO0ulCpQWIyE86sqaWY5izmc22tyVT1I77KjDuTrWmjagSEdKnWhdXexUmdLsMVG7xwOuVwLxyYKVQGQ-gSMIjqx9gQ&sig=Cg0ArKJSzD3ukH1je0j6EAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Dec 2020 12:10:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 425A 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 09:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Jan 2021 09:17:51 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 425A 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 05:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Jan 2021 05:17:25 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 425A 76 KB
29 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Thu, 24 Dec 2020 12:10:41 GMT

GET
H3-Q050 200 13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 425A 3 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13503232906761715217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 07:55:16 GMT
x-content-type-options: nosniff
age: 533725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3270
x-xss-protection: 0
last-modified: Wed, 23 May 2018 04:43:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Dec 2021 07:55:16 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Thu, 24 Dec 2020 12:10:41 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 6B45 4 KB
2 KB 1347ms
28ms Script
application/x-javascript 13.226.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.89.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-89-119.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 18:01:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 65371
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: iGT4qxvMgIfQvZSmdZiY7JXwiWlN-r5QVm86Maqa1oTd75qgjKzzpA==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 048B 5 KB
2 KB 9ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30KC3g70q0J8W1xQvD64np7CsW1vtPKz8MKMFtW80Dksm5YgWRdW8lR-v85T2_5yN8RHySKrHNQwW7mS-wK65Lv-QW87jNg73nhFQMW84mlcj7PTRhLW49KZBR5vtR4ZW5NBYRk5Vwp_fW2j5lHQ1VfT1mW5ZWfm68znDmNW36pslJ2Mhnt5N8tRBVd5pgf7W8mf0_B3zFw2SVDvrKq58s7bmW6Ml3z45klL-SW7t6FPs1KLbWyN8fXJWr8KhZwN2w5fYzz8GX4W8r31W84w0BfZN9kqM_3cv_T-W6Y5-rq5989cW3bdN1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:41 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 52663
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1608811841.263041,VS0,VE0
x-served-by: cache-hhn11572-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame CD80 965 B
761 B 7ms
7ms Script
application/x-javascript 2a02:26f0:eb:3a3::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30KC3g70q0J8W1xQvD64np7CsW1vtPKz8MKMFtW80Dksm5YgWRdW8lR-v85T2_5yN8RHySKrHNQwW7mS-wK65Lv-QW87jNg73nhFQMW84mlcj7PTRhLW49KZBR5vtR4ZW5NBYRk5Vwp_fW2j5lHQ1VfT1mW5ZWfm68znDmNW36pslJ2Mhnt5N8tRBVd5pgf7W8mf0_B3zFw2SVDvrKq58s7bmW6Ml3z45klL-SW7t6FPs1KLbWyN8fXJWr8KhZwN2w5fYzz8GX4W8r31W84w0BfZN9kqM_3cv_T-W6Y5-rq5989cW3bdN1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3a3::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=26541
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 83EA 96 KB
38 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b078acca5079cc43614182feddcc9f3a3d5c733eb382d596f1cfcb7eaa82f326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38971
x-xss-protection: 0
expires: Thu, 24 Dec 2020 12:10:41 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 5060 4 KB
2 KB 1365ms
28ms Script
application/x-javascript 13.226.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.89.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-89-119.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 18:01:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 65371
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: _bDhYy_ohmhQvaeDaa5vnCs9JSwKR35SA6t9enjZ9jXMSkrcpWXlmg==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 4392 7 KB
3 KB 3318ms
7ms Script
application/javascript 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30KC3g70q0J8W1xQvD64np7CsW1vtPKz8MKMFtW80Dksm5YgWRdW8lR-v85T2_5yN8RHySKrHNQwW7mS-wK65Lv-QW87jNg73nhFQMW84mlcj7PTRhLW49KZBR5vtR4ZW5NBYRk5Vwp_fW2j5lHQ1VfT1mW5ZWfm68znDmNW36pslJ2Mhnt5N8tRBVd5pgf7W8mf0_B3zFw2SVDvrKq58s7bmW6Ml3z45klL-SW7t6FPs1KLbWyN8fXJWr8KhZwN2w5fYzz8GX4W8r31W84w0BfZN9kqM_3cv_T-W6Y5-rq5989cW3bdN1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:44 GMT
Content-Encoding: gzip
Age: 59715
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2601
X-Served-By: cache-lga21948-LGA, cache-hhn4020-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
X-Timer: S1608811845.584301,VS0,VE0
ETag: W/"5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Dec 2020 19:35:03 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 11486

GET
H3-Q050

200

activityi;dc_pre=CKSU-JPL5u0CFYuKdwodWxoH3g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5396221498315.712
8228261.fls.doubleclick.net/ Frame 66F6
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5396221498315.712?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKSU-JPL5u0CFYuKdwodWxoH3g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=539622149831...

0
0

46ms
32ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CKSU-JPL5u0CFYuKdwodWxoH3g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5396221498315.712?

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKSU-JPL5u0CFYuKdwodWxoH3g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5396221498315.712?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Dec 2020 12:10:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 392
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Dec-2020 12:25:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Dec 2020 12:10:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKSU-JPL5u0CFYuKdwodWxoH3g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5396221498315.712?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 35E2 30 KB
12 KB 18ms
17ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Dec 2020 12:10:41 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame 6620 43 B
608 B 304ms
266ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 1604
Redirect Chain

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

43 B
1 KB

51ms
19ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Dec 2020 12:10:42 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid: d9b7c7e6-088a-4f3f-954a-8669e40466b1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Dec 2020 12:10:42 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.59:80
AN-X-Request-Uuid: e91a6cfe-9dca-4ce5-9b34-016d15f232c9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

0
1023 B

38ms
18ms

Image
application/javascript

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Dec 2020 12:10:42 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.49:80
AN-X-Request-Uuid: 4d1cc147-9cca-4b7b-98ce-27aa1032d011
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Dec 2020 12:10:42 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.57:80
AN-X-Request-Uuid: 6bf5f73d-308d-4ad1-b2c6-dbf51a0e2fa7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B4EC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6d205a1311b51c8a5c7b8882d6ee57772ae4552470c687a5697ca312cc733e0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 49A2 46 KB
13 KB 2108ms
58ms Script
application/javascript 54.76.139.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1718546796&custom=video&custom3=168400391&adsafe_par&impId=0a7cef6a-45e1-11eb-ab0d-06a809c23df0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.139.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1cbb7d4ea7b742e403365f45817dd9171cd6dc734f8a6d067543552b460b4278

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
content-encoding: gzip
x-server-name: app18.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 425A 0
22 B 16ms
16ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNhQ03w4kdW7lqsQ5z9EvUGPa3Bp__Vh9vMpJoTaAHBYG9ErWjYUQBEYkSr-59eQHs0T-puuHiojT6XO7clYm0RNYCf1A5F4dh-eWKajF5gJdUEi8YwlICJ49frw1Djz3fz5G9dtw3ZwS4Ba3oI_yZ8zDYSGP-DTaDLSAVezvgwoBkP22Nl3emv1JVK4T-Z_ovTgLQ5HS7aRmQJSCcgt1gqHfW8OArJlU6sT7sLgxg4D1XKUi8vzrVA_uZGZrLhVF1mMg4XEPXHj_JBY2i4UYlR5Jf&sig=Cg0ArKJSzFQxFi6JiW8gEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Dec 2020 12:10:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 425A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4f78fe84828a6ca4a1228be075877d3bb53c0179f4b58c2186181c6bc7b30be

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 46A0 46 KB
13 KB 2100ms
61ms Script
application/javascript 54.76.139.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=2108448675&custom=video&custom3=168400391&adsafe_par&impId=0a7cef6b-45e1-11eb-ab0d-06a809c23df0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.139.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 34f49195283df69489aa34d54ef265fa1f082a3672130049aa88b4ccbbb367f4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
content-encoding: gzip
x-server-name: app37.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame CD80 3 KB
2 KB 35ms
35ms Script
application/x-javascript 2a02:26f0:eb:3a3::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3a3::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:29:41 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=29860
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B4EC 0
22 B 17ms
16ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWVvE_3tUjJlXYLR_5rglbfHDqKi7e3lCbK6WENZFXU6eZgFC2HW71Fo3JSJ1JHVNiO-0p3ocH3BT_BeJw75-7BYsmI6aeie9Nrv3XrnoGmj4ZIs3UMSen8jssg3f_nPV3tO1fIbQ3CSJxoTP_H3EHipCxk5KIOWlXKxIy-2R2nxoK-1cgG732RKMmopFpUmpgo3428FL2ITPUCwR1JPH_whZ-hKmDFQnKpTkuKruT3hI4klqN16L1GCjmiMHtHuREF0WmTH0A43P7jeRU_c4o0V8Y&sig=Cg0ArKJSzNOajYTVK8KxEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Dec 2020 12:10:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 6ms
6ms Script
application/javascript 2600:9000:2156:9600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: a9yv6FoqUOJEHV8JhhsvdvrSixeG3nZZ
content-encoding: gzip
etag: "931051f801612c3a0e2782961ac3d56c"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 748
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 24 Dec 2020 11:59:01 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ocvv6bKl15XtlJtmtr6GBGj7oN1_pbqfDHly9SmNKwc22rQRdZlJtQ==

GET
H2 200 adsct
t.co/i/ Frame 048B 43 B
170 B 127ms
127ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Thu, 24 Dec 2020 12:10:41 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: b61fd7a0f09bf90479f3051c59beda6b
x-transaction: 00f2139100b1ab6e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 35E2 3 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1608811841382&cv=9&fst=1608811841382&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d373d3e420aaa9a9eb2a27b72b333ac8b3f0b2657ce3b7671dc04aee24108b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1189
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 83EA 30 KB
12 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Dec 2020 12:10:41 GMT

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 10ms
10ms Script
application/javascript 2600:9000:2156:9600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/bc/3/ggng510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f91ec62e4c07b0b493a025bc16e236f37ea5e0a71a871e305d7eceee5b9372ce

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: TsGAwry_MywHxoqlMAxI8ip2T8fLNyj0
content-encoding: gzip
etag: "a7034ae9cda088bf677ccf5da2ba719e"
last-modified: Thu, 24 Dec 2020 01:18:05 GMT
server: AmazonS3
age: 2622
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Thu, 24 Dec 2020 11:27:00 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Kxc640oC7wgEkFKGgAPBzSSaa5PkNYIGc2QAcD-Fvf5RaA64kYEuAA==

GET
H2

200

collect
px.ads.linkedin.com/ Frame CD80
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608811841405
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1608811841...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608811841405&liSync=true

0
39 B

194ms
194ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608811841405&liSync=true
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:41 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: leQbpNilUxaAq6wszSoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: XldcndilUxYw6sUWiCsAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: FA9B0755E84C44F5B1A1C6C444D75C92 Ref B: FRAEDGE0822 Ref C: 2020-12-24T12:10:41Z
x-frame-options: sameorigin
date: Thu, 24 Dec 2020 12:10:41 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608811841405&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 173 KB
50 KB 7ms
6ms Script
application/javascript 2600:9000:2156:9600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8pyu2AVizz7qLhkNLlydOCakgrumnPjD
content-encoding: gzip
etag: W/"2a3ec0074402cc8fa654f381bebd2e04"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 1758
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 24 Dec 2020 11:41:23 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cm0Ci96ZeYSKVe7T0HqRQSlgNAS3GGhb4qTwjF8Zcxst5BbJKSxIvg==

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 83EA 3 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1608811841419&cv=9&fst=1608811841419&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fdf399a1f619ed195d34bd03bdad1cb87de584bfe3fc55ec50edd9324157198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1227
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 3EF5 0
0 6ms
6ms Document
text/html 2600:9000:2156:9600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
last-modified: Tue, 17 Nov 2020 14:36:23 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: fXiAi9JTI1XHMxGqL.0MvkCakB1rMXT9
server: AmazonS3
content-encoding: gzip
date: Thu, 24 Dec 2020 11:38:10 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: wMqB6cBQqXkxSmCfVRSdVp-1MFLBFsqNbw-y6YBsfekdbQOYrIbd5A==
age: 1952

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame 35E2 42 B
329 B 21ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1608811841382&cv=9&fst=1608811200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=487119930&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859754747/ Frame 35E2 42 B
154 B 19ms
19ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859754747/?random=1608811841382&cv=9&fst=1608811200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=487119930&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame 83EA 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1608811841419&cv=9&fst=1608811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=1545683358&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/707564276/ Frame 83EA 42 B
530 B 42ms
28ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707564276/?random=1608811841419&cv=9&fst=1608811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=1545683358&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 campaigns Show response
resourcesssl.newscdn.com.au/indies/ 46 B
473 B 589ms
588ms XHR
application/json 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22video%22,site:%22heraldsun.com.au%22,section:%22/news/national%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by: Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 5ba313b7fa9dd06ba89db2a1f6c6642375203f081bf64563d8571e0ef07a0739

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 24 Dec 2020 12:10:42 GMT
content-encoding: gzip
etag: W/"2e-plev5r3ULIxi7VsUGbEefPcqbKs"
x-powered-by: Express
x-cache-hits: 0
content-length: 66
x-served-by: cache-dca17757-DCA
server: Google Frontend
x-timer: S1608811843.514901,VS0,VE351
x-i: true
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: aefc977a324d0174ccbe73962828bfa8
cache-control: private, max-age=604800
function-execution-id: 1ltjkdch2b8g
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: DE
expires: Thu, 31 Dec 2020 12:10:42 GMT

