Submitted URL: http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html
Effective URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Submission: On December 09 via api from CA

Summary

This website contacted 64 IPs in 8 countries across 42 domains to perform 249 HTTP transactions. The main IP is 104.79.88.36, located in United States and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 28th 2020. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2.21.242.220 20940 (AKAMAI-ASN1)
2 2 23.210.248.204 16625 (AKAMAI-AS)
9 60 104.79.88.36 16625 (AKAMAI-AS)
1 8 23.210.249.82 16625 (AKAMAI-AS)
1 151.101.114.217 54113 (FASTLY)
6 151.101.113.44 54113 (FASTLY)
11 104.75.88.206 16625 (AKAMAI-AS)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 2600:9000:215... 16509 (AMAZON-02)
2 52.95.128.162 16509 (AMAZON-02)
1 52.95.128.159 16509 (AMAZON-02)
2 151.101.113.181 54113 (FASTLY)
2 5 104.108.64.33 16625 (AKAMAI-AS)
1 23.111.9.35 33438 (HIGHWINDS2)
2 141.226.228.48 200478 (TABOOLA-AS)
3 104.108.60.35 16625 (AKAMAI-AS)
5 104.109.77.38 20940 (AKAMAI-ASN1)
1 151.101.1.195 54113 (FASTLY)
1 172.217.22.70 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
13 216.58.207.34 15169 (GOOGLE)
2 4 2600:9000:215... 16509 (AMAZON-02)
5 2600:9000:210... 16509 (AMAZON-02)
1 143.204.90.53 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
1 34.225.213.12 14618 (AMAZON-AES)
1 65.9.73.2 16509 (AMAZON-02)
2 184.31.90.174 20940 (AKAMAI-ASN1)
1 18.158.135.197 16509 (AMAZON-02)
1 2600:9000:210... 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
1 172.217.22.98 15169 (GOOGLE)
1 13.225.80.120 16509 (AMAZON-02)
1 4 52.17.234.162 16509 (AMAZON-02)
1 65.9.73.19 16509 (AMAZON-02)
1 34.248.49.247 16509 (AMAZON-02)
2 15.237.76.117 16509 (AMAZON-02)
1 1 54.171.42.33 16509 (AMAZON-02)
1 13.224.194.11 16509 (AMAZON-02)
1 80.252.91.52 15830 (EQUINIX-C...)
1 52.208.132.207 16509 (AMAZON-02)
11 54.77.231.46 16509 (AMAZON-02)
2 143.204.97.161 16509 (AMAZON-02)
1 199.232.52.157 54113 (FASTLY)
2 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.113.108 54113 (FASTLY)
2 4 172.217.16.134 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 172.217.21.194 15169 (GOOGLE)
1 35.227.202.26 15169 (GOOGLE)
3 7 185.33.221.53 29990 (ASN-APPNEX)
2 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 104.244.42.69 13414 (TWITTER)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
10 2600:9000:210... 16509 (AMAZON-02)
19 104.244.38.20 7415 (ADSAFE-1)
2 52.49.200.205 16509 (AMAZON-02)
1 104.244.42.131 13414 (TWITTER)
1 54.229.195.34 16509 (AMAZON-02)
249 64
Apex Domain
Subdomains
Transfer
45 heraldsun.com.au
www.heraldsun.com.au
origin.go.heraldsun.com.au
metrics.heraldsun.com.au
1 MB
41 adsafeprotected.com
cdn.adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
773 KB
23 googlesyndication.com
pagead2.googlesyndication.com
80c3cdb7f72544d3cffdfa4925c14fa9.safeframe.googlesyndication.com
tpc.googlesyndication.com
73 KB
22 doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
8228261.fls.doubleclick.net
googleads.g.doubleclick.net
144 KB
17 api.news
content.api.news
268 KB
12 news.com.au
www.heraldsun.news.com.au
www.news.com.au
tags.news.com.au
mhr.talk.news.com.au
201 KB
11 imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
71 KB
11 newscdn.com.au
resourcesssl.newscdn.com.au
76 KB
8 adnxs.com
acdn.adnxs.com
secure.adnxs.com
ib.adnxs.com
9 KB
8 taboola.com
cdn.taboola.com
trc.taboola.com
trc-events.taboola.com
144 KB
7 google.com
adservice.google.com
www.google.com
1 KB
6 googletagservices.com
www.googletagservices.com
172 KB
5 demdex.net
dpm.demdex.net
newscorpau.demdex.net
6 KB
5 tiqcdn.com
tags.tiqcdn.com
23 KB
5 scorecardresearch.com
sb.scorecardresearch.com
4 KB
4 adsrvr.org
js.adsrvr.org
insight.adsrvr.org
5 KB
4 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
in.hotjar.com
60 KB
3 google.de
www.google.de
750 B
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
3 KB
3 googleadservices.com
www.googleadservices.com
36 KB
3 serving-sys.com
secure-ds.serving-sys.com
bs.serving-sys.com
20 KB
3 newscorpaustralia.com
login.newscorpaustralia.com
3 amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
33 KB
2 googletagmanager.com
www.googletagmanager.com
77 KB
2 licdn.com
snap.licdn.com
3 KB
2 vidora.com
assets.vidora.com
4 KB
2 perfectmarket.com
widget.perfectmarket.com
32 KB
1 twitter.com
analytics.twitter.com
389 B
1 t.co
t.co
448 B
1 google.dk
adservice.google.dk
803 B
1 mookie1.com
au-gmtdmp.mookie1.com
607 B
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 everesttech.net
cm.everesttech.net
517 B
1 tealiumiq.com
uconnect.tealiumiq.com
454 B
1 chartbeat.net
ping.chartbeat.net
169 B
1 newscgp.com
au.tags.newscgp.com
48 KB
1 chartbeat.com
static.chartbeat.com
23 KB
1 web.app
ts2020-indies-client.web.app
3 KB
1 fontawesome.com
use.fontawesome.com
13 KB
1 reastatic.net
s1.rui.au.reastatic.net
9 KB
1 speedcurve.com
cdn.speedcurve.com
7 KB
0 digitaleditions.com.au Failed
heraldsun.digitaleditions.com.au Failed
249 42
Domain Requested by
42 www.heraldsun.com.au 9 redirects www.heraldsun.com.au
19 dt.adsafeprotected.com www.heraldsun.com.au
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
17 content.api.news www.heraldsun.com.au
13 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
11 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
11 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
10 static.adsafeprotected.com pixel.adsafeprotected.com
www.heraldsun.com.au
8 tags.news.com.au 1 redirects tags.tiqcdn.com
au.tags.newscgp.com
6 www.google.com securepubads.g.doubleclick.net
www.heraldsun.com.au
6 www.googletagservices.com securepubads.g.doubleclick.net
6 secure.adnxs.com 3 redirects www.heraldsun.com.au
5 cdn-gl.imrworldwide.com www.heraldsun.com.au
seccdn-gl.imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
5 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
5 sb.scorecardresearch.com 2 redirects cdn.taboola.com
www.heraldsun.com.au
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
4 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
4 secure-gl.imrworldwide.com 2 redirects secure-gl.imrworldwide.com
www.heraldsun.com.au
4 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
3 www.google.de www.heraldsun.com.au
3 googleads.g.doubleclick.net www.googleadservices.com
3 www.googleadservices.com secure-ds.serving-sys.com
www.googletagmanager.com
3 login.newscorpaustralia.com www.heraldsun.com.au
2 insight.adsrvr.org js.adsrvr.org
2 px.ads.linkedin.com 1 redirects www.heraldsun.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 snap.licdn.com www.heraldsun.com.au
snap.licdn.com
2 js.adsrvr.org secure-ds.serving-sys.com
2 metrics.heraldsun.com.au tags.news.com.au
www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 trc-events.taboola.com www.heraldsun.com.au
2 trc.taboola.com cdn.taboola.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
2 www.news.com.au 2 redirects
1 secure-dcr.imrworldwide.com
1 analytics.twitter.com static.ads-twitter.com
1 t.co www.heraldsun.com.au
1 ib.adnxs.com www.heraldsun.com.au
1 www.linkedin.com 1 redirects
1 80c3cdb7f72544d3cffdfa4925c14fa9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.dk securepubads.g.doubleclick.net
1 au-gmtdmp.mookie1.com www.heraldsun.com.au
1 acdn.adnxs.com www.heraldsun.com.au
1 static.ads-twitter.com www.heraldsun.com.au
1 in.hotjar.com script.hotjar.com
1 bs.serving-sys.com secure-ds.serving-sys.com
1 vars.hotjar.com static.hotjar.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 script.hotjar.com static.hotjar.com
1 cdn.adsafeprotected.com tags.news.com.au
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 seccdn-gl.imrworldwide.com tags.news.com.au
1 uconnect.tealiumiq.com www.heraldsun.com.au
1 static.hotjar.com tags.tiqcdn.com
1 ping.chartbeat.net www.heraldsun.com.au
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 mhr.talk.news.com.au www.heraldsun.com.au
1 use.fontawesome.com cdn.taboola.com
1 s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 s1.rui.au.reastatic.net www.heraldsun.com.au
1 origin.go.heraldsun.com.au www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
1 www.heraldsun.news.com.au 1 redirects
0 heraldsun.digitaleditions.com.au Failed www.heraldsun.com.au
249 72
Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA
2020-09-28 -
2021-09-28
a year crt.sh
a3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-11-24 -
2021-05-05
5 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
origin.go.heraldsun.com.au
Let's Encrypt Authority X3
2020-11-02 -
2021-01-31
3 months crt.sh
s1.rui.au.reastatic.net
Amazon
2020-08-19 -
2021-09-18
a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
DigiCert Baltimore CA-2 G2
2020-07-30 -
2021-08-04
a year crt.sh
p.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-11-12 -
2021-02-22
3 months crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-07-17 -
2021-06-02
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA
2020-03-16 -
2021-06-15
a year crt.sh
web.app
GTS CA 1O1
2020-04-15 -
2021-04-14
a year crt.sh
*.doubleclick.net
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2020-06-01 -
2021-06-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.imrworldwide.com
DigiCert SHA2 Secure Server CA
2020-01-21 -
2021-02-24
a year crt.sh
au.tags.newscgp.com
Amazon
2020-02-08 -
2021-03-08
a year crt.sh
*.vidora.com
Amazon
2020-04-10 -
2021-05-10
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2020-12-01 -
2021-12-30
a year crt.sh
*.hotjar.com
Amazon
2020-01-22 -
2021-02-22
a year crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA
2020-01-03 -
2021-04-03
a year crt.sh
*.tealiumiq.com
Amazon
2020-10-23 -
2021-11-22
a year crt.sh
*.adsafeprotected.com
Amazon
2020-08-19 -
2021-09-18
a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh
metrics.heraldsun.com.au
DigiCert SHA2 High Assurance Server CA
2020-04-13 -
2021-07-15
a year crt.sh
bs.serving-sys.com
Go Daddy Secure Certificate Authority - G2
2020-01-07 -
2022-03-08
2 years crt.sh
fw.adsafeprotected.com
Amazon
2020-09-09 -
2021-10-09
a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2020-08-14 -
2021-08-19
a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-29 -
2021-04-14
5 months crt.sh
www.googleadservices.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.mookie1.com
DigiCert SHA2 Secure Server CA
2020-02-21 -
2021-03-22
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.google.dk
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2020-08-05 -
2021-02-05
6 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh
www.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.google.de
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google.de
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
static.adsafeprotected.com
Amazon
2020-10-03 -
2021-11-03
a year crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh

This page contains 38 frames:

Primary Page: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Frame ID: C6EC864F9F45E357F71A5E9FF45CAB98
Requests: 162 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oFnsfOpgmVpfJ6.7IErJY~hkyi-4Zqw6&nonce=V0UiYrF5OlSwfOsitCRQOUdzq0bmk5c5&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 3F0BF348BED749FDF2F300282EF0405C
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=cMLcotmZYsiqPyhzlrZuXJXT-jxbh-y5&nonce=rnEGOwqPrLN_5baiQewAhsvDLgAw~GUI&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 25D8416761DC5B7FA920F51120A36ED1
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=UeZb.Yu6__XqCQqbKwX1mjb~ej4Dt549&nonce=_yP_N5BisKMdbuQn30bn.LstNveZnU~i&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 300911A59EF95C71C14225048009D6FF
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 3535B90F913391C464647E17FCBD3BEE
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 1CB969AC28844594CF0C0EA512B335AF
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 5538A86DA29D4981AB6A1A1B9BAB6080
Requests: 1 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: E0AA01E3A96F7562196717ACA8C77C6C
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 772A1CEC64F4B5560F31272768CBD06D
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 2EB8AA04921C20FDBB31C7341FCA1C16
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 4E0A91F5775B31DACC55A7408252510F
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: B8C84F41AD7BA38EAA9D9C7428D11197
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 2B1132AAB9BAC248ACA079A5857053BA
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CK-Iht7wv-0CFfPjuwgdoL8EKA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9644436378179.729
Frame ID: E5E5C5733F64A99171CFDC64FF437111
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CP_Dht7wv-0CFabtuwgdZeYGVw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=686470517979.0254
Frame ID: 8BEC56D05C6589664711BB963D826559
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 7E8C942F827FCC48154BA2DD84D3CF5A
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 31DE40FAEC33C574BD1281194EEB9674
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 0436881F510F6192D8768C1A20F9EDB6
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: B2759F096B4AC0E366F120FBEE81BEFD
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 14B285165CF627076BF2F327466A6CBE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlRfB1d5v5dhHDy_xBOauNE0A7Y83iupkR5n4HNTjHQCpSzpVeGVf3ZXa9F2MpxR-P14NKiqZ9QwL0htyZz2HKIbh4G1vyfjBZkLGTr5tCsoLVn5fhJCTurw0yAAAgUkvLYGzLjxqSnwGFDGLh6lGqZBXI1aC04N81K7F4k48BJn1ltM-8C-XQ7P5ADxtPDJXxgX56yETObxLstrw-T1eJSaHm4udPcOsbf-JLljKMLbUtoGJSju6-v8C3ujqtBrigSm6FnvMC&sig=Cg0ArKJSzAmegN1X6dZ0EAE&adurl=
Frame ID: 1BF2838F2DC7A46376ACFC213B8C6CE2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtkzz7rYHNBM0TCNgkdTyIBUq9N5WOnex-l3H7xqoHOklpYo488RvqT4zc5F7ca1WBpd5_6qlYeAcVZAUy6d1LsnNKY9uHsaVBR34Ay08AEutpHMK0Dcadxr0QvqlbsFB40RHAgdcZwhwTVGCf6aewSD_ic5fKtLrnoqAlSggj2s5NGuZpo14QUPfOxPqsQwzzTDuAkw77GTg2l1Km1E6mqhm6qAdoHeDDW4c1TfuK4_tjIOSIGlDtUn5Djc2XB8SvEBQ2yO-1&sig=Cg0ArKJSzH8ppI-iCYn5EAE&adurl=
Frame ID: 531F0B7287903871185690CE741AFC93
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5mywp2yPIc3ppnJ0jBbjh9hht7NbLQTA539Ix7s8kgRfkjoC6qWfoG5f_hQrKF_HRTTq3399vXUYEwydgU_COJT20VSVLrYOto_qi7vnWD54OCGNchfsmFaMSQNiTwt5I-pp_YALReS9Bjdw343BnHtuA-8S2Qosb0snXSbjRsFMC2-uBIeTqK1NSeIYutw0ZpvRBQfUtAthA7Rz6eFfOC97JY8O3JxzOKvfmH7dJz9q37Ag1Ug8tjWMxWeLlNt00HY2PpEhY&sig=Cg0ArKJSzPK1p49k4qJTEAE&adurl=
Frame ID: FE78C6F4443F9FCC5A142604A97F5A15
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv40eQhNbxv_Efksennjl-OtIsXnkcKxrNzgAAIor6LDPFtgDSfWi-FEHwK2_pSpXYT7T_SL833Li9gT6r9gPFZ_aVJMCoUyh9aLjeYav1-rFdrXTJh8i1wvhX2YmzgiuAHqGvAlqikOVjigcBREhGziraK508kqvD-yHEiKC5HLJzicv_tqRgVICYPTe_19b64pN8xgqWC5hRWlFNDLIiR9E8HGwLhw5GQeuts4m-bTHFUGUklI-l67ARBhRETbZpLSJ4u-e7l&sig=Cg0ArKJSzFP4ISi2VPXbEAE&adurl=
Frame ID: 83E6B218E54A6DEB42D482650747A187
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGlY7A8F4oP0AQhmbEv5zg0dbDa1aWVDWHj4KszJjTZVZ8VXqOy8TssUKSlRu2g-UNy84dKZW8EefOBIMMz4tXC4J0iWOGCdhHKutHP3dsYvyBWPfBuD-L6Q-R_gNssOTxLMHhyyIEUY18uWVjzeO6Gs-7-FZ75lSch5EUtZ69GRFb8w2NMrqLNDCdLT5-W5Ld8p9uihSSHuL0oUi17BpsTsNIEsYFOMrVrQbN0Bp2qg_JIj3zqnoWgPKhSu7ayMeMA7ncRLbx&sig=Cg0ArKJSzMm7tFKOTYE1EAE&adurl=
Frame ID: 1D0F45E733C9E09B79CFF1F2397E26B8
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1337133826&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd7-39c8-11eb-bd24-067f141e2336
Frame ID: 558D223B30EC1C5023B62F6AF2EDEF4F
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1939348180&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd8-39c8-11eb-bd24-067f141e2336
Frame ID: CA2845979718757B7FC0842FA66E6424
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=118083900&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd9-39c8-11eb-bd24-067f141e2336
Frame ID: 10726D3FE94482CC207E8C2AC6A0E8F1
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=361234278&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dda-39c8-11eb-bd24-067f141e2336
Frame ID: 0F47A03E28143E07DAC7686702602256
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=328257083&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6ddb-39c8-11eb-bd24-067f141e2336
Frame ID: 98DBF5464B130FC3F4F6FB2A6388C9D2
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 1E3E971E1D34B6EDE83239F6DB29B360
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 623095E390CB1C95283FF724D6AE7656
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 7FCC7FC7BF7EB8A5671A488FC17D8048
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: D2D1079B80D25FBC7AD56B748C06FE89
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 13CD632C50CD56DDCE03C5F629AD5CF4
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 59F20AC930C353C1682C54C1DDC21271
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 95C449E451552BAEF30B00A3627C1664
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 36220D8C0E72B56EB97A0CFA3EA02959
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
    http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
    https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&160... HTTP 302
    https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i

Overall confidence: 100%
Detected patterns
  • script /serving-sys\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

249
Requests

100 %
HTTPS

31 %
IPv6

42
Domains

72
Subdomains

64
IPs

8
Countries

3548 kB
Transfer

6519 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
    http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
    https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&160748189786348616 HTTP 302
    https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1607481900934&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1607481900934&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Request Chain 36
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1607481900935&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607481900935&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Request Chain 37
  • https://www.heraldsun.com.au/digitalprinteditions HTTP 301
  • https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F HTTP 0
  • http://heraldsun.digitaleditions.com.au/
Request Chain 50
  • https://www.heraldsun.com.au/news/opinion/rita-panahi/rita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday/news-story/b151c13e550f5f6402955cee89a82f74 HTTP 302
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fopinion%2Frita-panahi%2Frita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday%2Fnews-story%2Fb151c13e550f5f6402955cee89a82f74&memtype=anonymous&mode=premium
Request Chain 51
  • https://www.heraldsun.com.au/sport/cricket/big-bash/kfc-SuperCoach-plus-article-final-week-checklist-and-all-the-latest-bbl-news-you-need-to-know/news-story/c6412d0ff6b11d260a87097e5c28b17e HTTP 302
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fcricket%2Fbig-bash%2Fkfc-SuperCoach-plus-article-final-week-checklist-and-all-the-latest-bbl-news-you-need-to-know%2Fnews-story%2Fc6412d0ff6b11d260a87097e5c28b17e&memtype=anonymous&mode=premium&offerset=sc_hs_premium
Request Chain 54
  • https://www.heraldsun.com.au/sport/afl/western-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval/news-story/ea5f87cf0dfae34752b94b36d7024de7 HTTP 302
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fwestern-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval%2Fnews-story%2Fea5f87cf0dfae34752b94b36d7024de7&memtype=anonymous&mode=premium
Request Chain 55
  • https://www.heraldsun.com.au/sport/afl/recruiter-gary-buckenara-names-his-top-50-prospects-for-the-2020-afl-draft/news-story/80f564a4e5c1efa9f037b83031bda197 HTTP 302
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Frecruiter-gary-buckenara-names-his-top-50-prospects-for-the-2020-afl-draft%2Fnews-story%2F80f564a4e5c1efa9f037b83031bda197&memtype=anonymous&mode=premium
Request Chain 57
  • https://www.heraldsun.com.au/truecrimeaustralia/police-courts/celeste-mannos-mum-vows-to-fight-for-change-in-her-daughters-memory/news-story/ff687817bd143469f6e810c57a9e711f HTTP 302
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fceleste-mannos-mum-vows-to-fight-for-change-in-her-daughters-memory%2Fnews-story%2Fff687817bd143469f6e810c57a9e711f&memtype=anonymous&mode=premium
Request Chain 61
  • https://www.heraldsun.com.au/lifestyle/food/chibog-offers-a-taste-of-the-philippines-in-west-footscray/news-story/deba077c7569b328911ff9333fa6ac9d HTTP 302
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Ffood%2Fchibog-offers-a-taste-of-the-philippines-in-west-footscray%2Fnews-story%2Fdeba077c7569b328911ff9333fa6ac9d&memtype=anonymous&mode=premium
Request Chain 88
  • https://secure-gl.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 102
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607481901532 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607481901532
Request Chain 110
  • https://cm.everesttech.net/cm/dd?d_uuid=39860089644780913332610032048156549655 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9A6LQAAAJHINx__
Request Chain 112
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607481901727&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-b5afc5b1e0e647b28f0e2ae9786317d9&tz=1 HTTP 302
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607481901727&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-b5afc5b1e0e647b28f0e2ae9786317d9&tz=1&ja=1
Request Chain 124
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9644436378179.729 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CK-Iht7wv-0CFfPjuwgdoL8EKA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9644436378179.729
Request Chain 125
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=686470517979.0254 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CP_Dht7wv-0CFabtuwgdZeYGVw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=686470517979.0254
Request Chain 129
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Request Chain 130
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Request Chain 131
  • https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Request Chain 142
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607481902047 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1607481902047%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607481902047&liSync=true

249 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html
  • http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html
  • https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html
  • https://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&160748189786348616
  • https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
339 KB
61 KB
Document
General
Full URL
https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
0f825080cc576dc4a60008db41aa7d0232dd907c4c7bcae8b67350bf8b94d131
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.heraldsun.com.au
:scheme
https
:path
/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
n_regis=123456789
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=vHJnhISA3j5IXr5Cj3jfyek86Rl1KJehjYve/LIG9bdtyvhA8hW/t8CQH6w7g3cALwPl/Z2qSzJ+4bgo99P0l2nHidaUXcVovnlLbMAqMDwNAdB7XujH8ZbZmRZE; Expires=Wed, 16 Dec 2020 02:44:58 GMT; Path=/ nk=bc65a0576d8df0c7dc57b9f9daa67b9f; expires=Sat, 09 Dec 2023 02:45:00 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=vHJnhISA3j5IXr5Cj3jfyek86Rl1KJehjYve/LIG9bdtyvhA8hW/t8CQH6w7g3cALwPl/Z2qSzJ+4bgo99P0l2nHidaUXcVovnlLbMAqMDwNAdB7XujH8ZbZmRZE; Expires=Wed, 16 Dec 2020 02:44:58 GMT; Path=/; SameSite=None; Secure
x-powered-by
WordPress VIP <https://wpvip.com>
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
vary
User-Agent Accept-Encoding
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3dbc65a0576d8df0c7dc57b9f9daa67b9f-1607481897&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-arrrg5
BlaizeHappened
x-rq
bom2 115 229 3098
x-xss-protection
1
x-content-type-options
nosniff
host-header
a9130478a60e5f9135f765b23f26593b
content-encoding
gzip
expires
Wed, 09 Dec 2020 02:45:00 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 09 Dec 2020 02:45:00 GMT

Redirect headers

server
AkamaiGHost
content-length
154
content-type
text/html
location
https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
set-cookie
nk=bc65a0576d8df0c7dc57b9f9daa67b9f; expires=Sat, 09 Dec 2023 02:44:57 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary
Accept-Encoding
etag
"05563c72b22b39afb384f19701c03047:1600838589.100191"
expires
Wed, 09 Dec 2020 02:44:57 GMT
cache-control
max-age=0, no-cache
pragma
no-cache
date
Wed, 09 Dec 2020 02:44:57 GMT
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/
1 B
594 B
Stylesheet
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-rq
ewr4 114 53 3167
last-modified
Fri, 06 Nov 2020 23:21:49 GMT
server
nginx
etag
"5fa5da8d-1"
vary
User-Agent
content-type
text/css
expires
Wed, 09 Dec 2020 02:45:40 GMT
cache-control
max-age=40
date
Wed, 09 Dec 2020 02:45:00 GMT
is-https
true
content-length
1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
lux.js
cdn.speedcurve.com/js/
21 KB
7 KB
Script
General
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
ef024a5f6a6afe4d445fd60002ff33e71b80ca52cbaab97153e31ab62b40d379
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
age
7739
x-cache
HIT
content-length
6883
x-served-by
cache-hhn4057-HHN
access-control-allow-origin
*
last-modified
Wed, 09 Dec 2020 00:36:01 GMT
server
Apache
x-timer
S1607481901.630415,VS0,VE0
date
Wed, 09 Dec 2020 02:45:00 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 16 Dec 2020 00:36:01 GMT
cache-control
max-age=604800
x-ua-compatible
IE=edge
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
25
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/
219 KB
33 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e3e3a7fb48024d92e9e8c43b7f636b0256f69c61114735d327ca43171ad5d11