OPTIONS
H2 204 campaigns
resourcesssl.newscdn.com.au/indies/ Frame 0
0 321ms
321ms Other
text/html 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22video%22,site:%22heraldsun.com.au%22,section:%22/news/national%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol: H2
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-type: text/html
function-execution-id: 1ltjt7kx6y48
server: Google Frontend
x-cloud-trace-context: d52c173fc70a815b53644588d42ded84
x-country-code: DE
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
x-served-by: cache-dca17757-DCA
x-cache-hits: 0
x-timer: S1608811842.143017,VS0,VE220
cache-control: private, max-age=604800
expires: Thu, 31 Dec 2020 12:10:42 GMT
date: Thu, 24 Dec 2020 12:10:42 GMT
x-i: true

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.12.5/ 20 KB
7 KB 20ms
6ms Script
application/javascript 2a04:4e42:3::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:42 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2017 21:04:55 GMT
etag: "f30dac97e5c2aaa10a7695b93cc66699"
x-served-by: cache-fra19180-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7231
x-cache-hits: 573329

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 316 KB
109 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e7ed022e6412f6c1416fe649aeb461650491238f7f7ee77bdc0a35435fa891a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111405
x-xss-protection: 0
expires: Thu, 24 Dec 2020 12:10:42 GMT

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
175 B 37ms
20ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 30ms
20ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=e64ad5d65607e8e3cc499bf&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&platform_version=6.42.4&player=players.brightcove.com%2F5348771529001%2FKjZtYFggZ_default&player_name=%5BPROD%5D%20-%20Redesign%20v6.42.4-%202020-07-02&source=&usage=inpage-embed&event=player_load&time=1608811842204&qos.performance.memory.jsHeapSizeLimit=4294705152&qos.performance.memory.usedJSHeapSize=20334696&qos.performance.memory.totalJSHeapSize=27497192&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=1608811839966&qos.performance.timing.domContentLoadedEventStart=1608811839966&qos.performance.timing.domInteractive=1608811839966&qos.performance.timing.domLoading=1608811839849&qos.performance.timing.responseEnd=1608811839860&qos.performance.timing.responseStart=1608811839842&qos.performance.timing.requestStart=1608811836417&qos.performance.timing.secureConnectionStart=0&qos.performance.timing.connectEnd=1608811836416&qos.performance.timing.connectStart=1608811836416&qos.performance.timing.domainLookupEnd=1608811836416&qos.performance.timing.domainLookupStart=1608811836416&qos.performance.timing.fetchStart=1608811836416&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1608811827672&qos.player.dimensions=%5B%5B1608811842204%2C%220x0%22%2C%22100x100%22%5D%5D&qos.player.pixelratio=%5B%5B1608811842204%2C1%5D%5D&qos.player.screendimensions=%5B%5B1608811842204%2C%221600x1200%22%5D%5D&seq=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H3-Q050 200 bridge3.432.0_en.html
imasdk.googleapis.com/js/core/ Frame 2A64 0
0 35ms
20ms Document
text/html 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.432.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.432.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192035
date: Tue, 22 Dec 2020 21:36:30 GMT
expires: Wed, 22 Dec 2021 21:36:30 GMT
last-modified: Tue, 15 Dec 2020 20:14:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 138852
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:81b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Thu, 24 Dec 2020 12:10:42 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 048B 31 B
284 B 128ms
127ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Thu, 24 Dec 2020 12:10:42 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6f2c474c3d29b365e776daec690f53a6
x-transaction: 00dfd8050089de23
expires: Tue, 31 Mar 1981 05:00:00 GMT

OPTIONS
H/1.1 200
Unknown Error 6218113512001
edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/ Frame 0
0 54ms
16ms Other 65.9.7.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/6218113512001
Protocol: HTTP/1.1
Server: 65.9.7.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Connection: keep-alive
Server: Varnish
Retry-After: 0
access-control-max-age: 86400
Accept-Ranges: bytes
Date: Thu, 24 Dec 2020 12:10:42 GMT
Via: 1.1 varnish, 1.1 ab402055ebb78b405a698ff055138d0c.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4080-HHN
X-Cache-Hits: 0
X-Timer: S1608811842.344746,VS0,VE0
BCOV-Debug-Cache-Stats: unknown
BCOV-instance: unknown
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: PuxWlHXkM4tFFAtKDiWwWVUrJSCZZvfpJ02o8hzk5_Se58MuegQ83Q==

GET
H/1.1 200
OK 6218113512001 Show response
edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/ 5 KB
7 KB 100ms
100ms XHR
application/json 65.9.7.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/6218113512001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 672a9fdba5d8730c105d2a0b0fc154ee326af82fe9c6b684dda69f31f82f0c95

Request headers

Accept: application/json;pk=BCpkADawqM2_330AZUx3hOhw08ByXIIKL1qVDScQT4-Y20iQov_t7uCKQ2OMBzj46A_jfmEwilabuEUd5-JeBhNlW6TrJws1fMwsZUbidjRxZrjRA1MDtkGXpXE-NQdMPsIQ1XSQarOExJ-4
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:42 GMT
Powered-From: eu-central-1c
Bcov-Request-Id: a760a54c-6365-470b-9801-3adf0fc65b3e
Age: 0
Policy-Key-Accountid: 5348771529001
X-Cache: Miss from cloudfront
Connection: keep-alive
Powered-By: BC
Content-Length: 5343
Via: 1.1 varnish, 1.1 ab402055ebb78b405a698ff055138d0c.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4077-HHN
BCOV-instance: unknown
Policy-Key-Raw: BCpkADawqM2_330AZUx3hOhw08ByXIIKL1qVDScQT4-Y20iQov_t7uCKQ2OMBzj46A_jfmEwilabuEUd5-JeBhNlW6TrJws1fMwsZUbidjRxZrjRA1MDtkGXpXE-NQdMPsIQ1XSQarOExJ-4
X-Timer: S1608811842.360795,VS0,VE84
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control: max-age=0, no-cache, no-store
Account-Status: APPROVED
BCOV-Debug-Cache-Stats: unknown
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id: QKKEqLGZdsigpgZ54L9oMfcNrGsCaPjD56UaBLeyXO6ukswJr_dA0Q==
X-Cache-Hits: 0

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 22ms
22ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 21ms
20ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/6d96f592-dd97-4de0-b25f-021ba8d5e656/1280x720/match/ 0
0

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/10s/ 7 KB
8 KB 62ms
42ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/10s/master.m3u8?fastly_token=NjAwOTcyZjlfZTFjYWUxMGFmNDc2MTMwN2ZhNjIwNjk1NDk0MTgyZWJjYmRjNTVmM2ExODlmNTNiYjhlNmM0MzkxM2UyNTY4ZA%3D%3D&pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 3baf649fc6fbe4afcf655636b70d9ae4df87f42c3d3f65ad0830f5337ed4f10b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:42 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
x-bolt-device-group: desktop-chrome
content-length: 7619
x-served-by: cache-hhn4022-HHN
x-device-group: desktop-chrome
x-timer: S1608811842.493108,VS0,VE37
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 / Show response
content.api.news/v3/search/ 80 KB
8 KB 46ms
45ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.api.news/v3/search/?size=7&page=1&query=type:%20video%20%20AND%20target.sections.id:%201226490441611%20%20AND%20target.domains:%20heraldsun.com.au%20%20AND%20-rightsMetadata.originatedSource:(Rightster_hollyscoop%20%20OR%20Rightster_the_savory%20OR%20Rightster_celebrity_wire)%20AND%20-rightsMetadata.usage:fair_dealing%20AND%20platform.id:5348771529001-*%20&api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: nginx/1.14.1 /
Resource Hash: b082d8068ad687b2383e41f04934a3fd6a3848bf0cbf1d92b050fe0b5d650d88

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:42 GMT
content-encoding: gzip
x-newsapi-cache: MISS
x-newsapi-timestamp: 2020-12-24T12:02:55.390Z[UTC]
x-newsapi-traceid: 3078087c364cdb85
content-length: 7488
x-application-context: a-bootiful-client:prod:5000
access-control-allow-headers: x-newsapi-api-key
x-newsapi_search_timed_out: false
server: nginx/1.14.1
x-newsapi_search_execution_time: 41ms
x-newsapi_search_cache_ttl: 60
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Mashery-Error-Code, X-Mashery-Responder
cache-control: max-age=1410
x-newsapi-processing-time: 63
x-mashery-responder: prod-j-worker-ap-southeast-2b-39.mashery.com
expires: Thu, 24 Dec 2020 12:34:12 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6cf74a8b79c44a7bc435b400f7704246ed5dc79c31bb6defb4b58de5c79f9df

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
BLOB 200
OK 4164c144-bac7-40e3-b9e6-4920945049e6
https://www.heraldsun.com.au/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/4164c144-bac7-40e3-b9e6-4920945049e6
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78019648f069149488cb2c763d86dcce82ad1e600e2c1909c770efc0be1a2543

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5922
Content-Type: application/javascript

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 103ms
103ms Image
image/gif 100.26.6.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=6218113512001&i=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&g0=news%2Cnational%2Cvideo&u=u4hQKDRTV-ZuKLR5&t=DO_JYwDoDni_TiH9g5N0SFDkDGEj&x=0&y=0&V=121&VS=BCN&n=1&b=14524&r=&_vd=-1&_vi=Qantas%20investigates%20how%20employee%20contracted%20COVID-19%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61&_vh=heraldsun.com.au&_pu=BqDupkDM_qnVOsxYg&_pt=CfahzbDroKJtt5zogD_LDHLCAaIh0&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.317&_vpt=0&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5647924203001%2F7f8491ea-97c0-49c3-b448-a5f990f5f5d4%2F92a394d3-e2de-46f4-bbc2-f384f9e0a190%2F160x90%2Fmatch%2Fimage.jpg&_vaup=unkn&_vce=0&c=0.01&W=0&R=0&I=1&E=0&j=75&tz=-60&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.6.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-6-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 21ms
21ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 24 Dec 2020 12:10:42 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/8876dfef-ac15-4910-b8bc-12b7b3c313b0/10s/ 1 KB
1 KB 333ms
333ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/8876dfef-ac15-4910-b8bc-12b7b3c313b0/10s/rendition.m3u8?fastly_token=NjAwOTcyZjlfYjljMjQzM2IwOWZhZWRmMjM3YTgzMGNkNWQ0NDg5MWJmZTY5YjNiMzYyZmRkOTM0NWYxOGVjZmNjZDE1NGYzMQ%3D%3D&pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 1c50a241cbea2b539def0f70cc8e2d83fc5db0f9e5d037156bb9bbefe3585a76

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:42 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 1098
x-served-by: cache-hhn4022-HHN
x-device-group: desktop-chrome
x-timer: S1608811843.541971,VS0,VE327
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 up
insight.adsrvr.org/track/ Frame 3B21 0
0 117ms
31ms Document
text/html 52.49.200.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&upid=trk7f24&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.200.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-200-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&upid=trk7f24&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=ae450f47-caee-49b2-84e1-d26b12772cd0; TDCPM=CAESEgoDYWFtEgsIzqC69d6DlDkQBRgFIAEoAjILCObJpKL1g5Q5EAU4AQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Thu, 24 Dec 2020 12:10:42 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK recommendations Show response
api.vidora.com/v1/users/p1c265rgkimedmqist316sd2h80o4j/ 474 B
628 B 571ms
113ms Fetch
application/json 50.19.224.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vidora.com/v1/users/p1c265rgkimedmqist316sd2h80o4j/recommendations?limit=10&category=heraldsun.com.au&start_index=0&api_key=newsau_video.93DFAEA2BB0A788E1466709DFF2B086C
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 50.19.224.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: feee4f8575304ee310cb7528875738b96438a7821dba9876700f18883c26a2df

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Dec 2020 12:10:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-Robots-Tag: noindex
Content-Length: 296
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame D075 0
0 90ms
30ms Document
text/html 52.49.200.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&upid=ekg5qxt&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.200.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-200-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&upid=ekg5qxt&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=ae450f47-caee-49b2-84e1-d26b12772cd0; TDCPM=CAESEgoDYWFtEgsIzqC69d6DlDkQBRgFIAEoAjILCObJpKL1g5Q5EAU4AQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Thu, 24 Dec 2020 12:10:42 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/e8f984fa-d14d-4fbd-93e5-f08107e63e9b/10s/ 1 KB
1 KB 329ms
329ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/e8f984fa-d14d-4fbd-93e5-f08107e63e9b/10s/rendition.m3u8?fastly_token=NjAwOTcyZjlfNmVkNmI0MDhhYTE4NDgwMGE2MjM1YjM2ZDRjNTE5Y2RhMzY4YWRhODA2NjAzMTlkMjA4NjU4Zjg4YzkyNzBmYg%3D%3D&pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 9ee17a3f348afb23ccf3433e84cb02e05c51c5ba74613c4b3fe694b87ec0ef19

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:43 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 1094
x-served-by: cache-hhn4022-HHN
x-device-group: desktop-chrome
x-timer: S1608811843.879077,VS0,VE324
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 jsdiagnostic
pixel.adsafeprotected.com/ 43 B
216 B 425ms
59ms Image
image/gif 54.76.139.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:10507&sessionId:c59ba414-d944-f66f-60ab-4f841ec8f86a&err:responsetime%3A114%26probability%3A10
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.139.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
x-server-name: app38.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 410 a9a3fe428e5ef236415859073ff6dcfa Show response
content.api.news/v3/videos/ 52 B
494 B 1006ms
1005ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.api.news/v3/videos/a9a3fe428e5ef236415859073ff6dcfa?api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: nginx/1.14.1 /
Resource Hash: 353e73ac5e682c58374b49d7b231417235fe2f646742eafcef98aed4021b64f9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: a9a3fe428e5ef236415859073ff6dcfa
date: Thu, 24 Dec 2020 12:10:44 GMT
server: nginx/1.14.1
x-mashery-responder: prod-j-worker-ap-southeast-2b-31.mashery.com
x-newsapi-timestamp: 2020-12-24T12:10:43.927Z[UTC]
access-control-allow-methods: GET
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Mashery-Error-Code, X-Mashery-Responder
cache-control: max-age=600
x-newsapi-traceid: 4a9d7f574d74317c
access-control-allow-headers: x-newsapi-api-key
content-length: 52
x-application-context: a-bootiful-client:prod:5000
expires: Thu, 24 Dec 2020 12:20:44 GMT