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
xaHQxRd3IZ_ierdet9nOE52MRM_0UZca
content-encoding
gzip
etag
"36646c3461d28769806876833f62d9e4"
age
0
x-cache
HIT
content-length
33392
x-amz-id-2
lbnmFSHl5ZGw1FnmD29zkBV56WRtEqg0fsIgmSt9eJSnwqr8VhkCMpI9WDoaDu1511hxyPTwKns=
x-served-by
cache-hhn4030-HHN
last-modified
Sun, 29 Nov 2020 14:15:40 GMT
server
AmazonS3
x-timer
S1607481901.567441,VS0,VE97
date
Wed, 09 Dec 2020 02:45:00 GMT
vary
Accept-Encoding
x-amz-request-id
DF2B8ACDEE480DCE
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
76
x-cache-hits
1
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/
8 KB
4 KB
Image
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:00 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
3055
x-rq
bom2 116 215 3090
last-modified
Fri, 06 Nov 2020 23:30:15 GMT
server
nginx
etag
W/"5fa5dc87-1f69"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2499754
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 07 Jan 2021 01:07:34 GMT
a7e3d1f32fa4b447c1befeb36cf759b6
content.api.news/v3/images/bin/
27 KB
27 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/a7e3d1f32fa4b447c1befeb36cf759b6?width=1024
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8f7aa3df4d2e429247f0c7e44a2a3006ff423e8fea24c36f2b0156f71d1ceca0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
a7e3d1f32fa4b447c1befeb36cf759b6
date
Wed, 09 Dec 2020 02:45:00 GMT
last-modified
Wed, 09 Dec 2020 00:51:43 GMT
server
Akamai Image Manager
etag
c996c2285d6d0715c309feef79822c51-a7e3d1f32fa4b447c1befeb36cf759b6-1024
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5177213
access-control-allow-headers
x-newsapi-api-key
content-length
27205
expires
Sun, 07 Feb 2021 00:51:53 GMT
2a359fa970da8e89fa34b2c536ab4576
content.api.news/v3/images/bin/
4 KB
4 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/2a359fa970da8e89fa34b2c536ab4576?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a3512335a2e1587c9914cc5711b17a5d1c9e4ae60f4721714baa9ec805b7c092

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
2a359fa970da8e89fa34b2c536ab4576
date
Wed, 09 Dec 2020 02:45:00 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
6ab45024151d9e095557481243f724b9-2a359fa970da8e89fa34b2c536ab4576-150
x-serial
1571
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5165315
last-modified
Tue, 08 Dec 2020 21:34:17 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
3923
expires
Sat, 06 Feb 2021 21:33:35 GMT
c6835f6533bcb01802c4755834e99012
content.api.news/v3/images/bin/
4 KB
4 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/c6835f6533bcb01802c4755834e99012?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8f44f60c9c455af508f75855f13e8989ea8e395f5ab9329da06a2387922fafc4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
c6835f6533bcb01802c4755834e99012
date
Wed, 09 Dec 2020 02:45:00 GMT
last-modified
Tue, 08 Dec 2020 23:25:59 GMT
server
Akamai Image Manager
etag
e968eab513c5c657bbcacd38537b08c1-c6835f6533bcb01802c4755834e99012-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5172099
access-control-allow-headers
x-newsapi-api-key
content-length
3804
expires
Sat, 06 Feb 2021 23:26:39 GMT
92ef42d6d9308119986e06d434c98a16
content.api.news/v3/images/bin/
41 KB
41 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/92ef42d6d9308119986e06d434c98a16?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ea924a43e215dc33b6f029e37fa7c89b14aad79909ebd00aaa3f78b96339a166

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
92ef42d6d9308119986e06d434c98a16
date
Wed, 09 Dec 2020 02:45:00 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
82444df4ec503a70340103e9008ff674-92ef42d6d9308119986e06d434c98a16-650
x-serial
336
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5177105
last-modified
Wed, 09 Dec 2020 00:49:01 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
41760
expires
Sun, 07 Feb 2021 00:50:05 GMT
5cec34e665ad07660ad9e6072d69f27d
content.api.news/v3/images/bin/
3 KB
3 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/5cec34e665ad07660ad9e6072d69f27d?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
876e1e0ee634961bee6ed09fc958445fed4966a255a4f1ec381ecebb83cca48e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
5cec34e665ad07660ad9e6072d69f27d
date
Wed, 09 Dec 2020 02:45:00 GMT
last-modified
Wed, 09 Dec 2020 01:10:00 GMT
server
Akamai Image Manager
etag
458e0cad83c3a6420f5a88dbc38685c0-5cec34e665ad07660ad9e6072d69f27d-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5178208
access-control-allow-headers
x-newsapi-api-key
content-length
3008
expires
Sun, 07 Feb 2021 01:08:28 GMT
97388504db6714a25b9c716ece1e3b42
content.api.news/v3/images/bin/
5 KB
5 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/97388504db6714a25b9c716ece1e3b42?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ddc7e3d1d80e6da62dc20bf916bb0672ae9b68ed7521655e7f14ab0bfffa199b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
97388504db6714a25b9c716ece1e3b42
date
Wed, 09 Dec 2020 02:45:00 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
99e85b91f8f45010d6f2872355745907-97388504db6714a25b9c716ece1e3b42-150
x-serial
1831
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5181913
last-modified
Wed, 09 Dec 2020 02:11:13 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
4671
expires
Sun, 07 Feb 2021 02:10:13 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
12 KB
13 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:00 GMT
Last-Modified
Fri, 25 Sep 2020 03:04:51 GMT
Server
AmazonS3
x-amz-request-id
EE3D21683166F96F
ETag
"da48b0752549dabb4675d82412c9cd2d"
Access-Control-Allow-Methods
GET,POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=419476
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12440
x-amz-id-2
BGzA4H6MhiNFsVMRHnDid7w0RneCV9f+L69FdEMmbqtC5J6BXqShCVeo7uP6Jum7BVtWfb2VAeI=
Expires
Sun, 13 Dec 2020 23:16:16 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
16 KB
16 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:00 GMT
Last-Modified
Tue, 01 Sep 2020 04:31:33 GMT
Server
AmazonS3
x-amz-request-id
34B4778288C88CAA
ETag
"899c8f78ce650d4009d42443897aa723"
Access-Control-Allow-Methods
GET,POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=257919
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16112
x-amz-id-2
0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
Expires
Sat, 12 Dec 2020 02:23:39 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
16 KB
16 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:00 GMT
Last-Modified
Tue, 22 Sep 2020 06:30:09 GMT
Server
AmazonS3
x-amz-request-id
B9F079BFD69B8BC1
ETag
"c85615b296302af51e683eecb5e371d4"
Access-Control-Allow-Methods
GET,POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=361943
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15948
x-amz-id-2
DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
Expires
Sun, 13 Dec 2020 07:17:23 GMT
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
11 KB
12 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:00 GMT
Last-Modified
Fri, 25 Sep 2020 03:04:51 GMT
Server
AmazonS3
x-amz-request-id
03A09A05F9B00284
ETag
"c4ced7adf03d84494a6c1da275896d38"
Access-Control-Allow-Methods
GET,POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=425275
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11472
x-amz-id-2
7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
Expires
Mon, 14 Dec 2020 00:52:55 GMT
2eec01c25ad7c8cdd2001cc1644bfa62
content.api.news/v3/images/bin/
2 KB
2 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/2eec01c25ad7c8cdd2001cc1644bfa62?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
31bed423ce065ff8346c3bcd3e1e8586b935ffbe51bb7e8e3be3dabbe1c645b2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
2eec01c25ad7c8cdd2001cc1644bfa62
date
Wed, 09 Dec 2020 02:45:00 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
ecabe21ffecba7893373e706373be9c1-2eec01c25ad7c8cdd2001cc1644bfa62-150
x-serial
1939
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5174013
last-modified
Tue, 08 Dec 2020 23:58:57 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
2135
expires
Sat, 06 Feb 2021 23:58:33 GMT
445bdd39e6c4d159b7a5b82bdfdfacd6
content.api.news/v3/images/bin/
3 KB
4 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/445bdd39e6c4d159b7a5b82bdfdfacd6?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
71d22297d22005f07794dbf3bb49372e36371c506c7b720467888ac9e38ea097

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
445bdd39e6c4d159b7a5b82bdfdfacd6
date
Wed, 09 Dec 2020 02:45:00 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
1aec6b9f2004d999650dbb36113d3646-445bdd39e6c4d159b7a5b82bdfdfacd6-150
x-serial
185
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5175792
last-modified
Wed, 09 Dec 2020 00:29:18 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
3324
expires
Sun, 07 Feb 2021 00:28:12 GMT
ce5f5ccb01da16dbf1cb6fb859344ad1
content.api.news/v3/images/bin/
63 KB
64 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/ce5f5ccb01da16dbf1cb6fb859344ad1?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c2b6b853f4fed6850a7ed9d6f4f253dc5c46f38423517987dd13eecf02dbee58

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
ce5f5ccb01da16dbf1cb6fb859344ad1
date
Wed, 09 Dec 2020 02:45:00 GMT
last-modified
Wed, 09 Dec 2020 00:33:09 GMT
server
Akamai Image Manager
etag
cc97d6fee1ab96854d72db01963ec041-ce5f5ccb01da16dbf1cb6fb859344ad1-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5176028
access-control-allow-headers
x-newsapi-api-key
content-length
64693
expires
Sun, 07 Feb 2021 00:32:08 GMT
482b8dab016ee14ae6ba584e004bad53
content.api.news/v3/images/bin/
50 KB
50 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/482b8dab016ee14ae6ba584e004bad53?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4c1d569823d601d2615c87a02f7c1bd5572325ccab273f1199ec5aa07b4df818

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
482b8dab016ee14ae6ba584e004bad53
date
Wed, 09 Dec 2020 02:45:00 GMT
last-modified
Tue, 08 Dec 2020 21:08:25 GMT
server
Akamai Image Manager
etag
545c18a92b08d9259bc78dd1993838d6-482b8dab016ee14ae6ba584e004bad53-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5163840
access-control-allow-headers
x-newsapi-api-key
content-length
51180
expires
Sat, 06 Feb 2021 21:09:00 GMT
MASTER_Aquisition_LargeMP_2020offer.png
origin.go.heraldsun.com.au/wp-content/uploads/2020/11/
155 KB
156 KB
Image
General
Full URL
https://origin.go.heraldsun.com.au/wp-content/uploads/2020/11/MASTER_Aquisition_LargeMP_2020offer.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6474d56348e7fd4196787cc15b0c60da2d0520e541c336c71ecbcfeb8be42899

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:00 GMT
x-rq
ams8 109 83 443
last-modified
Mon, 30 Nov 2020 09:12:50 GMT
server
nginx
etag
"b1ad3589acadbdc9"
x-cache
HIT
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
159222
expires
Tue, 30 Nov 2021 09:32:11 GMT
rea-logo-v4.png
s1.rui.au.reastatic.net/rui-static/img/
8 KB
9 KB
Image
General
Full URL
https://s1.rui.au.reastatic.net/rui-static/img/rea-logo-v4.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7400:1e:c291:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:03:53 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified
Fri, 11 Aug 2017 05:25:43 GMT
server
AmazonS3
age
441668
etag
"7fb1763135890cdfa60dcb405cd51572"
x-cache
Hit from cloudfront
x-amz-version-id
itrxET0Vrz4We1UVf0nZMlYhOyBF2D8w
cache-control
max-age=20221025
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
content-length
8533
x-amz-cf-id
F-AyE9O1yc-Z5wIn7lECfsyxKPZj7nnXNwpN0LTjdK85avDrhi9wkg==
games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/
4 KB
5 KB
Image
General
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.162 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:02 GMT
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
2B65422D3F26E41E
ETag
"2fa79b1c302fa407df95b287a47e01bc"
Content-Type
image/svg+xml
x-amz-version-id
mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges
bytes
Content-Length
4533
x-amz-id-2
mP6IgF1EbmHkDsww8sNbZHUF9AwvcGC7R0po8HJGqX+aoHs3us7kk+S8joIRasxC2O0RC61Blkg=
sudoku.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/
5 KB
5 KB
Image
General
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/sudoku.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.162 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef5fa8602198232e4f3704cf1dc886cb295af0f9906b0c9d63777b5f49852b84

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:02 GMT
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
D0474191284004B0
ETag
"f980b48900de5e5e318ca4e3530b2d75"
Content-Type
image/svg+xml
x-amz-version-id
EnoeaZvtrAcNuP4vk_X8AB6oSBROL97r
Accept-Ranges
bytes
Content-Length
5207
x-amz-id-2
bhOEH8pqLAW9LvC4Iqvv+Fe9HWqvsT3dJAwtdlmQLzDp3dfk0nEyorFjPiwyntKP17D/9myZyyo=
NCHRS_thumb.jpg
s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/
22 KB
22 KB
Image
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/NCHRS_thumb.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.159 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
796946758f534f8ce84f03a606a2e491cad0092aea5aee3a59c24eb1dcfb4f7c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:02 GMT
Last-Modified
Tue, 08 Dec 2020 16:52:26 GMT
Server
AmazonS3
x-amz-request-id
0C4BF41F9CB60178
ETag
"0bdb8a354f504e9e55b7fea4ff888e36"
Content-Type
image/jpeg
x-amz-version-id
Hk9JCM4QonXSU6mlDLpZeMy7GElkh3cv
Accept-Ranges
bytes
Content-Length
22530
x-amz-id-2
ZAMAZxErbgfV+RKjfoXY5v0LDxbWiRREBa37upeJxF5OoNYmkr6/GB6AJ2XJxjTbUDAmVZXw+Ug=
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/
8 KB
3 KB
Image
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:00 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
2891
x-rq
ewr4 116 149 3106
last-modified
Fri, 04 Dec 2020 16:00:47 GMT
server
nginx
etag
W/"5fca5d2f-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2497192
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 07 Jan 2021 00:24:52 GMT
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
6 KB
3 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
58216d07697cb268f0b30bd5963a1515dd4ee3b5b185151bdb99d041f0fa73fc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:00 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
2444
x-rq
mdw2 112 183 3088
last-modified
Wed, 02 Dec 2020 23:12:06 GMT
server
nginx
etag
W/"5fc81f46-173a"
vary
User-Agent
content-type
application/x-javascript
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 09 Dec 2020 02:45:01 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/
540 B
1 KB
Image
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:00 GMT
Last-Modified
Wed, 16 Sep 2020 23:56:43 GMT
Server
AmazonS3
x-amz-request-id
4R7K4V2MCP8N6R9R
ETag
"4d7595f832e4962b83a9428c3723233b"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=132726
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
540
x-amz-id-2
yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
Expires
Thu, 10 Dec 2020 15:37:06 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/
535 B
1 KB
Image
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:00 GMT
Last-Modified
Thu, 17 Sep 2020 00:28:25 GMT
Server
AmazonS3
x-amz-request-id
BX6X5G9GEK1G9M4M
ETag
"b0f5ec7455ded53e84de4fee006a5110"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=105819
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
535
x-amz-id-2
DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
Expires
Thu, 10 Dec 2020 08:08:39 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
11 KB
12 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:00 GMT
Last-Modified
Fri, 25 Sep 2020 03:04:51 GMT
Server
AmazonS3
x-amz-request-id
4N2W2Y6HDY8Z3Q2W
ETag
"29e85ea235248e0a7761df4fe6643e1a"
Access-Control-Allow-Methods
GET,POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=541561
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11372
x-amz-id-2
Z1HhaEEhR+4SW45rFV+SZJ/QiklrgDUhrbvWmFxzzpa1Kifm2MvbbI9Ateo09sYRHNLYlfgsmGM=
Expires
Tue, 15 Dec 2020 09:11:01 GMT
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/
3 KB
1 KB
Script
General
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
etag
"1a868d280f9424f5d82876d6cf0c46b9"
age
0
x-cache
HIT, MISS
content-length
1123
x-amz-id-2
oomNfWgnkbvQqle4UDrZeHF50VwPCGxTs8PXdjoVEC6KEI0oIQ9R6+Gn8fF1ecLW46c278XB+q0=
x-served-by
cache-sna10741-LGB, cache-hhn4069-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1607481901.810413,VS0,VE164
date
Wed, 09 Dec 2020 02:45:00 GMT
vary
Accept-Encoding,,
x-amz-request-id
F9049140F801653E
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 0
impl.20201129-9-RELEASE.js
cdn.taboola.com/libtrc/
449 KB
104 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
57401860e9af6c4ffccc7684a885c156af441747151ac5fda5342ab704df0898

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
AsWZCvTsnT2XhpJHrL8fjPD.D5VECsGn
content-encoding
br
etag
"e1c86c541d13fc549fc03c9f01895b8e"
age
17796
x-cache
HIT
content-length
105670
x-amz-id-2
W9h8NM1ZREIjGx5TJGyTn/Y1Q1TcsFQMTXOUnz5+ohlHr1JQvuhsn3NgLhveVd6plqCNtSHQhUM=
x-served-by
cache-hhn4030-HHN
last-modified
Sun, 29 Nov 2020 13:39:12 GMT
server
AmazonS3-br
x-timer
S1607481901.810655,VS0,VE0
date
Wed, 09 Dec 2020 02:45:00 GMT
vary
Accept-Encoding
x-amz-request-id
5717A675924A26F9
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
48
x-cache-hits
20263
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-64-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Thu, 10 Dec 2020 02:45:00 GMT
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/
248 KB
78 KB
Script
General
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
AkamaiNetStorage
etag
"f1b190419095215938ba092e3e98262e:1606882430.472598"
vary
User-Agent, Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=812
date
Wed, 09 Dec 2020 02:45:01 GMT
is-https
true
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 09 Dec 2020 02:58:33 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
45 KB
14 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
93b175796385750b38fd82e8e644a731aa51296a1a405fae8a12907be3e9eb39
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:00 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
14195
x-rq
ewr4 113 181 3106
last-modified
Mon, 23 Nov 2020 02:17:39 GMT
server
nginx
etag
W/"5fbb1bc3-b347"
vary
User-Agent
content-type
application/x-javascript
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 09 Dec 2020 02:45:01 GMT
all.css
use.fontawesome.com/releases/v5.6.3/css/
52 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:00 GMT
content-encoding
gzip
last-modified
Thu, 20 Dec 2018 17:45:13 GMT
server
NetDNA-cache/2.2
etag
W/"dc93d584e41f8417f6b7163320d34329"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/
995 B
1 KB
XHR
General
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=03%3A45%3A00.917&lti=deflated&data=%7B%22id%22%3A252%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1606659333631%2C%22vi%22%3A1607481900884%2C%22cv%22%3A%2220201129-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9591%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1473.5%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
03dfb52e472604e8d151a9e9006cce125ab9a53db1eefee272176af58725d323

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
126
date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1607481901.937191,VS0,VE126
x-served-by
cache-hhn4030-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1607481900934&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%2...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1607481900934&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1607481900934&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-64-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:01 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1607481900934&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:00 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1607481900935&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=ht...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607481900935&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=h...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607481900935&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-64-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:01 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607481900935&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:00 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
/
heraldsun.digitaleditions.com.au/
Redirect Chain
  • https://www.heraldsun.com.au/digitalprinteditions
  • https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F
  • http://heraldsun.digitaleditions.com.au/
0
0

/
www.heraldsun.com.au/tributes/
0
31 KB
Other
General
Full URL
https://www.heraldsun.com.au/tributes/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
etag
"d170cf372931eeacf070c67ddf18e7b4"
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-subscribed
False
is-https
true
x-forwarded-proto
https
x-device
desktop
x-ua-compatible
IE=edge,chrome=1
x-arrrg5
BlaizeHappened
server
nginx/1.12.1
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
x-varnish
535726864
access-control-allow-origin
http://heraldsun.finda.production.apnarm.net.au
cache-control
max-age=118
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2ftributes%2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=bc65a0576d8df0c7dc57b9f9daa67b9f
content-length
30057
content-type
text/html; charset=utf-8
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 09 Dec 2020 02:47:01 GMT
/
www.heraldsun.com.au/subscribe/news/1/
0
1 KB
Other
General
Full URL
https://www.heraldsun.com.au/subscribe/news/1/?int_medium=display&int_source=site-link&int_campaign=acq_onsite_login&int_content=link&sourceCode=HSWEB_ONS538
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Wed, 09 Dec 2020 02:45:01 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=3569
is-https
true
ssl
yes
content-length
912
expires
Wed, 09 Dec 2020 03:44:30 GMT
/
www.heraldsun.com.au/
0
61 KB
Other
General
Full URL
https://www.heraldsun.com.au/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
pragma
no-cache
x-rq
bom2 115 229 3098
server
nginx
date
Wed, 09 Dec 2020 02:45:02 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:02 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
leader
www.heraldsun.com.au/
0
64 KB
Other
General
Full URL
https://www.heraldsun.com.au/leader
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
pragma
no-cache
x-rq
bom2 116 88 3188
server
nginx
date
Wed, 09 Dec 2020 02:45:02 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:02 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=leader&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
victoria
www.heraldsun.com.au/news/
0
48 KB
Other
General
Full URL
https://www.heraldsun.com.au/news/victoria
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
content-length
48191
x-xss-protection
1
pragma
no-cache
x-rq
bom2 115 246 3103
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=victoria&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
national
www.heraldsun.com.au/news/
0
50 KB
Other
General
Full URL
https://www.heraldsun.com.au/news/national
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
pragma
no-cache
x-rq
bom2 115 246 3103
server
nginx
date
Wed, 09 Dec 2020 02:45:02 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:02 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=national&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
world
www.heraldsun.com.au/news/
0
53 KB
Other
General
Full URL
https://www.heraldsun.com.au/news/world
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
pragma
no-cache
x-rq
bom2 114 53 3172
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=world&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
opinion
www.heraldsun.com.au/news/
0
52 KB
Other
General
Full URL
https://www.heraldsun.com.au/news/opinion
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
pragma
no-cache
x-rq
bom2 115 233 3111
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=opinion&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
business
www.heraldsun.com.au/
0
50 KB
Other
General
Full URL
https://www.heraldsun.com.au/business
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
content-length
49977
x-xss-protection
1
pragma
no-cache
x-rq
bom2 119 85 3122
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fbusiness&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=business&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
entertainment
www.heraldsun.com.au/
0
50 KB
Other
General
Full URL
https://www.heraldsun.com.au/entertainment
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
content-length
49626
x-xss-protection
1
pragma
no-cache
x-rq
bom2 119 100 3097
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=entertainment&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
lifestyle
www.heraldsun.com.au/
0
48 KB
Other
General
Full URL
https://www.heraldsun.com.au/lifestyle
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
content-length
47607
x-xss-protection
1
pragma
no-cache
x-rq
bom2 113 245 3125
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=lifestyle&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
sport
www.heraldsun.com.au/
0
66 KB
Other
General
Full URL
https://www.heraldsun.com.au/sport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
pragma
no-cache
x-rq
bom2 119 100 3097
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=sport&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-akamai-transformed
9 387770 0 pmb=mRUM,1
expires
Wed, 09 Dec 2020 02:45:03 GMT
/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain
  • https://www.heraldsun.com.au/news/opinion/rita-panahi/rita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday/news-story/b151c13e550f5f6402955cee89a82f74
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fopinion%2Frita-panahi%2Frita-panahi-pandering-to-woke-wooden-heads-destroys...
0
1 KB
Other
General
Full URL
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fopinion%2Frita-panahi%2Frita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday%2Fnews-story%2Fb151c13e550f5f6402955cee89a82f74&memtype=anonymous&mode=premium
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Wed, 09 Dec 2020 02:45:02 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=3501
is-https
true
ssl
yes
content-length
912
expires
Wed, 09 Dec 2020 03:43:23 GMT