GET
H2 200 main.gr.19.8.152.js Show response
static.adsafeprotected.com/ Frame 49A2 178 KB
57 KB 8ms
7ms Script
application/javascript 2600:9000:2156:600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.152.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1718546796&custom=video&custom3=168400391&adsafe_par&impId=0a7cef6a-45e1-11eb-ab0d-06a809c23df0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09139ad202561e2fdade50caa06404d799600ef95f44971d65c39817c719cf8c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 22:22:16 GMT
content-encoding: gzip
age: 568108
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 17 Dec 2020 22:07:31 GMT
server: AmazonS3
etag: W/"13e6770441defec31328e0ad0db5459d"
vary: Accept-Encoding
x-amz-version-id: P5nrI.aCNxkiAMefav_Vbt3x8gWuxUM_
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: EH5Ky5jfjOThYaDbNe1_yPqFURa3Avr1OCsXPHUxmUTcyM6vntJKsw==

GET
H2 200 main.gr.19.8.152.js Show response
static.adsafeprotected.com/ Frame 46A0 178 KB
57 KB 10ms
10ms Script
application/javascript 2600:9000:2156:600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.152.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=2108448675&custom=video&custom3=168400391&adsafe_par&impId=0a7cef6b-45e1-11eb-ab0d-06a809c23df0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09139ad202561e2fdade50caa06404d799600ef95f44971d65c39817c719cf8c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 22:22:16 GMT
content-encoding: gzip
age: 568108
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 17 Dec 2020 22:07:31 GMT
server: AmazonS3
etag: W/"13e6770441defec31328e0ad0db5459d"
vary: Accept-Encoding
x-amz-version-id: P5nrI.aCNxkiAMefav_Vbt3x8gWuxUM_
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: WDqYTbKnE1r6aCGUBEGFZbmxRdTwHoRST7ictsFhQD1NpjAUhz_JjQ==

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame EFA6 81 KB
22 KB 12ms
12ms Script
application/javascript 2600:9000:2156:600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 10207711
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: ntSJg9oXfR7YBRGm1E7znMphqpd9DlcLUu_KuPyZ0kPteP_3yx3dfw==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 37ms
37ms Image
image/gif 54.76.139.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1718546796&custom=video&custom3=168400391&adsafe_par&impId=0a7cef6a-45e1-11eb-ab0d-06a809c23df0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:e57f2925-22ea-96cf-7e80-dfc6920f8753,c:xOvejU,sl:outOfView,em:true,fr:true,mn:app18ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sk5AxxL+11|12|13*.10507|131|141|151|16|17|18|191|1a|1b1|1c|1d|1e|1f|1g|1h,idMap:13*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:49,oid:0bda35c4-45e1-11eb-92a5-0ab32f77e5b0,v:19.8.152,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.139.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 4E52 81 KB
22 KB 7ms
7ms Script
application/javascript 2600:9000:2156:600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 10207711
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: IglM3bAKTP4KWJW2utwQfSc4YxeV-EEtz-88l8DOGxlrZRoOLj9ELA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 39ms
39ms Image
image/gif 54.76.139.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941989880&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=2108448675&custom=video&custom3=168400391&adsafe_par&impId=0a7cef6b-45e1-11eb-ab0d-06a809c23df0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:13903fc2-e335-e0a1-c499-00098fe0add0,c:xOvekk,sl:outOfView,em:true,fr:true,mn:app37ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.1311.10.10,am:i,cc:795.1311.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sk5AxxP+11|12|131|132|14*.10507|141|151|16|17|18|191|1a|1b1|1c|1d|1e|1f|1g|1h,idMap:14*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:72,oid:0bda8306-45e1-11eb-9705-0660e4448cc9,v:19.8.152,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.139.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
x-server-name: app26.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 312ms
104ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e57f2925-22ea-96cf-7e80-dfc6920f8753&tv={c:xOvekA,pingTime:-2,time:91,type:a,im:{sf:0,pom:1,prf:{beA:2114,beZ:2115,mfA:2142,cmA:2143,inA:2144,inZ:2149,prA:2149,prZ:2155,si:2164,poA:2164,poZ:2175,cmZ:2175,mfZ:2175,loA:2196,loZ:2198,ltA:2204,ltZ:2204}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:48}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:91,n:0,pp:0,pm:0},slEvents:[{sl:o,t:48,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[59~0],as:[59~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sk5AxxL+11|12|13*.10507|131|14.10507|141|151|16|17|18|191|1a|1b1|1c|1d|1e|1f|1g|1h,idMap:13*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/news/national_0,google_ads_iframe_/5129/ndm.hwt/news/national_0__container__,ad-block-728x90-1],sinceFw:40,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
x-server-name: dt54.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 103ms
103ms Image
image/gif 100.26.6.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61&u=BqDupkDM_qnVOsxYg&d=heraldsun.com.au&g=36976&g0=news%2Cnational%2Cvideo&g1=No%20Author&n=1&f=00001&c=0.05&x=0&m=0&y=2027&o=1600&w=1200&j=30&R=1&W=0&I=0&E=2&e=2&r=&b=13127&t=CfahzbDroKJtt5zogD_LDHLCAaIh0&V=121&tz=-60&_acct=anon&_vi=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&_vp=6218113512001&_vdd=video%40heraldsun.com.au&_vs=s1&_vt=ct&_vap=&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5647924203001%2F7f8491ea-97c0-49c3-b448-a5f990f5f5d4%2F92a394d3-e2de-46f4-bbc2-f384f9e0a190%2F160x90%2Fmatch%2Fimage.jpg&_vd=-1&sn=2&sv=DiF5R8BcSCIHCtPFrXC4HABxBzYBsE&sd=1&im=06530c42&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.6.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-6-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 307ms
103ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=13903fc2-e335-e0a1-c499-00098fe0add0&tv={c:xOvekE,pingTime:-2,time:91,type:a,im:{sf:0,pom:1,prf:{beA:2108,beZ:2110,mfA:2170,cmA:2171,inA:2171,inZ:2172,prA:2172,prZ:2176,si:2179,poA:2179,poZ:2184,cmZ:2184,mfZ:2184,loA:2192,loZ:2193,ltA:2198,ltZ:2198}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:10,h:10,t:71}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:91,n:0,pp:0,pm:0},slEvents:[{sl:o,t:71,wc:0.0.1600.1200,ac:795.1311.10.10,am:i,cc:795.1311.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[27~0],as:[27~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sk5AxxP+11|12|131|132|14*.10507|141|151|16|17|18|191|1a|1b1|1c|1d|1e|1f|1g|1h,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/news/national_1,google_ads_iframe_/5129/ndm.hwt/news/national_1__container__,ad-block-1000x50-1],sinceFw:18,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
x-server-name: dt55.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 268ms
103ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e57f2925-22ea-96cf-7e80-dfc6920f8753&tv={c:xOveli,time:135,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:135,n:0,pp:0,pm:0},slEvents:[{sl:o,t:48,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[103~0],as:[103~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sk5AxxL+11|12|13*.10507|131|14.10507|141|151|16|17|18|191|1a|1b1|1c|1d|1e|1f|1g|1h,idMap:13*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
x-server-name: dt56.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 267ms
104ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=13903fc2-e335-e0a1-c499-00098fe0add0&tv={c:xOvelj,time:132,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:132,n:0,pp:0,pm:0},slEvents:[{sl:o,t:71,wc:0.0.1600.1200,ac:795.1311.10.10,am:i,cc:795.1311.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[68~0],as:[68~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sk5AxxP+11|12|131|132|14*.10507|141|151|16|17|18|191|1a|1b1|1c|1d|1e|1f|1g|1h,idMap:14*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
x-server-name: dt57.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 c8d9061d1fb7d1c730072195c00b1049 Show response
content.api.news/v3/videos/ 20 KB
4 KB 613ms
613ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.api.news/v3/videos/c8d9061d1fb7d1c730072195c00b1049?api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: nginx/1.14.1 /
Resource Hash: d0f071c3d036abd8b9676498f3550fa7e188fe6ffd7a698dec0a1d3848657d1e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:44 GMT
content-encoding: gzip
x-newsapi-cache: HIT
edge-cache-tag: c8d9061d1fb7d1c730072195c00b1049
x-newsapi-timestamp: 2020-12-24T12:10:43.856Z[UTC]
x-newsapi-traceid: c7c9c3c0b162446a
content-length: 3495
x-application-context: a-bootiful-client:prod:5000
access-control-allow-headers: x-newsapi-api-key
server: nginx/1.14.1
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Mashery-Error-Code, X-Mashery-Responder
cache-control: max-age=1769
x-newsapi-processing-time: 14
x-mashery-responder: prod-j-worker-ap-southeast-2a-34.mashery.com
expires: Thu, 24 Dec 2020 12:40:13 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 109ms
108ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e57f2925-22ea-96cf-7e80-dfc6920f8753&tv={c:xOvepn,pingTime:-10,time:388,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608811843812||7a52f19a649ea51150aada0b32f6127c||71ff54ebddb1e090fbf173d96e2342c8||b25506d2d1ef03e10da9493981c3cdaf||a89fd71e987fe4a73b136e67710ecbb2||390e0323fe99860bdf453270c6fbc564||04b6415fb6f4023cb58a9ae55ad085da||cc32f64a6da4b8ad515be35f1a2afe22||1576000828}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
x-server-name: dt38.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 103ms
103ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=13903fc2-e335-e0a1-c499-00098fe0add0&tv={c:xOvepM,pingTime:-10,time:409,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608811843812||7a52f19a649ea51150aada0b32f6127c||71ff54ebddb1e090fbf173d96e2342c8||b25506d2d1ef03e10da9493981c3cdaf||a89fd71e987fe4a73b136e67710ecbb2||390e0323fe99860bdf453270c6fbc564||04b6415fb6f4023cb58a9ae55ad085da||cc32f64a6da4b8ad515be35f1a2afe22||1576000828,sca:{spg:e57f2925-22ea-96cf-7e80-dfc6920f8753}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:43 GMT
x-server-name: dt40.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 e6ce766809fa7e1f8909f010c3515435 Show response
content.api.news/v3/videos/ 17 KB
3 KB 1164ms
1164ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.api.news/v3/videos/e6ce766809fa7e1f8909f010c3515435?api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: nginx/1.14.1 /
Resource Hash: 65d18267b044e365ab6986dadea1678d9271631b23b0981c47100901da7726c3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:45 GMT
content-encoding: gzip
x-newsapi-cache: HIT
edge-cache-tag: e6ce766809fa7e1f8909f010c3515435
x-newsapi-timestamp: 2020-12-24T12:10:45.075Z[UTC]
x-newsapi-traceid: 3e8ddc43642046d0
content-length: 2876
x-application-context: a-bootiful-client:prod:5000
access-control-allow-headers: x-newsapi-api-key
server: nginx/1.14.1
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Mashery-Error-Code, X-Mashery-Responder
cache-control: max-age=1800
x-newsapi-processing-time: 17
x-mashery-responder: prod-j-worker-ap-southeast-2a-32.mashery.com
expires: Thu, 24 Dec 2020 12:40:45 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
529 B 34ms
34ms Image
image/gif 52.210.126.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_news_S&asn=news&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=vzcwkahv2qi7zmgpsw5ac5rq4mlaf1608811841&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,national&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,57nxavbqg7e7bwsmzppr6gcsjjjas1608811841&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16088118414399719&c30=bldv,6.0.0.563&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1608811841332&c3=st,c&c64=starttm,1608811843&adid=1608811841332&c58=isLive,false&c59=sesid,&c61=createtm,1608811844&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&c66=mediaurl,&c62=sendTime,1608811844&rnd=142646
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.126.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:44 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 4392 42 B
352 B 25ms
25ms Image
image/gif 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1608811844594&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1608811844593&et=1608811844594&if=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 10.2.80.88:80
Content-Length: 42
Content-Type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8342f6ccd6bc8ab5dbb1129c4db9a7a73b8a340ff497ba9eb3cc4963b4034f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Dec 2020 12:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6465
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 24 Dec 2020 12:10:44 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 104ms
103ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e57f2925-22ea-96cf-7e80-dfc6920f8753&tv={c:xOveCV,time:1228,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1228,n:0,pp:0,pm:0},slEvents:[{sl:o,t:48,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1196~0],as:[1196~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:112,fm:sk5AxxL+11|12|13*.10507|131|14.10507|141|151|16|17|18|191|1a|1b1|1c|1d|1e|1f|1g|1h,idMap:13*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:44 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 91EA 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 24 Dec 2020 09:14:47 GMT
expires: Fri, 24 Dec 2021 09:14:47 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10557
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 15ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120801&jk=3737853879258716&bg=!nZ6lnr7NAAXKjztByljHyMN07d2JCgIAAABdUgAAAA1oAQcKAK09aYstbfqlF7xxpLEFTg-F-mKU804dUKmhKfX6CULI5ietjzWGoS7O5yAokM384o4V-bARJnoEa720Z1uiClrNhV_8lrWPW5EwVcOYr5kHA1AGGvGJ6bZ9AcCLkB65VmSaZoIGZJhSIDWs9Cyt-3A5JID2HDRRmZgfr270KiQ-cshYWBY1Sn_hZlSp0dpzHdknIchi94sFHjC4Y0vDtI3OkcCx6QG8aHuuNfYS9ZkBvQte7rWc25UJH51e5pK0RohWoRLyx2SnpxQNUlKdERuxIJKipuy3jfauf0rL8TDoLDWVM0faLwYkyLwyXnpQX7_uVGYBEr5jZwMxeC4adgXGZM94oaRMdrdbQeFVV9NI3Nf2JtgGrZqjbT973FT2mnbWCYtHqta4BvAjVCi9uelXPP4vUloeS1f9SaOIBFTYLHtvljmGe_X5xtrrIS-SB-Zq1EuCb_XgbwZTastTCE4jRBNClY3A2qcMYFk9YyImDuv30AEHWWNCm-cWOxsOH_R2VoIZ7gRuABMPYOlci8jXycRzcRrWrhvONoHgckxkK_dzQFCgxERO9wocO0VlyEKzk-_UKHot4TUXjj7YjrDeojayA5v2g_AAdTfXGcqpzPz_otb-Tyw3T-I4dpixMYSs6kb3UcDF2zatsrx242yK7WOqoBP-Pjj-fuMkUW0gxBAyt9htIU-UPZe_CzJwx8GNs1ibv3rWPZVP40VfabBggax4gHjN6E2eCtYB9WmYi477gkXO8fp_0oooB1L8JIZ0Ud8RygiYc-0GaFiTceYcn9lg54Lk2EaQG8-3dfvdOVSjYO4_3dLM_dsRzv0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 24e8c7033bf4aaa846de1b03970783af Show response
content.api.news/v3/videos/ 15 KB
3 KB 1484ms
1483ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.api.news/v3/videos/24e8c7033bf4aaa846de1b03970783af?api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: nginx/1.14.1 /
Resource Hash: f12d1eefa2cfa08ead2c75024879b2dd5da54ca629a50aa0668b6b9ff7a903eb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:47 GMT
content-encoding: gzip
x-newsapi-cache: MISS
edge-cache-tag: 24e8c7033bf4aaa846de1b03970783af
x-newsapi-timestamp: 2020-12-24T12:10:46.615Z[UTC]
x-newsapi-traceid: 7d133411aa53a60f
content-length: 2304
x-application-context: a-bootiful-client:prod:5000
access-control-allow-headers: x-newsapi-api-key
server: nginx/1.14.1
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Mashery-Error-Code, X-Mashery-Responder
cache-control: max-age=1800
x-newsapi-processing-time: 19
x-mashery-responder: prod-j-worker-ap-southeast-2a-36.mashery.com
expires: Thu, 24 Dec 2020 12:40:47 GMT