Redirect headers

date
Wed, 09 Dec 2020 02:45:02 GMT
server
AkamaiGHost
x-arrrg5
BlaizeHappened
vary
User-Agent
location
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fopinion%2Frita-panahi%2Frita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday%2Fnews-story%2Fb151c13e550f5f6402955cee89a82f74&memtype=anonymous&mode=premium
expires
Wed, 09 Dec 2020 02:45:02 GMT
cache-control
max-age=0
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion%2frita-panahi%2frita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday%2fnews-story%2fb151c13e550f5f6402955cee89a82f74&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=b151c13e550f5f6402955cee89a82f74&session=bc65a0576d8df0c7dc57b9f9daa67b9f
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain
  • https://www.heraldsun.com.au/sport/cricket/big-bash/kfc-SuperCoach-plus-article-final-week-checklist-and-all-the-latest-bbl-news-you-need-to-know/news-story/c6412d0ff6b11d260a87097e5c28b17e
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fcricket%2Fbig-bash%2Fkfc-SuperCoach-plus-article-final-week-checklist-and-...
0
1 KB
Other
General
Full URL
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fcricket%2Fbig-bash%2Fkfc-SuperCoach-plus-article-final-week-checklist-and-all-the-latest-bbl-news-you-need-to-know%2Fnews-story%2Fc6412d0ff6b11d260a87097e5c28b17e&memtype=anonymous&mode=premium&offerset=sc_hs_premium
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Wed, 09 Dec 2020 02:45:01 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=243
is-https
true
ssl
yes
content-length
915
expires
Wed, 09 Dec 2020 02:49:04 GMT

Redirect headers

date
Wed, 09 Dec 2020 02:45:01 GMT
server
AkamaiGHost
x-arrrg5
BlaizeHappened
vary
User-Agent
location
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fcricket%2Fbig-bash%2Fkfc-SuperCoach-plus-article-final-week-checklist-and-all-the-latest-bbl-news-you-need-to-know%2Fnews-story%2Fc6412d0ff6b11d260a87097e5c28b17e&memtype=anonymous&mode=premium&offerset=sc_hs_premium
expires
Wed, 09 Dec 2020 02:45:01 GMT
cache-control
max-age=0
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fcricket%2fbig-bash%2fkfc-SuperCoach-plus-article-final-week-checklist-and-all-the-latest-bbl-news-you-need-to-know%2fnews-story%2fc6412d0ff6b11d260a87097e5c28b17e&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=c6412d0ff6b11d260a87097e5c28b17e&session=bc65a0576d8df0c7dc57b9f9daa67b9f
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
4d9ee1a182214d0cf3ce3756582cda9a
www.heraldsun.com.au/sport/afl/afl-draft-2020-live-time-order-start-and-how-to-watch/live-coverage/
0
56 KB
Other
General
Full URL
https://www.heraldsun.com.au/sport/afl/afl-draft-2020-live-time-order-start-and-how-to-watch/live-coverage/4d9ee1a182214d0cf3ce3756582cda9a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
pragma
no-cache
x-rq
bom2 112 120 3185
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fafl-draft-2020-live-time-order-start-and-how-to-watch%2flive-coverage%2f4d9ee1a182214d0cf3ce3756582cda9a&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=4d9ee1a182214d0cf3ce3756582cda9a&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
afl
www.heraldsun.com.au/sport/
0
59 KB
Other
General
Full URL
https://www.heraldsun.com.au/sport/afl
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
pragma
no-cache
x-rq
bom2 119 89 3095
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=afl&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain
  • https://www.heraldsun.com.au/sport/afl/western-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval/news-story/ea5f87cf0dfae34752b94b36d7024de7
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fwestern-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-mo...
0
1 KB
Other
General
Full URL
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fwestern-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval%2Fnews-story%2Fea5f87cf0dfae34752b94b36d7024de7&memtype=anonymous&mode=premium
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Wed, 09 Dec 2020 02:45:02 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=3583
is-https
true
ssl
yes
content-length
912
expires
Wed, 09 Dec 2020 03:44:45 GMT

Redirect headers

date
Wed, 09 Dec 2020 02:45:02 GMT
server
AkamaiGHost
x-arrrg5
BlaizeHappened
vary
User-Agent
location
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fwestern-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval%2Fnews-story%2Fea5f87cf0dfae34752b94b36d7024de7&memtype=anonymous&mode=premium
expires
Wed, 09 Dec 2020 02:45:02 GMT
cache-control
max-age=0
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fwestern-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval%2fnews-story%2fea5f87cf0dfae34752b94b36d7024de7&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=ea5f87cf0dfae34752b94b36d7024de7&session=bc65a0576d8df0c7dc57b9f9daa67b9f
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain
  • https://www.heraldsun.com.au/sport/afl/recruiter-gary-buckenara-names-his-top-50-prospects-for-the-2020-afl-draft/news-story/80f564a4e5c1efa9f037b83031bda197
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Frecruiter-gary-buckenara-names-his-top-50-prospects-for-the-2020-afl...
0
1 KB
Other
General
Full URL
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Frecruiter-gary-buckenara-names-his-top-50-prospects-for-the-2020-afl-draft%2Fnews-story%2F80f564a4e5c1efa9f037b83031bda197&memtype=anonymous&mode=premium
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Wed, 09 Dec 2020 02:45:02 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=3526
is-https
true
ssl
yes
content-length
912
expires
Wed, 09 Dec 2020 03:43:48 GMT

Redirect headers

date
Wed, 09 Dec 2020 02:45:02 GMT
server
AkamaiGHost
x-arrrg5
BlaizeHappened
vary
User-Agent
location
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Frecruiter-gary-buckenara-names-his-top-50-prospects-for-the-2020-afl-draft%2Fnews-story%2F80f564a4e5c1efa9f037b83031bda197&memtype=anonymous&mode=premium
expires
Wed, 09 Dec 2020 02:45:02 GMT
cache-control
max-age=0
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2frecruiter-gary-buckenara-names-his-top-50-prospects-for-the-2020-afl-draft%2fnews-story%2f80f564a4e5c1efa9f037b83031bda197&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=80f564a4e5c1efa9f037b83031bda197&session=bc65a0576d8df0c7dc57b9f9daa67b9f
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
police-courts
www.heraldsun.com.au/truecrimeaustralia/
0
49 KB
Other
General
Full URL
https://www.heraldsun.com.au/truecrimeaustralia/police-courts
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
pragma
no-cache
x-rq
bom2 115 233 3111
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2ftruecrimeaustralia%2fpolice-courts&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=police-courts&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain
  • https://www.heraldsun.com.au/truecrimeaustralia/police-courts/celeste-mannos-mum-vows-to-fight-for-change-in-her-daughters-memory/news-story/ff687817bd143469f6e810c57a9e711f
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fceleste-mannos-mum-vows-to-fight-for-c...
0
1 KB
Other
General
Full URL
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fceleste-mannos-mum-vows-to-fight-for-change-in-her-daughters-memory%2Fnews-story%2Fff687817bd143469f6e810c57a9e711f&memtype=anonymous&mode=premium
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Wed, 09 Dec 2020 02:45:02 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=3600
is-https
true
ssl
yes
content-length
912
expires
Wed, 09 Dec 2020 03:45:02 GMT

Redirect headers

date
Wed, 09 Dec 2020 02:45:02 GMT
server
AkamaiGHost
x-arrrg5
BlaizeHappened
vary
User-Agent
location
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Fceleste-mannos-mum-vows-to-fight-for-change-in-her-daughters-memory%2Fnews-story%2Fff687817bd143469f6e810c57a9e711f&memtype=anonymous&mode=premium
expires
Wed, 09 Dec 2020 02:45:02 GMT
cache-control
max-age=0
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2ftruecrimeaustralia%2fpolice-courts%2fceleste-mannos-mum-vows-to-fight-for-change-in-her-daughters-memory%2fnews-story%2fff687817bd143469f6e810c57a9e711f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=ff687817bd143469f6e810c57a9e711f&session=bc65a0576d8df0c7dc57b9f9daa67b9f
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
coronavirus
www.heraldsun.com.au/
0
48 KB
Other
General
Full URL
https://www.heraldsun.com.au/coronavirus
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
content-length
47280
x-xss-protection
1
pragma
no-cache
x-rq
bom2 114 88 3108
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=coronavirus&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
f6a63a991df8badb07dfaac4d0c3684a
www.heraldsun.com.au/coronavirus/rolling-coverage-six-symptomatic-travellers-tested-for-coronavirus-second-hot-hotel-to-stay-closed-for-another-week/news-story/
0
42 KB
Other
General
Full URL
https://www.heraldsun.com.au/coronavirus/rolling-coverage-six-symptomatic-travellers-tested-for-coronavirus-second-hot-hotel-to-stay-closed-for-another-week/news-story/f6a63a991df8badb07dfaac4d0c3684a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
content-length
41428
x-xss-protection
1
pragma
no-cache
x-rq
bom2 112 120 3185
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2frolling-coverage-six-symptomatic-travellers-tested-for-coronavirus-second-hot-hotel-to-stay-closed-for-another-week%2fnews-story%2ff6a63a991df8badb07dfaac4d0c3684a&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=f6a63a991df8badb07dfaac4d0c3684a&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
food
www.heraldsun.com.au/lifestyle/
0
47 KB
Other
General
Full URL
https://www.heraldsun.com.au/lifestyle/food
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
content-length
46472
x-xss-protection
1
pragma
no-cache
x-rq
bom2 116 88 3188
server
nginx
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
expires
Wed, 09 Dec 2020 02:45:03 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle%2ffood&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=food&session=bc65a0576d8df0c7dc57b9f9daa67b9f
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain
  • https://www.heraldsun.com.au/lifestyle/food/chibog-offers-a-taste-of-the-philippines-in-west-footscray/news-story/deba077c7569b328911ff9333fa6ac9d
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Ffood%2Fchibog-offers-a-taste-of-the-philippines-in-west-footscray%2Fne...
0
1 KB
Other
General
Full URL
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Ffood%2Fchibog-offers-a-taste-of-the-philippines-in-west-footscray%2Fnews-story%2Fdeba077c7569b328911ff9333fa6ac9d&memtype=anonymous&mode=premium
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Wed, 09 Dec 2020 02:45:03 GMT
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=3486
is-https
true
ssl
yes
content-length
912
expires
Wed, 09 Dec 2020 03:43:09 GMT

Redirect headers

date
Wed, 09 Dec 2020 02:45:02 GMT
server
AkamaiGHost
x-arrrg5
BlaizeHappened
vary
User-Agent
location
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Ffood%2Fchibog-offers-a-taste-of-the-philippines-in-west-footscray%2Fnews-story%2Fdeba077c7569b328911ff9333fa6ac9d&memtype=anonymous&mode=premium
expires
Wed, 09 Dec 2020 02:45:02 GMT
cache-control
max-age=0
is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle%2ffood%2fchibog-offers-a-taste-of-the-philippines-in-west-footscray%2fnews-story%2fdeba077c7569b328911ff9333fa6ac9d&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=deba077c7569b328911ff9333fa6ac9d&session=bc65a0576d8df0c7dc57b9f9daa67b9f
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/
111 KB
31 KB
Script
General
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
etag
"b7fcedf037c57085d364b689ca46f32e"
age
9417911
x-cache
HIT, HIT, HIT
content-length
30954
x-amz-id-2
TG49UWLSXX/7JOu+pu/KWBF6lPU+j/sA4SNskqAGNRvS7P8ejY6LRwed0jVXlMerBXwRC25qwP8=
x-served-by
cache-lax8636-LAX, cache-lax10627-LGB, cache-hhn4069-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1607481901.008524,VS0,VE1
date
Wed, 09 Dec 2020 02:45:01 GMT
vary
Accept-Encoding,,,
x-amz-request-id
9758181B46377FE5
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
2, 1, 1
comments-count
mhr.talk.news.com.au/api/v1/
1 KB
1 KB
Fetch
General
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=4d9ee1a182214d0cf3ce3756582cda9a,ea5f87cf0dfae34752b94b36d7024de7,80f564a4e5c1efa9f037b83031bda197,f6a63a991df8badb07dfaac4d0c3684a,d5fa1f146364861b4962a95fe5d0eb50,7bf3bbaab74f6cd23db7029cc5c78c0e,b58629ed24589ad11ea3f4b4eb2e5ad3,220e9af0fa81b9447c634f00050899e5,400d06a4270b7ee8caa26e16e3acf40f,1e7addc68182c38bfb7a6624771750f2,327325791e2a7a04bc80348ffebe12cc,039bc73ddf0baaa324aae33fbcc07017,c8a684fa0c974c69e054d699324e3ece,a8e0b4429e1326aad1d6040d0522063b,987a971b387e5de567d92523964b2272,3bd3b29269f96f1d0a5a74e55c936b1e,7f8d50eb3af2356014c35cb6812574da,f156432c298df2e3adfe93660385567a,60c849e4baf5e8e5dbf1996f42ea8b90,040034876bfc3866620422169007ac2d,1e5e9e89114371f4da029747fdfd948c,319d43b5c3c2ecdd5e934fe91cb3e495,b2ee3725ff4ad1abdb81e0468d36575a,b151c13e550f5f6402955cee89a82f74,895e0d5034c8d4a8d2337a6d2501821c,13736db0bdb5aebfd45b1246161cf257,b8e373634da9cb3c806a8318ec845786,89867caa1e1f8a3a6a358071d4d5a587,b2987ec6aaed660a1f1865a9a7a8a790,bdf8a4dcec269707490e48ca586fe4c6,9e117ea97ab37c0b48ada7ed8fe6b0eb,9aae9e7e85e4ea838e64e13236e8ef49,bbb7e5455260a19f7dda449e10f54e87,386a17181664551d7144fdccd9b50650,17b570ad603a15ac744aeafbc0e95796,e10f9282f918ee557d81b4cc20dc391b,94b11cedf4a8ac7b80f64027ff86f537,945935dd2a361ba1f84ca8bc2f6f37c9,83b456121a908ed85a64eaead71e0fe9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
abc7553db409e176fd4e0fdd716dabaf49d175d840096c36b490466c3342a90a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.16.1
etag
W/"5bb-9jWYmlWV/yPUfTrQgsIOToWYpuQ"
x-download-options
noopen
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
access-control-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
x-talk-trace-id
892b4990-39c8-11eb-9149-671b53c1d9c5
vary
Accept-Encoding
content-length
834
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/
2 KB
2 KB
Fetch
General
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bf48adbfd3b42e3b64355dd9ca510e575bdbb4cf80408776c51c27b5c182d7b2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
is-https
true
content-length
1638
x-rq
bom2 115 233 3111
allow
GET
expires
Wed, 09 Dec 2020 02:45:07 GMT
server
nginx
date
Wed, 09 Dec 2020 02:45:01 GMT
vary
User-Agent
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=6
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
08f02c9bfa90f9d855a69d7fab449b52
content.api.news/v3/images/bin/
4 KB
5 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/08f02c9bfa90f9d855a69d7fab449b52?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c4ab088565b86231459d4b94bf85c93543664f8f457e128f651f756558b6d81e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
08f02c9bfa90f9d855a69d7fab449b52
date
Wed, 09 Dec 2020 02:45:01 GMT
last-modified
Wed, 09 Dec 2020 00:11:42 GMT
server
Akamai Image Manager
etag
d8af456edd9128ea4f8b2d3d1e7d8523-08f02c9bfa90f9d855a69d7fab449b52-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5174775
access-control-allow-headers
x-newsapi-api-key
content-length
4312
expires
Sun, 07 Feb 2021 00:11:16 GMT
c8c5ac8ebf19e2dbd2b99eaa2effccfd
content.api.news/v3/images/bin/
5 KB
5 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/c8c5ac8ebf19e2dbd2b99eaa2effccfd?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7485944ba8666d3b30e9598aeb0b90381531951670fa085cb127049ef367e4d8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
c8c5ac8ebf19e2dbd2b99eaa2effccfd
date
Wed, 09 Dec 2020 02:45:01 GMT
last-modified
Tue, 08 Dec 2020 23:27:57 GMT
server
Akamai Image Manager
etag
daf9fddd3f5394ce54082af08df75f0f-c8c5ac8ebf19e2dbd2b99eaa2effccfd-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5172128
access-control-allow-headers
x-newsapi-api-key
content-length
4921
expires
Sat, 06 Feb 2021 23:27:09 GMT
6190d04b84a8ecc4bc36776577d1da66
content.api.news/v3/images/bin/
9 KB
9 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/6190d04b84a8ecc4bc36776577d1da66?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
de178d8a9bbae956bc3430a9c9b32b09e7f19d38f635cd0ae46356821ad1ff43

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
6190d04b84a8ecc4bc36776577d1da66
date
Wed, 09 Dec 2020 02:45:01 GMT
last-modified
Wed, 09 Dec 2020 01:37:29 GMT
server
Akamai Image Manager
etag
7520bc590efaa21879cfa5f682b08232-6190d04b84a8ecc4bc36776577d1da66-150
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5179926
access-control-allow-headers
x-newsapi-api-key
content-length
9058
expires
Sun, 07 Feb 2021 01:37:07 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/
23 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe5c6e8d5d904fde8658aa207e0b0ad25206d993e9a0f114c5faa0390c1ec14f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
5kVHdVZ6jhj14v9ayeqH4XJV7vV0Kv71
content-encoding
gzip
etag
"adadd290e28882ab8fcbc82db81d04ea"
age
27524
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4433
x-amz-id-2
pdaDQ/cNgVFVPNUNF01VAlSWoxe1Y/VMJBXLM3fnV0Iup+e/wvSojj8OXzL1GSb1tn37p4a2E2Q=
x-served-by
cache-hhn4030-HHN
last-modified
Thu, 03 Dec 2020 11:05:58 GMT
server
AmazonS3
x-timer
S1607481901.098130,VS0,VE0
date
Wed, 09 Dec 2020 02:45:01 GMT
vary
Accept-Encoding
x-amz-request-id
3D237ABDF22A892B
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
58
x-cache-hits
22142
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding
gzip
etag
"9e155136143a96e23a99757df9aa3cc8"
age
5042
x-cache
HIT
x-amz-replication-status
PENDING
content-length
728
x-amz-id-2
F511ZOU+f6Q+sqbWMumRisyTrwRpkm3FWMsmLIsnKa/IwVxkrGRtPSPQIlc/TyTY8rykuA1eNio=
x-served-by
cache-hhn4030-HHN
last-modified
Sun, 15 Nov 2020 09:20:35 GMT
server
AmazonS3
x-timer
S1607481901.097976,VS0,VE0
date
Wed, 09 Dec 2020 02:45:01 GMT
vary
Accept-Encoding
x-amz-request-id
6H4P7X5VCY1X4JBG
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
58
x-cache-hits
935
debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/
0
277 B
Image
General
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=03%3A45%3A01.083&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-midrail-native&id=1775&cv=20201129-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
server
nginx
x-fastly-to-nlb-rtt
15065
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.40.0.111:10213
social
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/
0
408 B
Image
General
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&tvi2=4013&lti=deflated&ri=95fcc41fea091b77fe99384cdf51c2ab&sd=v2_b9fdf61b25362f25d0ad98b975a79f43_3ef03755-6368-4720-a7cb-0951626b936b-tuct6c9bfac_1607481900_1607481900_CIi3jgYQgPNHGNT-jKvkLiABKAEwOjj5twhAnYoQSLva2ANQuNkMWABgAGjipqqRsq2X4nA&ui=3ef03755-6368-4720-a7cb-0951626b936b-tuct6c9bfac&pi=/&wi=873729681997272865&pt=home&vi=1607481900884&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=03%3A45%3A01.085&id=9349&llvl=1&cv=20201129-9-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
server
nginx
x-fastly-to-nlb-rtt
15065
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.40.20.14:10213
authorize
login.newscorpaustralia.com/ Frame 3F0B
0
0
Document
General
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oFnsfOpgmVpfJ6.7IErJY~hkyi-4Zqw6&nonce=V0UiYrF5OlSwfOsitCRQOUdzq0bmk5c5&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.60.35 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-60-35.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oFnsfOpgmVpfJ6.7IErJY~hkyi-4Zqw6&nonce=V0UiYrF5OlSwfOsitCRQOUdzq0bmk5c5&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

server
openresty
content-type
text/html;charset=UTF-8
ot-tracer-spanid
6f4449495b035321
ot-tracer-traceid
30d57c33384b19a1
ot-tracer-sampled
true
ot-baggage-auth0-request-id
21166-1607481901.424-2.16.110.188-1396-488699706-3-0.000
x-auth0-requestid
c484c5ad03e5245c3320
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1607481902
content-encoding
gzip
strict-transport-security
max-age=31536000
x-akamai-transformed
9 533 0 pmb=mTOE,3
expires
Wed, 09 Dec 2020 02:45:01 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
content-length
841
vary
Accept-Encoding
set-cookie
did=s%3Av0%3A88aec690-39c8-11eb-a5d7-a11663bb1444.r1KmuR7k8bAXbgsZ%2F%2FGFmOjweIennON%2F144OzriLh2I; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 08:45:01 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A88aec690-39c8-11eb-a5d7-a11663bb1444.r1KmuR7k8bAXbgsZ%2F%2FGFmOjweIennON%2F144OzriLh2I; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 08:45:01 GMT; HttpOnly; Secure ak_bmsc=F1A050AD844D7AFBCEAF185C346147CF48F7B2EDFA1200002D3AD05F66BF4C3B~plmPbp0YTb2m4UHeOtzsE+Wgb3XTAfUpuSTfU7jACUj+zcB3pTVdfMSfLEOZx5IuTzZdmj+5clJm5RLEqb//5VIMbQ4e+lHNT3840MQHDFbBez4RKKpgfyBxdUipXr4wbxYWXL4vo8cQbj+Zxwy1aEb+EUxOo5SNDZjpZw+yMj1iOsFxJ2t2fIxlgLxz5GC53lvoUN+ogJ+v/b8uN3AayqvCHXmPMmPfTjE0zgshi9JFhCnlIC9E8H3lErvWf+ctE2; expires=Wed, 09 Dec 2020 04:45:01 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=FDE4B7EE2E23E2314C432D330E713AC8~qni0/BuW4qL+4OBIGMnmQHvcB/FKZhMHnxf04glu8N5FE3JUFB5BV1VpuW9A3hFwmGQkbChZ1nx1a20U4odnY9QmR8buGoVhE7RwyE2HI2622B8+rAuh6osbU8HH9ZDWgArIct7dhHisiTzvqhZzmcoFG4GUAzjaL9uwMPfknRs1lJjmpPb44JITxfZQBo0yi7h4a8kGkmsdUgSQW4FDeWMa/nn6K6CDepPbbxAg/1W1sJkUinrSFXbfrI0DhnNZ; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=DC2AE2E525FE7B173D420EB0B05F07B8~YAAQ7bL3SOmI7Tx2AQAAEkJjRQp3FjOotR0/8TzO56pTQKGmLXOEZnvzGP6XlPuj8xxG87DJ5A6CMFyDItfqDNQhgv2A3It8hOE9sUHSDqpdjakNM++X3wc3oyjKjpo4yhvPTU8jyTBbMMGr1KW3Y2CtQ3gJ9CcGG7kbqD1HpL/Td6dhAof3HAOoQjmwqL4ssPuKnxA9YPIUWvw=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 09 Dec 2020 06:45:01 GMT; Max-Age=14400; HttpOnly _abck=865BE3F071007598EF4AA55319A0003E~-1~YAAQ7bL3SOqI7Tx2AQAAEkJjRQWFswS8LmPsAMzqUwzJY9Uya5o/XQR5wNRi+WK9mSJXoSgB/oUIFb8OPSYnP/emf5jWOhtIu5WCAaUOImTIAkOrqX/N9PBfSRBfpNL8G14AbnqwT6nzwc7eenl3BxwlYgCfvuYEdEsdxARmY0rEUUrvoRRC9SQHuTo738HDnGUcxs5384c1OiRJXKT0mDgLLapEu/gajnLjZ+wePSv1IRbETO0kH6a3v0ZMr2xE7sAMJ/IUfNp3s7GygDYjcQcUD2ajzPgWO8JejOkJ5Luk+NjEuVAfSLxExJefAjrqxCtp43w=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 09 Dec 2021 02:45:01 GMT; Max-Age=31536000; Secure
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
3 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
91d684c672c0a1dfd501546262b91d820d8c25bf5ff2968605c50123b5ebffe6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
last-modified
Tue, 24 Nov 2020 00:03:34 GMT
server
AkamaiNetStorage
etag
"5f72e6468427e025c6b5dca9f8b47f95:1606176214.729874"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1234
expires
Wed, 09 Dec 2020 02:50:01 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
70 KB
19 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6cdc46bd741ea434a62afefedad537b39f6ca9b52aea4f5828a2b2f27c419882