GET
H/1.1 200
OK 5fe61c8b533204850a490d4d-adobeorg.xml Show response
newscorpau.hb.omtrdc.net/settings/ 228 B
493 B 408ms
98ms XHR
text/xml 18.235.108.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newscorpau.hb.omtrdc.net/settings/5fe61c8b533204850a490d4d-adobeorg.xml?r=1608811847485
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: openresty /
Resource Hash: 0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:47 GMT
Last-Modified: Mon, 19 Oct 2020 16:36:33 GMT
Server: openresty
ETag: "5f8dc091-e4"
Content-Type: text/xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 228

POST
H2 200 s42518921832515 Show response
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
210 B 22ms
22ms XHR
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s42518921832515

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Dec 2020 12:10:47 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 25 Dec 2020 12:10:47 GMT
server: jag
xserver: anedge-f7bfdfcfd-dt42m
etag: 3454897134226472960-4621653747214824423
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Wed, 23 Dec 2020 12:10:47 GMT

GET
H/1.1 204
No Content / Show response
newscorpau.hb.omtrdc.net/ 0
139 B 402ms
102ms XHR
text/plain 18.235.108.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newscorpau.hb.omtrdc.net/?s:sc:rsid=newscorpau-hsweb%2Cnewscorpau-global&s:sc:tracking_server=metrics.heraldsun.com.au&h:sc:ssl=1&s:sp:channel=National%2C%20News&s:sp:player_name=NewsCorp%20Brightcove%20Video%20Player&s:sp:hb_version=js-2.2.0.223-05c3c4&l:sp:hb_api_lvl=4&s:event:sid=1608811847488624075666&s:event:type=start&l:event:duration=0&l:event:playhead=0&l:event:ts=1608811847497&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&s:asset:video_id=6218113512001&s:asset:publisher=5FE61C8B533204850A490D4D%40AdobeOrg&l:asset:length=44&s:stream:type=vod&l:stream:bitrate=5000&l:stream:fps=24&l:stream:dropped_frames=10&l:stream:startup_time=0&s:meta:channel=National%2C%20News%2C%20yt%2C%20coronavirus&s:meta:brand=herald%20sun&s:meta:site=herald%20sun%20web&s:meta:autoPlay=true&s:meta:videoSource=sky&s:meta:advtType=CSAI&s:meta:a.media.network=herald%20sun&s:meta:mediacontenttype=Standard&s:meta:mediaautoplayanalytics=anonymous%7Cundefined%7Cerror%7Cyes&s:meta:abcookie=b&s:meta:a.media.streamType=video
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 24 Dec 2020 12:10:47 GMT
Server: openresty
Connection: keep-alive

GET
DATA 200
OK truncated
/ 403 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 359ae88af34132a98271ad73e6915d0d2bf125c3b8f5a0c03162c619ba249800

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 21ms
20ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 24 Dec 2020 12:10:47 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 74655224289066f547ed4308d29ed159
content.api.news/v3/images/bin/ 6 KB
6 KB 49ms
48ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/74655224289066f547ed4308d29ed159
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b00167d6e2f0b96d7aa45f921461578670ce707a8bea17c3e130152204e686eb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 74655224289066f547ed4308d29ed159
date: Thu, 24 Dec 2020 12:10:47 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 988af47c533761fe766c69951e086ee5-74655224289066f547ed4308d29ed159-0
x-serial: 965
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=3369494
last-modified: Thu, 03 Dec 2020 12:06:54 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 5750
expires: Mon, 01 Feb 2021 12:09:01 GMT

GET
H2 200 ce4af4faa7d8efbab7513b929d770520
content.api.news/v3/images/bin/ 1 KB
1 KB 103ms
101ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/ce4af4faa7d8efbab7513b929d770520
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b4db9dfe28f7b75a76b7b2863712508ec5c71b9b01170b1e40a0f46dd73560f9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: ce4af4faa7d8efbab7513b929d770520
date: Thu, 24 Dec 2020 12:10:47 GMT
last-modified: Thu, 03 Dec 2020 12:12:11 GMT
server: Akamai Image Manager
etag: 01ca8340a97e2e340006ed5212b33297-ce4af4faa7d8efbab7513b929d770520-0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=3369708
access-control-allow-headers: x-newsapi-api-key
content-length: 1038
expires: Mon, 01 Feb 2021 12:12:35 GMT

GET
H2 200 275c5840621bd569eafb21798a6311d8
content.api.news/v3/images/bin/ 6 KB
6 KB 123ms
122ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/275c5840621bd569eafb21798a6311d8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 24d46d8e3acb38a5400228d4867f749de0e08b2366a6321698da8c4f12b7a17c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 275c5840621bd569eafb21798a6311d8
date: Thu, 24 Dec 2020 12:10:47 GMT
last-modified: Thu, 03 Dec 2020 12:29:59 GMT
server: Akamai Image Manager
etag: 8bf0199f0974c22eb50b75e8b64a08d2-275c5840621bd569eafb21798a6311d8-0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=3370843
access-control-allow-headers: x-newsapi-api-key
content-length: 6148
expires: Mon, 01 Feb 2021 12:31:30 GMT

GET
H2 200 fallback.jpg
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/img/ 8 KB
8 KB 12ms
11ms Image
image/jpeg 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/img/fallback.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14607db250fa522f36a92a9902791cac17738aa8a79844dc4ecb73dc4204533e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:47 GMT
last-modified: Mon, 14 Dec 2020 01:24:26 GMT
server: AmazonS3
x-amz-request-id: 4E133187574E98E9
etag: "8f5a5f8613a5e0b2617e7fd6df8ebc28"
access-control-allow-methods: GET,POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=246320
accept-ranges: bytes
content-length: 7795
x-amz-id-2: bzgYJR8YzXdk+sUDkAUerRy68bvjRXu3p3qZv7dL3tekK8k57EeV5cEnDAg4GCqgr/WQ5Dft+EY=
expires: Sun, 27 Dec 2020 08:36:07 GMT

GET
H2 200 s44673496974830
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
141 B 21ms
21ms Image
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s44673496974830?AQB=1&ndh=1&pf=1&t=24%2F11%2F2020%2013%3A10%3A47%204%20-60&cid.&newsnkidcookie.&id=d20917be950c715c9fb91eb5bd855e20&as=1&.newsnkidcookie&.cid&vid=d20917be950c715c9fb91eb5bd855e20&mid=17320425267587368930944674000173850612&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Cnews%7Cvideo%7Cqantas%20investigates%20how%20employee%20contracted%20covid-19&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns&cc=AUD&events=event8%2Cevent54&v1=news%20corp%20au&v2=herald%20sun&v3=herald%20sun%20web&v4=news&v5=national&v9=video&v10=D%3DpageName&v11=D%3Dvid&v14=anonymous&v22=11%3A10%20PM%7CThursday&v24=New&v34=D%3Dg&v77=D%3Dmid&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=_BRGFWK6tKta7ev3QIEOXk&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:47 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 25 Dec 2020 12:10:47 GMT
server: jag
xserver: anedge-f7bfdfcfd-4lzqb
etag: 3454897134226472960-4621652873203127635
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 23 Dec 2020 12:10:47 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 103ms
102ms Image
image/gif 100.26.6.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=6218113512001&i=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&g0=news%2Cnational%2Cvideo&u=u4hQKDRTV-ZuKLR5&t=DO_JYwDoDni_TiH9g5N0SFDkDGEj&x=0&y=0&V=121&VS=BCN&n=1&b=14524&_vd=44000&_vi=Qantas%20investigates%20how%20employee%20contracted%20COVID-19%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61&_vh=heraldsun.com.au&_pu=BqDupkDM_qnVOsxYg&_pt=CfahzbDroKJtt5zogD_LDHLCAaIh0&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s3&_vcs=0&_vbr=-1&_vvs=5.354&_vpt=0&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5647924203001%2F7f8491ea-97c0-49c3-b448-a5f990f5f5d4%2F92a394d3-e2de-46f4-bbc2-f384f9e0a190%2F160x90%2Fmatch%2Fimage.jpg&_vaup=unkn&_vce=0&c=0.09&W=0&R=0&I=1&E=0&j=75&tz=-60&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.6.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-6-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 e3a4604910313c9ac1493e0e30b74cfe
content.api.news/v3/images/bin/ 47 KB
48 KB 38ms
38ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/e3a4604910313c9ac1493e0e30b74cfe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: f447cdadabc434d9d2e3d4f3f99253ddb0c8ca3b61f15c6a1f870692be4422ac

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: e3a4604910313c9ac1493e0e30b74cfe
date: Thu, 24 Dec 2020 12:10:47 GMT
last-modified: Thu, 03 Dec 2020 12:01:57 GMT
server: Akamai Image Manager
etag: 26eef68159d58b0544c1984d60ff2ee6-e3a4604910313c9ac1493e0e30b74cfe-0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=3369130
access-control-allow-headers: x-newsapi-api-key
content-length: 48304
expires: Mon, 01 Feb 2021 12:02:57 GMT

GET
H/1.1 204
No Content / Show response
newscorpau.hb.omtrdc.net/ 0
139 B 258ms
98ms XHR
text/plain 18.235.108.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newscorpau.hb.omtrdc.net/?s:sc:rsid=newscorpau-hsweb%2Cnewscorpau-global&s:sc:tracking_server=metrics.heraldsun.com.au&h:sc:ssl=1&s:user:mid=17320425267587368930944674000173850612&s:user:id=d20917be950c715c9fb91eb5bd855e20&s:aam:blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&l:aam:loc_hint=6&s:cuser:newsnkidcookie.id=d20917be950c715c9fb91eb5bd855e20&s:cuser:newsnkidcookie.as=1&s:sp:channel=National%2C%20News&s:sp:player_name=NewsCorp%20Brightcove%20Video%20Player&s:sp:hb_version=js-2.2.0.223-05c3c4&l:sp:hb_api_lvl=4&s:event:sid=1608811847488624075666&s:event:type=aa_start&l:event:duration=0&l:event:playhead=0&l:event:ts=1608811847548&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&s:asset:video_id=6218113512001&s:asset:publisher=5FE61C8B533204850A490D4D%40AdobeOrg&l:asset:length=44&s:stream:type=vod&l:stream:bitrate=5000&l:stream:fps=24&l:stream:dropped_frames=10&l:stream:startup_time=0
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 24 Dec 2020 12:10:47 GMT
Server: openresty
Connection: keep-alive

GET
H2 200 jsvid Show response
pixel.adsafeprotected.com/ 220 KB
72 KB 41ms
41ms Script
application/javascript 54.76.139.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jsvid?videoId=a27f62bd14c46a042ffbd2a895859963&anId=928981&campId=916x515&chanId=/5129/ndm.hwt/news/national&placementId=5249645958&pubCreative=138298193489
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.139.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 048403dd5239f4fb78da7e9d4b26eeaf9efe9a0c93344742f6a0ad4d176b1229

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:47 GMT
content-encoding: gzip
x-server-name: app20.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 21ms
20ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 24 Dec 2020 12:10:47 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ 0
331 B 263ms
107ms Other
image/gif 2607:f8b0:4002:c09::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kj2t167o&c=945597357030&slotId=472798678515&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c09::78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

206

file.mp4
r2---sn-4g5ednee.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1608833447/sparams/acao,ctier,ex...
Redirect Chain

https://redirector.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1608833447/sparams/ip,ipbits,e...
https://r2---sn-4g5ednee.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1608833447/sparams/acao,...