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
last-modified
Tue, 24 Nov 2020 00:03:32 GMT
server
AkamaiNetStorage
etag
"2a1443c2f1e11b73ae7adcc42370eb38:1606176211.994101"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
18834
expires
Wed, 09 Dec 2020 02:50:01 GMT
indies-loader.js
ts2020-indies-client.web.app/
7 KB
3 KB
Script
General
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 17 Sep 2020 07:41:38 GMT
x-timer
S1607481901.258257,VS0,VE1
etag
"16a0649956d88d08059c392d3f4b3b1b1b6ee7a364d1e3444626bf6439417ed3-br"
x-served-by
cache-cph20642-CPH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Wed, 09 Dec 2020 02:45:01 GMT
accept-ranges
bytes
content-length
2338
x-cache-hits
1
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
6 KB
3 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2ba257240ffc08c6b68d4bca0a95796e0244b065df669aaa532f81064f4673b4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
2885
x-rq
bom2 118 117 3092
last-modified
Sun, 22 Nov 2020 23:27:33 GMT
server
nginx
etag
W/"5fbaf3e5-19e5"
vary
User-Agent
content-type
application/x-javascript
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 09 Dec 2020 02:45:02 GMT
authorize
login.newscorpaustralia.com/ Frame 25D8
0
0
Document
General
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=cMLcotmZYsiqPyhzlrZuXJXT-jxbh-y5&nonce=rnEGOwqPrLN_5baiQewAhsvDLgAw~GUI&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.60.35 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-60-35.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=cMLcotmZYsiqPyhzlrZuXJXT-jxbh-y5&nonce=rnEGOwqPrLN_5baiQewAhsvDLgAw~GUI&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

server
openresty
content-type
text/html;charset=UTF-8
ot-tracer-spanid
5f20ff2330a84101
ot-tracer-traceid
1eee85604fe26819
ot-tracer-sampled
true
ot-baggage-auth0-request-id
20457-1607481901.437-2.16.110.188-1396-488658514-2-0.000
x-auth0-requestid
ce42f0231a560ec8e536
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1607481902
content-encoding
gzip
strict-transport-security
max-age=31536000
x-akamai-transformed
9 530 0 pmb=mTOE,3
expires
Wed, 09 Dec 2020 02:45:01 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
content-length
840
vary
Accept-Encoding
set-cookie
did=s%3Av0%3A88b04d30-39c8-11eb-ac13-f792e38d7fae.x25TB1YetKGmbZk3oqsdaF6eo3jnnrxcZdo1WP4Uih8; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 08:45:01 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A88b04d30-39c8-11eb-ac13-f792e38d7fae.x25TB1YetKGmbZk3oqsdaF6eo3jnnrxcZdo1WP4Uih8; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 08:45:01 GMT; HttpOnly; Secure ak_bmsc=EE0CCEC062E2BEF66DCB1914D1B3B63048F7B2EDFA1200002D3AD05F5B09DF0E~plO9oiAwwUvCkCGm0k4XoCigCg2+fzqNM0d0jZSxNoLJ3AfQOIKVKaHNZVwHVxEpvojC+zOkDHYMvflOma0YoJP4/JIavpuLvjvj6G9y/NVG3P4K5J1WyNjDb0OMS42s7OCCc+1wZ1kM9xPVKPoC5+47vGoOD3RbYRWeGcAT1nKH4lvmm9Vg3p+zTgxBBPG7NMPsZt5RoZnbGLlvu1q0MRertoKfHGcGfZtKqxDGa1GlIw9JfUJ7mLQ/hd2zaMbR9H; expires=Wed, 09 Dec 2020 04:45:01 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=CD6A9176BA6D8071AAD45A7268301707~qni0/BuW4qL+4OBIGMnmQI/AETcRWGfTfC94UBHL4QA4MA92D/FGDykwZr9CiaoKyPIG7h5Sfj/srsxmkYDPv/kkfJ+vN1fElkNcO+LCznsvAPbpj1MDnKdzB3/exI2REhIkllZDvutq1+8ysn04gq7rkX8tOtZkI3rFY4Ceq5W58EZDnrppYxaR7WOjjvmkUBkzlvPynFnpiSggMP143sFjE5QJjMVKn7mMB1NUa6Tg9HEMoR7vDEu7iZTsXGC6; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=B314FF12A6C42595361507516614F1D5~YAAQ7bL3SOuI7Tx2AQAAJUJjRQop2RoGJA3XTgxIXXRyF8Pq/SnzjbHk6tlqqz1trFDxOQ3ryjBDvd2cg+6fCq6x2yfIUXbbSuNeMdQUbfPsMk7+pNMNWZ/EBLw+ihLYkegqLFgGle55apecZg9B3L/hlAOof6+K1DLDlj+tQ5cJ/ITgXChLuDMkJ9Cqz6OlLKxuraKH4+xIhvQ=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 09 Dec 2020 06:45:01 GMT; Max-Age=14400; HttpOnly _abck=1868ABE0A42622661FDF40137D27B3D2~-1~YAAQ7bL3SOyI7Tx2AQAAJUJjRQXK2LACCRwoJtIL6gJ+tm97TxKtB5Fj1aH8/rqbRxhfJ+dccPLviWngSOwBgim7TBmoVqat1sP0uWf872wIkE68QYDI+qGwnqCvKOgVFWyv+YvE/KvcasIyzlu9I/TES5wPFlEF0aBLTsnEW1gI9hNlKFwHiXZB+GU2hwgfZPJZh7s2elUzaAv6YwJm6Nn+ZkaNbBuwI8ncKUQfGYjJpaHrSwpL6Xwy5AU0tkqWtKwp5MJ97vuHJofFzsFt7zwFpBDEfBQZzv8b7OAuBtIrQNkDlpJpJICcMNdtM74Knj4W1rY=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 09 Dec 2021 02:45:01 GMT; Max-Age=31536000; Secure
authorize
login.newscorpaustralia.com/ Frame 3009
0
0
Document
General
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=UeZb.Yu6__XqCQqbKwX1mjb~ej4Dt549&nonce=_yP_N5BisKMdbuQn30bn.LstNveZnU~i&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.60.35 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-60-35.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=UeZb.Yu6__XqCQqbKwX1mjb~ej4Dt549&nonce=_yP_N5BisKMdbuQn30bn.LstNveZnU~i&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

server
openresty
content-type
text/html;charset=UTF-8
ot-tracer-spanid
0fc8e35635828d3c
ot-tracer-traceid
63a7e51823371408
ot-tracer-sampled
true
ot-baggage-auth0-request-id
22081-1607481901.479-2.16.110.188-1396-488776049-26-0.000
x-auth0-requestid
cc2628ffdb7ce05d852c
x-ratelimit-limit
1000
x-ratelimit-remaining
998
x-ratelimit-reset
1607481902
content-encoding
gzip
strict-transport-security
max-age=31536000
x-akamai-transformed
9 533 0 pmb=mTOE,3
expires
Wed, 09 Dec 2020 02:45:01 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
content-length
840
vary
Accept-Encoding
set-cookie
did=s%3Av0%3A88b7c740-39c8-11eb-9af1-6d553b8d8650.op%2Bnfa%2FTpjxdt5wiLSJcCT6OGNjllnyVQDt7OvBZul8; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 08:45:01 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A88b7c740-39c8-11eb-9af1-6d553b8d8650.op%2Bnfa%2FTpjxdt5wiLSJcCT6OGNjllnyVQDt7OvBZul8; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 08:45:01 GMT; HttpOnly; Secure ak_bmsc=946B670DD76FC8EE0EBFC4EF8319F9EB48F7B2EDFA1200002D3AD05F257A9869~plkoMtYXvPBLXB5qcDmMRKR1J4OIvGMCWoeidvPJ565h/VlpRGWvGL5exBZRfciO6V2f10SOfiUKQMEJJ9ddKFAt76ie0DaCcCKQUxa39X3h2t9xVj/ARJ7cizZgl62v/BK/VLLXmJf9yZqXlOMuVWdjIsvAanQRiond4kSprW73E0gUQKuw3N/DdQimb/o5tEpQ9uB2CKQBpBhCK3cXeZhfybVqxXjD9xYV6KFkWRzmwATXCCaNg5lVHsIXm//OuI; expires=Wed, 09 Dec 2020 04:45:01 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=9B0F41B80D97E5B79C136D68416CA459~qni0/BuW4qL+4OBIGMnmQCG9Yl/fv1cDWgURh+DHLu296/pnBUWc3OoWwbWQz/DK1+uY5huNALWOnmxN7IuDovtMKD0QTeWcRe9059l8v4vIO3ylHjp2v3YdGE5uqgpe4daj3bSClobmVi/kJckL71EZQoB48Bp1ngGgngtn9zfahwo/CbPorIEE7Nug/Og/2VvmZFvb6Z2dXalSx/yl5SEvaqKJph2dFAkf4KKBYlsZbxS95kMGQ8+5jPN9T3bN; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=20D248BCA08D796E27AC7F30777EDE35~YAAQ7bL3SPGI7Tx2AQAAXUJjRQpYIDjqphBkbAZhapz/EW8stf86t0mxiqcD1nz2IL+PXZCddrYDV7btjxcd6Dm/5ZmtX0Iy3lY3YWgPziQFXys9d8/I20SvQhjqkL/jEVCzxAahbcYOquKG29pXh1+QJ7Me6l2QntD9tI6Y5gkyjPfJF7i6+woDfFgLgPTO9KrIzhIE4u5talg=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 09 Dec 2020 06:45:01 GMT; Max-Age=14400; HttpOnly _abck=1E8CA830623913A731CAB6A0C71B729C~-1~YAAQ7bL3SPKI7Tx2AQAAXUJjRQU+/S7qY5whcV6EQMOx2q5lFVdsnQnzRlsQi669Dfj9pUmcUIqwkPAL7JDn0XnJraXo/TS9OiC0SyCcIknt0fDl87OPLyJy0ymlqe4lL9VVl80HMNxrRbC46uGp2TegTMn5Je5zlUfN2qrHY6RTiK/ZAfi18dVpdIBVKYTmdrh0CmvR5wcDSRW8OImapJ+kpcXOaQVf1ueQGMtTXXZVqk4hk+tRnucOHIE99JHd2l0PU2UB9y9+dl0kK/GkjYv4Ls1aXkjz0N2tv+7Atl/2OaE4CtIY0n1MOI/XvTiX4pKa5TQ=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 09 Dec 2021 02:45:01 GMT; Max-Age=31536000; Secure
utrack.js
tags.news.com.au/prod/utrack/
2 KB
1 KB
Script
General
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16074819013310.5053653493591688
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
496f507875a529b613576dd312577e9b7794101ff0a7184015a9d9fd42b87d06

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
server
Apache
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=0, no-cache, no-store
content-type
application/x-javascript
content-length
837
expires
Wed, 09 Dec 2020 02:45:01 GMT
mitas.js
tags.news.com.au/prod/mitas/
666 B
898 B
Script
General
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
cache-control
max-age=23366
server
Apache
content-type
application/x-javascript
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=655681134763.996
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/
16 KB
6 KB
Script
General
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=655681134763.996?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f6.1e100.net
Software
cafe /
Resource Hash
11fcbb8aadc3ff4a29a62ac7523f3f63fa0804be2be0c3c55d11e7c98998730b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5799
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/
69 KB
23 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6a00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 00:54:48 GMT
content-encoding
gzip
last-modified
Wed, 14 Oct 2020 02:30:03 GMT
server
nginx
age
6613
etag
W/"5f8662ab-112ec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
QqQtR_lINCUndDLuSbHo9E0Ps_fslDUzkdCafYSHEifSRNg7MLW4oA==
expires
Wed, 09 Dec 2020 02:54:48 GMT
metrics.js
tags.news.com.au/prod/metrics/
177 KB
61 KB
Script
General
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"032ddabb406fd4179075624c01a76c5d:1606693368.080684"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=29812
content-type
application/x-javascript
tad.js
tags.news.com.au/prod/tad/
98 KB
29 KB
Script
General
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7e4f4a23ed7a74e87caf199cb84e638f233d01a7aaa7c29b45862ed87747937f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"8c0ff937b016970cfd1482c4456bc986:1607318432.694058"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=78450
content-type
application/x-javascript
content-length
29229
gpt.js
securepubads.g.doubleclick.net/tag/js/
55 KB
19 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
sffe /
Resource Hash
714cac8ff5400467459b98256c655279773669a2f54692d8d366c811100061b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"718 / 894 of 1000 / last-modified: 1607469012"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18975
x-xss-protection
0
expires
Wed, 09 Dec 2020 02:45:01 GMT
prebid.js
tags.news.com.au/prod/prebid/
327 KB
98 KB
Script
General
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"079b5880b9ed74f5d265d6b9199a2e85:1601422697.718452"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=33481
content-type
application/x-javascript
nielsen.js
tags.news.com.au/prod/nielsen/
21 KB
9 KB
Script
General
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4b80ab49cca418a05255ac5b92d063e739e028a005581148e2da1864e08618dc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"08f1a2bd351d21b2a8846d3a3e389576:1604537083.086393"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=25948
content-type
application/x-javascript
content-length
8663
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-gl.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
21 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:ce00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
.KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding
gzip
etag
"cc7339d315e5ab16597dd66d153a0e7e"
last-modified
Mon, 12 Oct 2020 13:35:53 GMT
server
AmazonS3
age
23503
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Tue, 08 Dec 2020 20:13:19 GMT
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
NVIfVJ7EFS_sWyhAfo4Vhj-Nht1DoO-XhRzXM3At_5qyXKwO1eC9AQ==