15 KB
15 KB

17ms
8ms

Media
video/mp4

2a00:1450:4001:45::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednee.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1608833447/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/23D10E4D6051C6DC6F2A2BBDF09D9133AD571EA9.189C13D1AF705F894FFD96C374D15932529D9471/key/cms1/cms_redirect/yes/mh/Bl/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5ednee/ms/nvh/mt/1608811219/mv/m/mvi/2/pl/40/file/file.mp4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:45::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

275f5949b25822667e45802442749d2577795339deb1dab9e5b4fc0b4bb283bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Dec 2019 00:56:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-15003/15004
client-protocol: quic
cache-control: private, max-age=21300
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 15004
expires: Thu, 24 Dec 2020 12:10:47 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:47 GMT
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-4g5ednee.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1608833447/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/23D10E4D6051C6DC6F2A2BBDF09D9133AD571EA9.189C13D1AF705F894FFD96C374D15932529D9471/key/cms1/cms_redirect/yes/mh/Bl/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5ednee/ms/nvh/mt/1608811219/mv/m/mvi/2/pl/40/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 695
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 340D 81 KB
22 KB 6ms
6ms Script
application/javascript 2600:9000:2156:600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/national/qantas-investigates-how-employee-contracted-covid19/video/49292d6899d6926b1398556364387f61?_hsmi=88974744&_hsenc=p2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 10207715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: Vyae0WTaykrXA25-771AIPB1fbk1Bg7R6Fx0MeiaADLLsVWu0IwmRA==

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 104ms
103ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928981&asId=c9a6adb6-61cb-32cf-618e-0cb27a8a9c77&tv={c:xOvfsI,pingTime:-8,time:22,type:l,vv:3.6.0,es:1,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:0,o:23,n:0,pp:0,pm:0},slEvents:[{sl:o,t:20,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:v,bkn:{piv:[17~100],as:[17~916.515]}}],slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:0,fm:sk5AyH0+1*.928981|11|12|131|132|141|142|151|16|17|18|191|1a|1b111|1c|1d|1e|1f|1g|1h,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:47 GMT
x-server-name: dt54.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 103ms
102ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928981&asId=c9a6adb6-61cb-32cf-618e-0cb27a8a9c77&tv={c:xOvftl,pingTime:-2,time:61,type:a,im:{sf:0,pom:1,prf:{beA:20170,beZ:20171,mfA:20173,cmA:20174,inA:20174,inZ:20180,prA:20180,prZ:20187,si:20192,poA:20194,poZ:20210,cmZ:20210,mfZ:20210,loA:20226,loZ:20227,ltA:20231,ltZ:20231}},env:{gca:false,cca:false,gca2:false},clog:[{piv:100,vs:o,r:v,w:916,h:515,t:21}],ve:{vEventCount:1,vEvents:[{t:-73,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:1,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:0,o:61,n:0,pp:0,pm:0},slEvents:[{sl:o,t:20,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:v,bkn:{piv:[56~100],as:[56~916.515]}}],slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:0,fm:sk5AxxL+1*.928981|11|12|13.10507|131|132|14.10507|141|142|151|16|17|18|191|1a|1b111|1c|1d|1e|1f|1g|1h,idMap:1*,rmeas:1,rend:1,renddet:env,slid:[],sinceFw:38,readyFired:true}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:47 GMT
x-server-name: dt58.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 56ms
56ms Image
image/gif 54.76.139.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?videoId=a27f62bd14c46a042ffbd2a895859963&anId=928981&campId=916x515&chanId=/5129/ndm.hwt/news/national&placementId=5249645958&pubCreative=138298193489&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:c9a6adb6-61cb-32cf-618e-0cb27a8a9c77,c:xOvfsH,sl:outOfView,em:false,fr:true,mn:app20ie,pt:1-2-3-4-5-6-7-8-9-10-11-12-13-14-15,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:v,br:u,abv:na,an:n,oam:0,vc:jv3,scm:publ2.grpm2.vidqua_4_so_2,nbld:0,fm:sk5AyH0+1*.928981|11|12|131|132|141|142|151|16|17|18|191|1a|1b111|1c|1d|1e|1f|1g|1h,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:1,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:jsvid,thd:1,et:22,oid:0e7a8293-45e1-11eb-a1c5-02467abe7cd0,v:19.8.152,sp:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.139.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:47 GMT
x-server-name: app39.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 s47720970173548
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
139 B 23ms
22ms Image
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s47720970173548?AQB=1&ndh=1&pf=1&t=24%2F11%2F2020%2013%3A10%3A47%204%20-60&cid.&newsnkidcookie.&id=d20917be950c715c9fb91eb5bd855e20&as=1&.newsnkidcookie&.cid&vid=d20917be950c715c9fb91eb5bd855e20&mid=17320425267587368930944674000173850612&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Cnews%7Cvideo%7Cqantas%20investigates%20how%20employee%20contracted%20covid-19&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns&cc=AUD&events=event8&v1=news%20corp%20au&v2=herald%20sun&v3=herald%20sun%20web&v4=news&v5=national&v9=video&v10=D%3DpageName&v11=D%3Dvid&v14=anonymous&v22=11%3A10%20PM%7CThursday&v24=New&v34=D%3Dg&v77=D%3Dmid&v145=0&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=_BRGFWK6tKta7ev3QIEOXk&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&lrt=23&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:47 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 25 Dec 2020 12:10:47 GMT
server: jag
xserver: anedge-f7bfdfcfd-ptl5j
etag: 3454897134226472960-4621513432247007883
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 23 Dec 2020 12:10:47 GMT

GET
H2 200 499a96e1c5e7a23b14c31f8d31a60edc
content.api.news/v3/images/bin/ 5 KB
5 KB 76ms
75ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/499a96e1c5e7a23b14c31f8d31a60edc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: ce3b23f402f791f14ca780de50f09ed7942084c5772b5b677163e966b8ef877b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 499a96e1c5e7a23b14c31f8d31a60edc
date: Thu, 24 Dec 2020 12:10:48 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: c36be1e166b76545ab2170cb2103f089-499a96e1c5e7a23b14c31f8d31a60edc-0
x-serial: 484
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5133281
last-modified: Wed, 23 Dec 2020 22:03:57 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 5074
expires: Sun, 21 Feb 2021 22:05:29 GMT

POST
H2 200 validate
assets.vidora.com/v1/ 0
312 B 274ms
274ms Other
application/octet-stream 2600:9000:206f:c200:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/v1/validate?api_key=newsau_video.93DFAEA2BB0A788E1466709DFF2B086C
Requested by: Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c200:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Dec 2020 12:10:48 GMT
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: R9q8UJ0fkaUt4Dr_1TnBIEGW12pRXDdfqG2RljC3rKUgZuoe8P-5XA==
expires: Thu, 24 Dec 2020 12:10:47 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 103ms
103ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928981&asId=c9a6adb6-61cb-32cf-618e-0cb27a8a9c77&tv={c:xOvfwu,pingTime:0,time:256,type:pf,clog:[{piv:100,vs:o,r:v,w:916,h:515,t:21},{vs:i,r:,t:256}],ve:{vEventCount:4,vEvents:[{t:-73,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:100,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima},{t:117,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:118,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:1,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:0,o:256,n:0,pp:0,pm:0},slEvents:[{sl:o,t:20,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:v,bkn:{piv:[250~100],as:[250~916.515]}},{sl:i,t:256,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:,bkn:{piv:[1~100],as:[1~916.515]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:106,fm:sk5AxxL+1*.928981|11|12|13.10507|131|132|14.10507|141|142|151|16|17|18|191|1a|1b111|1c|1d|1e|1f|1g|1h,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:48 GMT
x-server-name: dt43.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 104ms
103ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928981&asId=c9a6adb6-61cb-32cf-618e-0cb27a8a9c77&tv={c:xOvfBG,pingTime:-4,time:578,type:m,clog:[{piv:100,vs:o,r:v,w:916,h:515,t:21},{vs:i,r:,t:256}],ve:{vEventCount:5,vEvents:[{t:-73,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:100,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima},{t:117,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:118,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:577,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:1,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:322,o:256,n:0,pp:0,pm:0},slEvents:[{sl:o,t:20,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:v,bkn:{piv:[250~100],as:[250~916.515]}},{sl:i,t:256,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:,bkn:{piv:[322~100],as:[322~916.515]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:107,fm:sk5AxxL+1*.928981|11|12|13.10507|131|132|14.10507|141|142|151|16|17|18|191|1a|1b111|1c|1d|1e|1f|1g|1h,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:48 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 103ms
103ms Image
image/gif 100.26.6.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61&u=BqDupkDM_qnVOsxYg&d=heraldsun.com.au&g=36976&g0=news%2Cnational%2Cvideo&g1=No%20Author&n=1&f=00001&c=0.13&x=0&m=0&y=2027&o=1600&w=1200&j=30&R=1&W=0&I=0&E=6&e=4&r=&b=13127&t=CfahzbDroKJtt5zogD_LDHLCAaIh0&V=121&tz=-60&_acct=anon&_vi=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&_vp=6218113512001&_vdd=video%40heraldsun.com.au&_vs=s3&_vt=ct&_vap=&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5647924203001%2F7f8491ea-97c0-49c3-b448-a5f990f5f5d4%2F92a394d3-e2de-46f4-bbc2-f384f9e0a190%2F160x90%2Fmatch%2Fimage.jpg&_vd=44000&sn=3&sv=DiF5R8BcSCIHCtPFrXC4HABxBzYBsE&sd=1&im=06530c42&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.6.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-6-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 105ms
104ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e57f2925-22ea-96cf-7e80-dfc6920f8753&tv={c:xOvfFp,time:5226,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5227,n:0,pp:0,pm:0},slEvents:[{sl:o,t:48,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5195~0],as:[5195~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:106,fm:sk5AxxL+1.928981|11|12|13*.10507|131|14.10507|141|151|16|17|18|191|1a|1b1|1c|1d|1e|1f|1g|1h,idMap:13*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:48 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 103ms
103ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928981&asId=c9a6adb6-61cb-32cf-618e-0cb27a8a9c77&tv={c:xOvfFI,pingTime:-7,time:828,type:qf,vv:3.6.0,es:1,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:572,o:256,n:0,pp:0,pm:0},slEvents:[{sl:o,t:20,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:v,bkn:{piv:[250~100],as:[250~916.515]}},{sl:i,t:256,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:,bkn:{piv:[572~100],as:[572~916.515]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:106,fm:sk5AxxL+1*.928981|11|12|13.10507|131|132|14.10507|141|142|151|16|17|18|191|1a|1b111|1c|1d|1e|1f|1g|1h,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:48 GMT
x-server-name: dt43.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 105ms
104ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928981&asId=c9a6adb6-61cb-32cf-618e-0cb27a8a9c77&tv={c:xOvfFI,pingTime:-4,time:828,type:m,clog:[{piv:100,vs:o,r:v,w:916,h:515,t:21},{vs:i,r:,t:256}],ve:{vEventCount:6,vEvents:[{t:-73,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:100,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima},{t:117,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:118,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:577,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:827,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:1,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:572,o:256,n:0,pp:0,pm:0},slEvents:[{sl:o,t:20,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:v,bkn:{piv:[250~100],as:[250~916.515]}},{sl:i,t:256,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:,bkn:{piv:[572~100],as:[572~916.515]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:106,fm:sk5AxxL+1*.928981|11|12|13.10507|131|132|14.10507|141|142|151|16|17|18|191|1a|1b111|1c|1d|1e|1f|1g|1h,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:48 GMT
x-server-name: dt44.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 103ms
103ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928981&asId=c9a6adb6-61cb-32cf-618e-0cb27a8a9c77&tv={c:xOvfJL,pingTime:-4,time:1079,type:m,clog:[{piv:100,vs:o,r:v,w:916,h:515,t:21},{vs:i,r:,t:256}],ve:{vEventCount:7,vEvents:[{t:-73,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:100,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima},{t:117,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:118,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:577,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:827,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:1078,tp:adVideoThirdQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:1,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:823,o:256,n:0,pp:0,pm:0},slEvents:[{sl:o,t:20,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:v,bkn:{piv:[250~100],as:[250~916.515]}},{sl:i,t:256,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:,bkn:{piv:[823~100],as:[823~916.515]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:112,fm:sk5AxxL+1*.928981|11|12|13.10507|131|132|14.10507|141|142|151|16|17|18|191|1a|1b111|1c|1d|1e|1f|1g|1h,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:48 GMT
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 24ms
22ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=e64ad5d65607e8e3cc499bf&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&platform_version=6.42.4&player=players.brightcove.com%2F5348771529001%2FKjZtYFggZ_default&player_name=%5BPROD%5D%20-%20Redesign%20v6.42.4-%202020-07-02&source=&event=ad_end&web_ad_info=%7B%22plugin%22%3A%22ima3%22%2C%22pluginVersion%22%3A%223.4.4%22%2C%22adTech%22%3A%22html5%22%2C%22requestMode%22%3A%22onplay%22%2C%22timeout%22%3A4200%2C%22adType%22%3A%22preroll%22%2C%22adPodLength%22%3A1%2C%22adPodId%22%3A0%2C%22creativeFormat%22%3A%5B%22video%2Fmp4%22%5D%2C%22creativeLength%22%3A%5B1%5D%2C%22creativeId%22%3A%5B%22138298193489%22%5D%2C%22creativeIndex%22%3A%5B0%5D%2C%22wrapperCreativeIds%22%3A%5B%5B%5D%5D%2C%22adId%22%3A%5B%225249645958%22%5D%2C%22adTitle%22%3A%5B%22CCPA%2FGDPR%20Video%20Blocking%20-%20427x240v%22%5D%2C%22adSystem%22%3A%5B%22GDFP%22%5D%2C%22firstPlayedAdIndex%22%3A0%2C%22startedInAdPod%22%3A%5B0%5D%2C%22completedInAdPod%22%3A%5B0%5D%2C%22prerollDelay%22%3A470%2C%22firstPlayInSession%22%3A1608811847480%2C%22adsRequest%22%3A1608811847522%2C%22adsResponseReceived%22%3A1608811847615%2C%22adsLoading%22%3A%5B1608811847767%5D%2C%22adsAdStarted%22%3A%5B1608811847950%5D%2C%22adsAdEnded%22%3A%5B1608811849070%5D%7D&video=6218113512001&video_name=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&video_duration=44&time=1608811849100&seq=7_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 24 Dec 2020 12:10:49 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
DATA 200
OK truncated
/ 345 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd0a53c74892b427e1b0e0dff31e91dd8734de8abeef674e3c8dc67a5d14dfed

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ed1feab9e38f9e317c07b14ad48c36d7ddca801f26ceafd590bbbeb4bcfb146

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 106ms
103ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928981&asId=c9a6adb6-61cb-32cf-618e-0cb27a8a9c77&tv={c:xOvfNj,pingTime:-4,time:1299,type:m,clog:[{piv:100,vs:o,r:v,w:916,h:515,t:21},{vs:i,r:,t:256}],ve:{vEventCount:8,vEvents:[{t:-73,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:100,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima},{t:117,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:118,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:577,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:827,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:1078,tp:adVideoThirdQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:1249,tp:adVideoComplete,sl:i,volume:0,ad_duration:1,height:0,width:0}]},vv:3.6.0,es:1,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:1044,o:256,n:0,pp:0,pm:0},slEvents:[{sl:o,t:20,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:v,bkn:{piv:[250~100],as:[250~916.515]}},{sl:i,t:256,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:,bkn:{piv:[1060~100],as:[1060~916.515]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:105,fm:sk5AxxL+1*.928981|11|12|13.10507|131|132|14.10507|141|142|151|16|17|18|191|1a|1b111|1c|1d|1e|1f|1g|1h,idMap:1*,rmeas:1,rend:1,renddet:env}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:49 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 107ms
104ms Image
image/gif 3.226.16.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928981&asId=c9a6adb6-61cb-32cf-618e-0cb27a8a9c77&tv={c:xOvfND,pingTime:-1,time:1319,type:u,clog:[{piv:100,vs:o,r:v,w:916,h:515,t:21},{vs:i,r:,t:256}],ve:{vEventCount:8,vEvents:[{t:-73,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:100,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima},{t:117,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:118,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0},{t:577,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:827,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:1078,tp:adVideoThirdQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0},{t:1249,tp:adVideoComplete,sl:i,volume:0,ad_duration:1,height:0,width:0}]},ndt:7,vv:3.6.0,es:1,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:{i:1063,o:256,n:0,pp:0,pm:0},slEvents:[{sl:o,t:20,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:v,bkn:{piv:[250~100],as:[250~916.515]}},{sl:i,t:256,wc:0.0.1600.1200,ac:176.416.916.515,am:v,cc:176.416.916.515,piv:100,obst:0,th:0,reas:,bkn:{piv:[1064~100],as:[1064~916.515]}}],slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:105,metricIdList:[publ2,grpm2,vidqua_4_so_2],fm:sk5AxxL+1*.928981|11|12|13.10507|131|132|14.10507|141|142|151|16|17|18|191|1a|1b111|1c|1d|1e|1f|1g|1h,idMap:1*,rmeas:1,rend:1,renddet:env,lt:4}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:49 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 153ms
107ms Image
image/gif 100.26.6.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=6218113512001&i=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&g0=news%2Cnational%2Cvideo&u=u4hQKDRTV-ZuKLR5&t=DO_JYwDoDni_TiH9g5N0SFDkDGEj&x=0&y=0&V=121&VS=BCN&n=1&b=14524&_vd=44000&_vi=Qantas%20investigates%20how%20employee%20contracted%20COVID-19%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61&_vh=heraldsun.com.au&_pu=BqDupkDM_qnVOsxYg&_pt=CfahzbDroKJtt5zogD_LDHLCAaIh0&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=7.016&_vpt=0&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5647924203001%2F7f8491ea-97c0-49c3-b448-a5f990f5f5d4%2F92a394d3-e2de-46f4-bbc2-f384f9e0a190%2F160x90%2Fmatch%2Fimage.jpg&_vaup=unkn&_vce=0&c=0.12&W=0&R=1&I=0&E=0&j=20&tz=-60&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.6.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-6-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
BLOB 200
OK aeb2f5a4-ac03-4cf3-b877-0430a0e9b99d
https://www.heraldsun.com.au/ 57 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/aeb2f5a4-ac03-4cf3-b877-0430a0e9b99d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed13fa3f823aeb9e4ef85f0b023d01f8c7f9ee83f34ee38cd7f8597bf98daa59

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 58236
Content-Type: application/javascript

GET
BLOB 200
OK 8017ab86-1972-440a-8439-16cd69f37451
https://www.heraldsun.com.au/ 57 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/8017ab86-1972-440a-8439-16cd69f37451
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed13fa3f823aeb9e4ef85f0b023d01f8c7f9ee83f34ee38cd7f8597bf98daa59

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 58236
Content-Type: application/javascript

GET
H/1.1 200
OK segment0.ts
skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/8876dfef-ac15-4910-b8bc-12b7b3c313b0/5x/ 248 KB
0 1484ms
1382ms XHR
video/mp2t 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/8876dfef-ac15-4910-b8bc-12b7b3c313b0/5x/segment0.ts?pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:50 GMT
X-Powered-By: BC
Backend-IP: 3.105.3.160
BC-MID: true
Connection: keep-alive
Content-Length: 2385720
X-Served-By: cache-syd10157-SYD
Akamai-Mon-Iucid-Del: 815393
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1608761749.368945,VS0,VE3
X-Powered-From: gantry
ETag: "a6a5d70ebf2debd3e0b94771e6293e46"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, Range, Content-Length, Content-Range, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31485435
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Origin, Range, Accept-Encoding, Referer
Expires: Thu, 23 Dec 2021 22:08:05 GMT
X-Cache-Hits: 1

GET
H/1.1 200
OK segment0.ts Show response
skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/e8f984fa-d14d-4fbd-93e5-f08107e63e9b/5x/ 300 KB
301 KB 1511ms
1410ms XHR
video/mp2t 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/e8f984fa-d14d-4fbd-93e5-f08107e63e9b/5x/segment0.ts?pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: ad34c0b1b85d61fe76c79ae4f104937a029618c5ed53b5a18a993616a8add17a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:50 GMT
X-Powered-By: BC
Backend-IP: 13.210.163.78
BC-MID: true
Connection: keep-alive
Content-Length: 307192
X-Served-By: cache-syd10148-SYD
Akamai-Mon-Iucid-Del: 815393
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1608761685.822093,VS0,VE0
X-Powered-From: gantry
ETag: "76b56eadefaf9d95159112c0941a9c5a"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, Range, Content-Length, Content-Range, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31483274
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Origin, Range, Accept-Encoding, Referer
Expires: Thu, 23 Dec 2021 21:32:04 GMT
X-Cache-Hits: 3

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 103ms
103ms Image
image/gif 100.26.6.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61&u=BqDupkDM_qnVOsxYg&d=heraldsun.com.au&g=36976&g0=news%2Cnational%2Cvideo&g1=No%20Author&n=1&f=00001&c=0.16&x=0&m=0&y=2027&o=1600&w=1200&j=30&R=0&W=0&I=1&E=6&e=0&r=&b=13127&t=CfahzbDroKJtt5zogD_LDHLCAaIh0&V=121&tz=-60&_acct=anon&_vi=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&_vp=6218113512001&_vdd=video%40heraldsun.com.au&_vs=s2&_vt=ct&_vap=&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5647924203001%2F7f8491ea-97c0-49c3-b448-a5f990f5f5d4%2F92a394d3-e2de-46f4-bbc2-f384f9e0a190%2F160x90%2Fmatch%2Fimage.jpg&_vd=44000&sn=4&sv=DiF5R8BcSCIHCtPFrXC4HABxBzYBsE&sd=1&im=06530c42&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.6.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-6-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/bf98b11a-856c-4f7d-b2f8-09f6562b1534/10s/ 1 KB
1 KB 325ms
325ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/bf98b11a-856c-4f7d-b2f8-09f6562b1534/10s/rendition.m3u8?fastly_token=NjAwOTcyZjlfNTllMDg2YmNhYzYxYmNkYjczMjY1NGUxZjdjNTAwOTQ1MTlkZTM5MGRjY2I1YWIzOWU4N2M1ZDMzMGJmYTk0OQ%3D%3D&pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: fa158ca7cd54ed0b0f969d0207616d1cb75a4205b679139b638602b19f1de4b1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:52 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 1098
x-served-by: cache-hhn4022-HHN
x-device-group: desktop-chrome
x-timer: S1608811852.793621,VS0,VE319
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET segment1.ts
skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/e8f984fa-d14d-4fbd-93e5-f08107e63e9b/5x/ 0
0

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/2c25827c-4718-4753-b2dd-615db6438852/10s/ 1 KB
1 KB 311ms
310ms XHR
application/x-mpegurl 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/2c25827c-4718-4753-b2dd-615db6438852/10s/rendition.m3u8?fastly_token=NjAwOTcyZjlfZTg3MzE5Njg0MDgyMTBmZmEzOTgxMjAxMTllMDY4YjBlMTYyZTc4YjhhZGQwMWI5NDRiMDEzODY0ZDFmNTdlNg%3D%3D&pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 35c4044534f022dba4deca0d1421d229e4f705780df3bbdad43572c5301c04d8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:10:52 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 1094
x-served-by: cache-hhn4022-HHN
x-device-group: desktop-chrome
x-timer: S1608811852.121570,VS0,VE305
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/bf98b11a-856c-4f7d-b2f8-09f6562b1534/5x/ 638 KB
639 KB 1345ms
1310ms XHR
video/mp2t 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/bf98b11a-856c-4f7d-b2f8-09f6562b1534/5x/segment0.ts?pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: 03e87f6498409a6abd0b18af8eca3da475ae296a4563aadc0ab1d8b40b307d37

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:53 GMT
X-Powered-By: BC
Backend-IP: 13.237.90.147
BC-MID: true
Connection: keep-alive
Content-Length: 653112
X-Served-By: cache-syd10168-SYD
Akamai-Mon-Iucid-Del: 815393
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1608761390.720879,VS0,VE1
X-Powered-From: gantry
ETag: "f2b5a0ea6df5240a71a46e0c57b01ad5"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, Range, Content-Length, Content-Range, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31485455
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Origin, Range, Accept-Encoding, Referer
Expires: Thu, 23 Dec 2021 22:08:28 GMT
X-Cache-Hits: 1

GET
H/1.1 200
OK segment0.ts Show response
skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/2c25827c-4718-4753-b2dd-615db6438852/5x/ 171 KB
172 KB 164ms
130ms XHR
video/mp2t 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/2c25827c-4718-4753-b2dd-615db6438852/5x/segment0.ts?pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: 07fb207ac03022270f03e0d2ea8c28b7580bd4663c095808d3e05180640b4c76

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:52 GMT
X-Powered-By: BC
Backend-IP: 54.66.213.236
BC-MID: true
Connection: keep-alive
Content-Length: 174840
X-Served-By: cache-syd10168-SYD
Akamai-Mon-Iucid-Del: 815393
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1608761390.043256,VS0,VE1
X-Powered-From: gantry
ETag: "5996e2f490c0336382c41102ccdcf7ea"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, Range, Content-Length, Content-Range, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31485499
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Origin, Range, Accept-Encoding, Referer
Expires: Thu, 23 Dec 2021 22:09:11 GMT
X-Cache-Hits: 1

GET
H/1.1 200
OK segment1.ts Show response
skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/2c25827c-4718-4753-b2dd-615db6438852/5x/ 171 KB
172 KB 28ms
28ms XHR
video/mp2t 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/2c25827c-4718-4753-b2dd-615db6438852/5x/segment1.ts?pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: 1d4bb1db4b6f49eb195108765161a2a540959f84c98eee81ec862f5ddb3e5554

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:52 GMT
X-Powered-By: BC
Backend-IP: 54.66.213.236
BC-MID: true
Connection: keep-alive
Content-Length: 175216
X-Served-By: cache-syd10128-SYD
Akamai-Mon-Iucid-Del: 815393
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1608761391.366094,VS0,VE1
X-Powered-From: gantry
ETag: "7e013aa08e3892c3973089af8659d6c8"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, Range, Content-Length, Content-Range, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31485544
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Origin, Range, Accept-Encoding, Referer
Expires: Thu, 23 Dec 2021 22:09:56 GMT
X-Cache-Hits: 1

GET
H/1.1 200
OK segment2.ts Show response
skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/2c25827c-4718-4753-b2dd-615db6438852/5x/ 168 KB
169 KB 28ms
27ms XHR
video/mp2t 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/2c25827c-4718-4753-b2dd-615db6438852/5x/segment2.ts?pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: 0153f96eacf13541ba9db78d76259559da435fba91868a571697e4ecb2dc6169

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:52 GMT
X-Powered-By: BC
Backend-IP: 3.105.3.160
BC-MID: true
Connection: keep-alive
Content-Length: 171832
X-Served-By: cache-syd10181-SYD
Akamai-Mon-Iucid-Del: 815393
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1608761392.758232,VS0,VE1
X-Powered-From: gantry
ETag: "bfb9a4408fdd0d00160a505c756de902"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, Range, Content-Length, Content-Range, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31485533
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Origin, Range, Accept-Encoding, Referer
Expires: Thu, 23 Dec 2021 22:09:45 GMT
X-Cache-Hits: 1

GET
H/1.1 200
OK segment3.ts Show response
skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/2c25827c-4718-4753-b2dd-615db6438852/5x/ 168 KB
169 KB 1299ms
1299ms XHR
video/mp2t 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/2c25827c-4718-4753-b2dd-615db6438852/5x/segment3.ts?pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: 8f6fc32edf3ad2871ad2276f8cd54ecf31b596675eab8d3a6a54a3d1dca4725c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:54 GMT
X-Powered-By: BC
Backend-IP: 3.24.193.150
BC-MID: true
Connection: keep-alive
Content-Length: 171832
X-Served-By: cache-syd10157-SYD
Akamai-Mon-Iucid-Del: 815393
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1608761393.859485,VS0,VE1
X-Powered-From: gantry
ETag: "ad04098a21cb816eb985175dc4370536"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, Range, Content-Length, Content-Range, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31485595
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Origin, Range, Accept-Encoding, Referer
Expires: Thu, 23 Dec 2021 22:10:49 GMT
X-Cache-Hits: 1

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 103ms
103ms Image
image/gif 100.26.6.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=6218113512001&i=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&g0=news%2Cnational%2Cvideo&u=u4hQKDRTV-ZuKLR5&t=DO_JYwDoDni_TiH9g5N0SFDkDGEj&x=0&y=0&V=121&VS=BCN&n=1&b=14524&_vd=44000&_vi=Qantas%20investigates%20how%20employee%20contracted%20COVID-19%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61&_vh=heraldsun.com.au&_pu=BqDupkDM_qnVOsxYg&_pt=CfahzbDroKJtt5zogD_LDHLCAaIh0&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=12.016&_vpt=0&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5647924203001%2F7f8491ea-97c0-49c3-b448-a5f990f5f5d4%2F92a394d3-e2de-46f4-bbc2-f384f9e0a190%2F160x90%2Fmatch%2Fimage.jpg&_vaup=unkn&_vce=6&c=0.2&W=0&R=1&I=0&E=6&j=20&tz=-60&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.6.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-6-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 20ms
20ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Thu, 24 Dec 2020 12:10:55 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK segment1.ts
skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/bf98b11a-856c-4f7d-b2f8-09f6562b1534/5x/ 15 KB
0 1299ms
1298ms XHR
video/mp2t 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/bf98b11a-856c-4f7d-b2f8-09f6562b1534/5x/segment1.ts?pubid=5348771529001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 12:10:56 GMT
X-Powered-By: BC
Backend-IP: 3.24.230.222
BC-MID: true
Connection: keep-alive
Content-Length: 794488
X-Served-By: cache-syd10121-SYD
Akamai-Mon-Iucid-Del: 815393
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1608761391.321976,VS0,VE1
X-Powered-From: gantry
ETag: "d378d233f0974fa4ac31a5a0c781f355"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server, Range, Content-Length, Content-Range, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del, Akamai-Mon-Iucid-Ing, Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31485489
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Origin, Range, Accept-Encoding, Referer
Expires: Thu, 23 Dec 2021 22:09:05 GMT
X-Cache-Hits: 1

GET
H/1.1 204
No Content / Show response
newscorpau.hb.omtrdc.net/ 0
139 B 99ms
98ms XHR
text/plain 18.235.108.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newscorpau.hb.omtrdc.net/?s:sc:rsid=newscorpau-hsweb%2Cnewscorpau-global&s:sc:tracking_server=metrics.heraldsun.com.au&h:sc:ssl=1&s:user:mid=17320425267587368930944674000173850612&s:user:id=d20917be950c715c9fb91eb5bd855e20&s:aam:blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&l:aam:loc_hint=6&s:sp:channel=National%2C%20News&s:sp:player_name=NewsCorp%20Brightcove%20Video%20Player&s:sp:hb_version=js-2.2.0.223-05c3c4&l:sp:hb_api_lvl=4&s:event:sid=1608811847488624075666&s:event:type=start&l:event:duration=7845&l:event:playhead=0&l:event:ts=1608811855342&l:event:prev_ts=1608811847497&s:asset:type=main&s:asset:name=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&s:asset:video_id=6218113512001&s:asset:publisher=5FE61C8B533204850A490D4D%40AdobeOrg&l:asset:length=44&s:stream:type=vod&l:stream:bitrate=5000&l:stream:fps=24&l:stream:dropped_frames=10&l:stream:startup_time=0&s:meta:channel=National%2C%20News%2C%20yt%2C%20coronavirus&s:meta:brand=herald%20sun&s:meta:site=herald%20sun%20web&s:meta:autoPlay=true&s:meta:videoSource=sky&s:meta:advtType=CSAI&s:meta:a.media.network=herald%20sun&s:meta:mediacontenttype=Standard&s:meta:mediaautoplayanalytics=anonymous%7Cundefined%7Cerror%7Cyes&s:meta:abcookie=b&s:meta:a.media.streamType=video
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 24 Dec 2020 12:10:55 GMT
Server: openresty
Connection: keep-alive

GET
H/1.1 204
No Content / Show response
newscorpau.hb.omtrdc.net/ 0
139 B 102ms
101ms XHR
text/plain 18.235.108.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://newscorpau.hb.omtrdc.net/?s:sc:rsid=newscorpau-hsweb%2Cnewscorpau-global&s:sc:tracking_server=metrics.heraldsun.com.au&h:sc:ssl=1&s:user:mid=17320425267587368930944674000173850612&s:user:id=d20917be950c715c9fb91eb5bd855e20&s:aam:blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&l:aam:loc_hint=6&s:sp:channel=National%2C%20News&s:sp:player_name=NewsCorp%20Brightcove%20Video%20Player&s:sp:hb_version=js-2.2.0.223-05c3c4&l:sp:hb_api_lvl=4&s:event:sid=1608811847488624075666&s:event:type=play&l:event:duration=0&l:event:playhead=0&l:event:ts=1608811855342&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&s:asset:video_id=6218113512001&s:asset:publisher=5FE61C8B533204850A490D4D%40AdobeOrg&l:asset:length=44&s:stream:type=vod&l:stream:bitrate=5000&l:stream:fps=24&l:stream:dropped_frames=10&l:stream:startup_time=0
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.108.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 24 Dec 2020 12:10:55 GMT
Server: openresty
Connection: keep-alive

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 104ms
103ms Image
image/gif 100.26.6.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61&u=BqDupkDM_qnVOsxYg&d=heraldsun.com.au&g=36976&g0=news%2Cnational%2Cvideo&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=2027&o=1600&w=1200&j=45&R=0&W=0&I=1&E=6&e=0&r=&b=13127&t=CfahzbDroKJtt5zogD_LDHLCAaIh0&V=121&tz=-60&_acct=anon&_vi=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&_vp=6218113512001&_vdd=video%40heraldsun.com.au&_vs=s2&_vt=ct&_vap=&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5647924203001%2F7f8491ea-97c0-49c3-b448-a5f990f5f5d4%2F92a394d3-e2de-46f4-bbc2-f384f9e0a190%2F160x90%2Fmatch%2Fimage.jpg&_vd=44000&sn=5&sv=DiF5R8BcSCIHCtPFrXC4HABxBzYBsE&sd=1&im=06530c42&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.6.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-6-156.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
529 B 33ms
33ms Image
image/gif 52.210.126.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_S&asn=defChnAsset&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=dzykiqyfnvwlj0ssilbmd7xa7i5xk1608811842&tl=Qantas%20investigates%20how%20employee%20contracted%20COVID-19&prv=1&c6=vc,b04&ca=au-102695_b04_6218113512001&cg=hwt%20news%20videos&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,hwt%20news%20videos&plugv=BC-5.1.0.10&playerv=BC-6.42.4&sup=0&segment2=&segment1=&forward=1&ad=0&cr=4_00_99_V1_00000&c9=devid,&enc=true&c1=nuid,57nxavbqg7e7bwsmzppr6gcsjjjas1608811841&at=view&rt=video&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16088118423053046&c30=bldv,6.0.0.563&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&sd=44.096000000000004&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=6218113512001&c3=st,c&c64=starttm,1608811856&adid=6218113512001&c58=isLive,false&c59=sesid,dvwiw1exkelovthnsnfraa92m0yq71608811847&c61=createtm,1608811856&c63=pipMode,&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c77=adsuprt,1&uoo=&evdata=&c71=ottflg,0&c72=otttyp,none&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fqantas-investigates-how-employee-contracted-covid19%2Fvideo%2F49292d6899d6926b1398556364387f61%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_TBR0UnVXm9Jc6rhMl7sDpKVu_ckyxC0_fe5cjNOHm6gmNK7vMDGv0RjBHTSGw0p220XPQ6YPgkAiPWMB0QIknVVJns_BRGFWK6tKta7ev3QIEOXk&c66=mediaurl,https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Fclear%2F5647924203001%2F7f8491ea-97c0-49c3-b448-a5f990f5f5d4%2F10s%2Fmaster.m3u8%3Ffastly_token%3DNjAwOTcyZjlfZTFjYWUxMGFmNDc2MTMwN2ZhNjIwNjk1NDk0MTgyZWJjYmRjNTVmM2ExODlmNTNiYjhlNmM0MzkxM2UyNTY4ZA%253D%253D%26pubid%3D5348771529001&c62=sendTime,1608811856&rnd=333026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.126.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 12:10:56 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: heraldsun.digitaleditions.com.au
URL: http://heraldsun.digitaleditions.com.au/

Domain: www.heraldsun.com.au
URL: http://www.heraldsun.com.au/digitalprinteditions

Domain: cf-images.ap-southeast-2.prod.boltdns.net
URL: https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/6d96f592-dd97-4de0-b25f-021ba8d5e656/1280x720/match/image.jpg

Domain: skynewsau-vod.akamaized.net
URL: https://skynewsau-vod.akamaized.net/media/v1/hls/v4/clear/5647924203001/7f8491ea-97c0-49c3-b448-a5f990f5f5d4/e8f984fa-d14d-4fbd-93e5-f08107e63e9b/5x/segment1.ts?pubid=5348771529001

Verdicts & Comments Add Verdict or Comment

235 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 19:17:03	Name: NID Value: 205=Jx_9EMDZYQSUfCj4paUxv5gzLtDpgWC53Feoaj7uC39KMbdgFQRfkqsJQJzJL6zIsMaPeRFGQjNOTkIwM2oK6xamKb9KUCmo37EdK5uuQ6lLrD4D6uLclm1DnbOzrpYywO1iKFIqymOuot-w8QFeqpq2SiJ18jzqEvF0e4y1fuo
.doubleclick.net/	1970-01-19 14:53:32	Name: test_cookie Value: CheckForPermission
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: hs%257Cnews%257Cvideo%257Cqantas%2520investigates%2520how%2520employee%2520contracted%2520covid-19%2C59%2C59%2C1200
.heraldsun.com.au/	1969-12-31 23:59:59	Name: tp Value: 2027
.imrworldwide.com/	1970-01-20 00:15:07	Name: IMRID Value: 0c7d52b0-45e1-11eb-828c-29f69561f906
.imrworldwide.com/	1970-01-20 00:15:07	Name: SSCVER Value: v1
www.heraldsun.com.au/	1969-12-31 23:59:59	Name: GED_PLAYLIST_ACTIVITY Value: W3sidSI6IktpT3YiLCJ0c2wiOjE2MDg4MTE4NDQsIm52IjoxLCJ1cHQiOjE2MDg4MTE4NDAsImx0IjoxNjA4ODExODQwfV0.

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VXhrQm8z35WcW8r7rXW4brtzZW26rJbN4k-kK7N72QT_h2-Hx1V1-WJV7CgBS7W5vvw_58RB70bW6Q9crd7bzJl3N3_phJFYhlndN7_l-CB7GdLBW3HW5Ml5V-cNbW8QkK1Z1DYbkHW30KC3g70q0J8W1xQvD64np7CsW1vtPKz8MKMFtW80Dksm5YgWRdW8lR-v85T2_5yN8RHySKrHNQwW7mS-wK65Lv-QW87jNg73nhFQMW84mlcj7PTRhLW49KZBR5vtR4ZW5NBYRk5Vwp_fW2j5lHQ1VfT1mW5ZWfm68znDmNW36pslJ2Mhnt5N8tRBVd5pgf7W8mf0_B3zFw2SVDvrKq58s7bmW6Ml3z45klL-SW7t6FPs1KLbWyN8fXJWr8KhZwN2w5fYzz8GX4W8r31W84w0BfZN9kqM_3cv_T-W6Y5-rq5989cW3bdN1(Line 13) Message: toS
console-api	log	URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js(Line 8) Message: NewsCorp - RePlayer 1.3.24b
console-api	warning	URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1) Message: VIDEOJS: WARN: A plugin named "contribAds6Shim" already exists. You may want to avoid re-registering plugins!
console-api	warning	URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1) Message: VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api	log	URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18) Message: UTRACK loaded (from tealium)
console-api	warning	URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1) Message: VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api	warning	URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1) Message: VIDEOJS: WARN: A plugin named "chartbeat" already exists. You may want to avoid re-registering plugins!
console-api	log	URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3) Message: vidora-client 1.3.3 68d5ea1ec45c96bafd89f1a57b8aa2345fbf87f3
console-api	log	URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1) Message: %c Vidora API finished initializing! background: #222; color: #b9da52
console-api	error	URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3) Message: vidora-client included twice!
console-api	log	URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1) Message: VIDEOJS: Setting up IMA middleware
console-api	log	URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3) Message: vidora-client 1.3.3 68d5ea1ec45c96bafd89f1a57b8aa2345fbf87f3
console-api	error	URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1) Message: VIDEOJS: ERROR: SSAI plugin not in use.
console-api	log	URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js(Line 8) Message: Play unmuted was blocked, muting content.
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32) Message: a: 0.001953125 ms
console-api	log	URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1) Message: VIDEOJS: ima3-started
console-api	log	URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1) Message: VIDEOJS: ima3-complete
console-api	log	URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js(Line 59) Message: [13:10:49 GMT+0100 (Central European Standard Time).071] [ERROR] [RuleEngine] API:trackEvent(AdComplete) - MediaHeartbeat is not tracking any AdBreak, call "API:trackEvent(AdBreakStart)" to begin tracking AdBreak
console-api	log	URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js(Line 59) Message: [13:10:49 GMT+0100 (Central European Standard Time).071] [ERROR] [RuleEngine] API:trackEvent(AdBreakComplete) - MediaHeartbeat is not tracking any AdBreak, call "API:trackEvent(AdBreakStart)" to begin tracking AdBreak
console-api	warning	URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1) Message: VIDEOJS: WARN: Problem encountered with the current HLS playlist. Aborted early because there isn't enough bandwidth to complete the request without rebuffering. Switching to another playlist.
console-api	warning	URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1) Message: VIDEOJS: WARN: player.hls is deprecated. Use player.tech().hls instead.
console-api	warning	URL: https://players.brightcove.net/5348771529001/KjZtYFggZ_default/index.min.js(Line 1) Message: VIDEOJS: WARN: player.hls is deprecated. Use player.tech().hls instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
api.vidora.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
bcc671d4074fca4a55c00cd5c9c283d0.safeframe.googlesyndication.com
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cf-images.ap-southeast-2.prod.boltdns.net
cm.everesttech.net
content.api.news
csi.gstatic.com
dpm.demdex.net
dt.adsafeprotected.com
edge.api.brightcove.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heraldsun.digitaleditions.com.au
ib.adnxs.com
imasdk.googleapis.com
info.silobreaker.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
manifest.prod.boltdns.net
metrics.brightcove.com
metrics.heraldsun.com.au
newscorpau.demdex.net
newscorpau.hb.omtrdc.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
players.brightcove.net
px.ads.linkedin.com
r2---sn-4g5ednee.gvt1.com
redirector.gvt1.com
resourcesssl.newscdn.com.au
s0.2mdn.net
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
skynewsau-vod.akamaized.net
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
t.co
tags.news.com.au
tags.tiqcdn.com
tpc.googlesyndication.com
ts2020-indies-client.web.app
uconnect.tealiumiq.com
vjs.zencdn.net
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.linkedin.com
cf-images.ap-southeast-2.prod.boltdns.net
heraldsun.digitaleditions.com.au
skynewsau-vod.akamaized.net
www.heraldsun.com.au
100.26.6.156
104.244.42.5
104.244.42.67
104.75.88.206
13.226.89.119
143.204.94.113
15.237.136.106
151.101.113.108
151.101.114.217
151.101.65.195
172.217.21.226
172.217.23.102
18.235.108.184
184.24.9.204
184.31.90.174
185.33.220.145
185.33.221.89
199.232.136.157
199.60.103.2
2.16.186.24
2.18.233.169
2.18.233.28
2.21.37.152
216.58.208.38
2600:9000:206f:c200:4:77d:a0c0:93a1
2600:9000:20eb:5800:18:1fcd:34e:d2a1
2600:9000:2127:5000:2:42d9:3100:93a1
2600:9000:2127:d200:1e:a43d:b640:93a1
2600:9000:2156:600:8:48e:53c0:93a1
2600:9000:2156:9600:2:42d9:3100:93a1
2607:f8b0:4002:c09::78
2620:1ec:21::14
2a00:1450:4001:45::8
2a00:1450:4001:808::2001
2a00:1450:4001:808::2008
2a00:1450:4001:814::2004
2a00:1450:4001:817::2003
2a00:1450:4001:817::200a
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2006
2a00:1450:4001:81d::2001
2a00:1450:4001:81e::2002
2a02:26f0:eb:3a3::25ea
2a04:4e42:1b::539
2a04:4e42:3::729
2a05:f500:11:101::b93f:9005
3.226.16.32
34.241.138.222
35.227.202.26
35.244.232.184
50.19.224.62
52.210.126.126
52.212.154.51
52.49.200.205
52.59.116.27
54.76.139.236
65.9.7.85
65.9.96.43
80.252.91.53
92.122.106.155
99.81.11.244
0153f96eacf13541ba9db78d76259559da435fba91868a571697e4ecb2dc6169
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
026dd34e0bbccfaa6e1d71a5f05f69938edfce8dac603f2641495358cb7af054
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
03e87f6498409a6abd0b18af8eca3da475ae296a4563aadc0ab1d8b40b307d37
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
048403dd5239f4fb78da7e9d4b26eeaf9efe9a0c93344742f6a0ad4d176b1229
06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3
07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
07fb207ac03022270f03e0d2ea8c28b7580bd4663c095808d3e05180640b4c76
08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f
09139ad202561e2fdade50caa06404d799600ef95f44971d65c39817c719cf8c
091c2733df586042615d79b6fe413e3f33b87eb090beee72c3ac3e820110b5fd
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
0976b04038b9645197a455da158f117d8d14bae591f72c7f26f5c99191d9e777
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554
1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c
120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7
12183e7d5baa92ec7d0e2cb945efcd6ceaca9a8cc0cec27e22645da8e7fbdd80
14607db250fa522f36a92a9902791cac17738aa8a79844dc4ecb73dc4204533e
1c50a241cbea2b539def0f70cc8e2d83fc5db0f9e5d037156bb9bbefe3585a76
1cbb7d4ea7b742e403365f45817dd9171cd6dc734f8a6d067543552b460b4278
1d4bb1db4b6f49eb195108765161a2a540959f84c98eee81ec862f5ddb3e5554
1ed1feab9e38f9e317c07b14ad48c36d7ddca801f26ceafd590bbbeb4bcfb146
24d46d8e3acb38a5400228d4867f749de0e08b2366a6321698da8c4f12b7a17c
275f5949b25822667e45802442749d2577795339deb1dab9e5b4fc0b4bb283bf
27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2f268d279a69b0e891b11ca271274581c29904060421bde47e2be30886a3f20c
2fdf399a1f619ed195d34bd03bdad1cb87de584bfe3fc55ec50edd9324157198
34d7e05910aac6f533cb31a9dffc4e37213c93c3b90a545b4f3bcedea3e6d03c
34f49195283df69489aa34d54ef265fa1f082a3672130049aa88b4ccbbb367f4
353e73ac5e682c58374b49d7b231417235fe2f646742eafcef98aed4021b64f9
359ae88af34132a98271ad73e6915d0d2bf125c3b8f5a0c03162c619ba249800
35c4044534f022dba4deca0d1421d229e4f705780df3bbdad43572c5301c04d8
37839f90f9c430af4b063874e26d8986b8ceb01ebcdad7eedb4977c833116693
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
3baf649fc6fbe4afcf655636b70d9ae4df87f42c3d3f65ad0830f5337ed4f10b
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
41ec74962c8671e1e12ada91bd892906b4562a56a920f03f27b25d8c404f5b5e
43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
50ad3657dc7d4e79dbce08ae7fee84ace0b119dd852baeb01fa824c60130c962
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
5ba313b7fa9dd06ba89db2a1f6c6642375203f081bf64563d8571e0ef07a0739
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5e7ed022e6412f6c1416fe649aeb461650491238f7f7ee77bdc0a35435fa891a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
65d18267b044e365ab6986dadea1678d9271631b23b0981c47100901da7726c3
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
672a9fdba5d8730c105d2a0b0fc154ee326af82fe9c6b684dda69f31f82f0c95
678c16283762d2d1a12c9b055cf3e4333ca3c4c6638a95741f1130084882756f
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
68d6cdbb96f4426305433e791d6edab37b560be57a20386a11e4126bae582dae
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78019648f069149488cb2c763d86dcce82ad1e600e2c1909c770efc0be1a2543
8342f6ccd6bc8ab5dbb1129c4db9a7a73b8a340ff497ba9eb3cc4963b4034f89
835214a28209e3b776b04069672544fd53a1b20b54f61f659d856768f717dd51
89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce
8de614aa47994ff73b7deab80430dabde17ee6856b842484a889d72bee97a840
8f6fc32edf3ad2871ad2276f8cd54ecf31b596675eab8d3a6a54a3d1dca4725c
9236fff3fd1a719d8c459798778ae8cdb7c69c54f67a89c8d1554032eaa76683
93db644dbc8e278d04c93eed7fdb0aedd402554287cb153d7ce484b54116d18c
9a2b6a1fcf2724d705818d4237c71625643b8c25ced72d6def3b84d9ac8f1f42
9ee17a3f348afb23ccf3433e84cb02e05c51c5ba74613c4b3fe694b87ec0ef19
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2b87bdb1a501267eb79ee316d884e77b2e1e682a43b2adc02487815c44d907c
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a697f1b190735cdb8d09875e52347f85fe50016d2cf079aa63cdb28bf8c7248e
a8b4ea50081a30c0e0595fe9b05debdd6877b852fe4ce30e433f1d8d95cd36b0
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ad34c0b1b85d61fe76c79ae4f104937a029618c5ed53b5a18a993616a8add17a
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b00167d6e2f0b96d7aa45f921461578670ce707a8bea17c3e130152204e686eb
b078acca5079cc43614182feddcc9f3a3d5c733eb382d596f1cfcb7eaa82f326
b082d8068ad687b2383e41f04934a3fd6a3848bf0cbf1d92b050fe0b5d650d88
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4db9dfe28f7b75a76b7b2863712508ec5c71b9b01170b1e40a0f46dd73560f9
b6cf74a8b79c44a7bc435b400f7704246ed5dc79c31bb6defb4b58de5c79f9df
b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda
b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245
b81d31845c0af8598be3f409d10b01e8f28309f8d1f60cac1f2a6151c5d44a68
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0
bc46316f86170bc177dfc0046bc95d6d13d8c2c5f6565a7833d947ee0abefd99
bd9767375fb0a2d0baeffd42583c9b96e5f21e809783b8a9bb6c2bd146bf2905
befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c
c5b6d8358e6ea94fd5e4443065a730cadbacf4203dd0184de767cde9a3c94185
ce3b23f402f791f14ca780de50f09ed7942084c5772b5b677163e966b8ef877b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f071c3d036abd8b9676498f3550fa7e188fe6ffd7a698dec0a1d3848657d1e
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d373d3e420aaa9a9eb2a27b72b333ac8b3f0b2657ce3b7671dc04aee24108b19
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
dce8f620d091cc7d9a087aa5e31f9e0bb86b2ae0ef3c21c3765e54db09d0f67c
dd0a53c74892b427e1b0e0dff31e91dd8734de8abeef674e3c8dc67a5d14dfed
ddfba7b7a35ae0d6e69aaad67803bb6c14079180abeb3c20ac5fe109616bf1b7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e6d205a1311b51c8a5c7b8882d6ee57772ae4552470c687a5697ca312cc733e0
ebaf330ad588600b4b748410b4f77f3cd9c4abc18e3a240156bc6ac9814cf896
eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819
ed13fa3f823aeb9e4ef85f0b023d01f8c7f9ee83f34ee38cd7f8597bf98daa59
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f12d1eefa2cfa08ead2c75024879b2dd5da54ca629a50aa0668b6b9ff7a903eb
f2c693e926182ccfcb15af9a5a49efb21d930c9974e1fc5f9e3b257694c1d711
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f447cdadabc434d9d2e3d4f3f99253ddb0c8ca3b61f15c6a1f870692be4422ac
f4f78fe84828a6ca4a1228be075877d3bb53c0179f4b58c2186181c6bc7b30be
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
f91ec62e4c07b0b493a025bc16e236f37ea5e0a71a871e305d7eceee5b9372ce
fa158ca7cd54ed0b0f969d0207616d1cb75a4205b679139b638602b19f1de4b1
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503
feee4f8575304ee310cb7528875738b96438a7821dba9876700f18883c26a2df

www.heraldsun.com.au Open in urlscan Pro 2.18.233.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

248 Requests

95 %HTTPS

36 %IPv6

45 Domains

70 Subdomains

59 IPs

7 Countries

4900 kBTransfer

8018 kBSize

7 Cookies

49 Outgoing links

Page URL History

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

95 %
HTTPS

36 %
IPv6

45
Domains

70
Subdomains

59
IPs

7
Countries

4900 kB
Transfer

8018 kB
Size

7
Cookies

248 HTTP transactions
8 data transactions