Redirect headers

date
Wed, 09 Dec 2020 02:45:01 GMT
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
text/html
location
https://cdn-gl.imrworldwide.com:443/v60.js
content-length
134
x-amz-cf-id
aTJvNvnBlHPjbMK_TyPKaQPEPBwG0qRMj5oXateD9rr9Qe83xm3HSw==
ncg.js
au.tags.newscgp.com/prod/ncg/
155 KB
48 KB
Script
General
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-53.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53c25ccb7181178c52c32fdf5e58a55d730bbfe8e45db600886adfb33d88411b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 01:57:14 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 05 Nov 2020 07:14:18 GMT
Server
AmazonS3
Age
2877
ETag
"ae1b1b3c735b9c3894bc20532056e9de"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
-Gwn9rt13APZJv0uBDBUqKKiCzezjminmhVRe09Ds-YIl41QftVn4w==
utag.975.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
3 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.975.js?utv=ut4.46.202008240621
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2fa62fdf8e026049d48ee5b0227b6cde543ff47ae4d3a7ee43b360f9d154305f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
last-modified
Tue, 01 Oct 2019 02:56:54 GMT
server
AkamaiNetStorage
etag
"1411faee056be1abaeee38ce4f2bded2:1569898614.604449"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1287
expires
Thu, 24 Dec 2020 02:45:01 GMT
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
last-modified
Wed, 20 Nov 2019 04:49:47 GMT
server
AkamaiNetStorage
etag
"a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
900
expires
Thu, 24 Dec 2020 02:45:01 GMT
vidora-client.1.x.x.min.js
assets.vidora.com/js/
8 KB
4 KB
Script
General
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b600:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 00:14:04 GMT
content-encoding
gzip
last-modified
Wed, 08 Apr 2020 14:24:21 GMT
server
AmazonS3
age
9058
etag
W/"09285b59e7b4661ace266ee756c7b3f3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
zC8tQJ6A2Y2tfANq4cjPPyEVc5dU624OlLKVyPUO4if8cLsLfVDTpg==
ping
ping.chartbeat.net/
43 B
169 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=62D0DCGk1OdCWpHa3&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9591&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4962&t=E0UZNDTrYfeZ2-mSCVh31xD3viGF&V=121&i=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-60&_acct=anon&sn=1&sv=BvvgXCR7JKcCRjpF1D8rDP7Dboaep&sd=1&im=06030402&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.213.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-213-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
hotjar-465845.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-465845.js?sv=6
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
07bfaacd7e190a53caf41c6ad3961a9872f525fae01609605a59985731a9413b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
AMS1-C1
etag
W/29068dd4ca233cf8f1abb5a309d14770
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
content-length
1639
via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
x-amz-cf-id
L-niWThhYxVOgdY20h5-CpQ-E-nDReYnFk07Ojwzv05vrc3fz4-coQ==
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/
52 KB
16 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-90-174.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by
ARR/3.0
etag
"84a7fce7aaabd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=574
accept-ranges
bytes
content-length
15848
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
202 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202011240003&cb=1607481901443
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Wed, 09 Dec 2020 02:55:01 GMT
_error
uconnect.tealiumiq.com/ulog/
43 B
454 B
Image
General
Full URL
https://uconnect.tealiumiq.com/ulog/_error?utid=newsltd/hwt/202011240003&e0=ge%3A%3A4%3A%3A%2F%2Ftags.tiqcdn.com%2Futag%2Fnewsltd%2Fhwt%2Fprod%2Futag.js%3A%3A_gaq%20is%20not%20defined
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.135.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
x-serverid
uconnect_i-0d8873d770812c114
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
_error::4:uconnect
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region
eu-central-1
x-error
_error is not supported
content-type
image/gif
x-ulver
c2e2243d20a612a7b591b22eba7d34b103498546-SNAPSHOT
content-length
43
x-uuid
65deb290-6afd-4201-8290-0f5897f576c5
expires
Wed, 09 Dec 2020 02:45:01 GMT
ggcmb510.js
seccdn-gl.imrworldwide.com/novms/js/2/
12 KB
5 KB
Script
General
Full URL
https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:d600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
CeKWdfuThsyzKr0NmnwAM5a0VYitilJV
content-encoding
gzip
etag
"afa0d379b1e6e0a61fad577d0043ff26"
last-modified
Tue, 17 Nov 2020 14:36:24 GMT
server
AmazonS3
age
3413
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8da78542dac6b4328eb443200c30bbff.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 09 Dec 2020 01:48:09 GMT
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
H_vDVmD-Vau267pjjh7PLsil1H_0kFbDrEE1VvCqOtQgr24ly_tHUQ==
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=655681134763.996?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
2649
x-xss-protection
0
server
cafe
etag
804181672847865866
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Dec 2020 02:31:03 GMT
view
googleads4.g.doubleclick.net/pcs/
0
683 B
Other
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv__2Pvks30Z2l2qigwtevAQ1EKjtcgt--URriu_b1QWlY4g9ezkEYX0zzTJ5kmk_8owVZBy_JIewxuDQrYi-JIfQ3_FCRI9gijZqNwFIus-N95zT_m8reB2uzyN25Db8tM&sig=Cg0ArKJSzDjRsydFA-iYEAE&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cisv=r20201203.38811&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=655681134763.996?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
iasPET.1.js
cdn.adsafeprotected.com/
22 KB
7 KB
Script
General
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 05 Dec 2020 13:25:33 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 08 Jul 2020 20:34:30 GMT
Server
AmazonS3
Age
307169
ETag
W/"a8663f72a1dbe614b19f167a59af368d"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
aYYoYtsKVtrKxV01gsqzYnTE7G2JMM4EG7_UiE6bKQK0Gc1ka_Oflw==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607481901532
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607481901532
5 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607481901532
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.234.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-234-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cd0212aba1cf15644403bf20f01a4c2f592113a1a0118e262f4e063691dc5077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v086-0a7ac7406.edge-irl1.demdex.com 5.80.1.20201111130852 3ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
BWBlTX1gTls=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1537
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.heraldsun.com.au
X-TID
UM0R1iccTK4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607481901532
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/
61 B
359 B
XHR
General
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiGHost /
Resource Hash
94c849dad281228761f865b170f223a1ed34a321b92cb49addd0fc3fb9f0fb86

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
server
AkamaiGHost
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag
"f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=0, no-cache
content-length
61
mime-version
1.0
expires
Wed, 09 Dec 2020 02:45:01 GMT
pubads_impl_2020120301.js
securepubads.g.doubleclick.net/gpt/
279 KB
99 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
sffe /
Resource Hash
dc3842d1ad8fde688d7b47fb100be5a4bcf18b97af2dd23d02dbb3713f6d520b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Dec 2020 09:42:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100510
x-xss-protection
0
expires
Wed, 09 Dec 2020 02:45:01 GMT
storageframe.html
secure-gl.imrworldwide.com/ Frame 3535
0
0
Document
General
Full URL
https://secure-gl.imrworldwide.com/storageframe.html
Requested by
Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
secure-gl.imrworldwide.com
:scheme
https
:path
/storageframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html
vary
Accept-Encoding
date
Wed, 09 Dec 2020 02:45:01 GMT
server
nginx
last-modified
Fri, 02 Oct 2020 19:34:09 GMT
etag
W/"5f7780b1-2b27"
access-control-allow-origin
*
access-control-allow-methods
POST, OPTIONS
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
toESTSf_cvYvhiYFJzYTP9UEmeor8-4Q0b_pLk-VdenPAPVIYcEpmQ==
modules.e8f2fe812b29ca995bc0.js
script.hotjar.com/
221 KB
58 KB
Script
General
Full URL
https://script.hotjar.com/modules.e8f2fe812b29ca995bc0.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-465845.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3492bc139bf82bffa8725924455949cb36628db1491158107197f4f4829eeebb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 18:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
31378
x-cache
Hit from cloudfront
content-length
59096
access-control-allow-origin
*
last-modified
Tue, 08 Dec 2020 17:58:32 GMT
etag
"13bf5c27d17b565cc3a6362a1a1be90f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
v2y6LJgFk6CfuL-zz0cvIQJ-fc9KJWd-XahVN7tWxaSCMTuWyrGhsA==
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/
15 KB
1 KB
XHR
General
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-90-174.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
s9D81rRzINXxbJe2GpsceLRJAdvlBAld
content-encoding
gzip
last-modified
Mon, 30 Nov 2020 08:14:17 GMT
server
ATS/7.1.0
x-amz-request-id
573034F4A1AB243F
etag
"622b99881112d32ffad4119cdad72daf"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=108
date
Wed, 09 Dec 2020 02:45:01 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1050
x-amz-id-2
DDGKBvf4WGAox4f3G65181GWTeSlpv8EYYY4EcWujR4Z+A7QImPz02HxSY+ZtxlKBnGZg5FE+Cw=
Cookie set dest5.html
newscorpau.demdex.net/ Frame 1CB9
0
0
Document
General
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.49.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-49-247.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
newscorpau.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.heraldsun.com.au/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=39860089644780913332610032048156549655
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Thu, 19 Nov 2020 14:56:35 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=39860089644780913332610032048156549655;Path=/;Domain=.demdex.net;Expires=Mon, 07-Jun-2021 02:45:01 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
hQxIVbKNRaw=
Content-Length
2785
Connection
keep-alive
id
metrics.heraldsun.com.au/
48 B
517 B
XHR
General
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=39884072906893602232607653547178914573&ts=1607481901662
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
bf24e327e3ce8b7aeb23a5f71c9332a0c74a5fcd46ca60cbe36e7aafa03ebf54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-f7bfdfcfd-vd9r5
vary
Origin
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=X9A6LQAAAJHINx__
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=39860089644780913332610032048156549655
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9A6LQAAAJHINx__
42 B
915 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9A6LQAAAJHINx__
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.234.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-234-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v086-0570f8116.edge-irl1.demdex.com 5.80.1.20201111130852 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
C8aBgxxURUs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9A6LQAAAJHINx__
Date
Wed, 09 Dec 2020 02:45:01 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 5538
0
0
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-465845.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-11.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
p19lSiMjimmZAFPu7B0f6P8zYXBM0Clq6qHuD-HmwKGhkAQI4pnPyg==
age
1331038
m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607481901727&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstr...
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607481901727&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstr...
44 B
492 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607481901727&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-b5afc5b1e0e647b28f0e2ae9786317d9&tz=1&ja=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
x-cache
Miss from cloudfront
content-type
image/gif
content-length
44
x-amz-cf-id
5ef9vkejjK1-xCY3wi21TvbaUS0DYyWreOu8M7jMYTZuPenGb3nDhA==
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:01 GMT
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
location
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607481901727&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-b5afc5b1e0e647b28f0e2ae9786317d9&tz=1&ja=1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
eddcYbhNR_ZObVZhbtXiduIhYXMd4s6noWoGQZYJztEMtHjQbss5fQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
Serving
bs.serving-sys.com/
10 KB
3 KB
Script
General
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=7344982254495538263&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D2566077251832927474$$&ns=0&rnd=4483668363392981
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
80.252.91.52 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e58c1d40350dfb19738c25fee478e3280f563459d97baa5cf37582a65f3552ad

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:23 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=UTF-8
Content-Length
2385
Expires
Sun, 05-Jun-2005 22:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/465845/
178 B
321 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/465845/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e8f2fe812b29ca995bc0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.132.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-132-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
br
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
show_companion_ad.js
pagead2.googlesyndication.com/pagead/
21 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
982
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
8761
x-xss-protection
0
server
cafe
etag
16638491572200565323
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 09 Dec 2020 03:28:39 GMT
pub
pixel.adsafeprotected.com/services/
648 B
886 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=73d22032-4a34-1456-831f-ba2287bf5196&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5256cf9cad5cde786a8b5f580e953ccbd312ebb3257b199758d6ac799541ce1c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
x-server-name
app16.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
id
dpm.demdex.net/
5 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=39884072906893602232607653547178914573&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01bc65a0576d8df0c7dc57b9f9daa67b9f%011&ts=1607481901839
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.234.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-234-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
12b6163a5818be4a480779a405c48bb84a5f79c98dfadf573d5f230e866f504e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v086-03810ed9f.edge-irl1.demdex.com 5.80.1.20201111130852 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
6B48dgdUQOk=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1535
Expires
Thu, 01 Jan 1970 00:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame E0AA
4 KB
2 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.97.161 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-97-161.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 08 Dec 2020 08:57:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
64026
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
7aL8Zfy6t0lOGClJaVUtfPPHZ4aQ_dqw7dnIGt8fdtZ4MYOihw6LTg==
uwt.js
static.ads-twitter.com/ Frame 772A
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.52.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
18734
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1607481902.011285,VS0,VE0
x-served-by
cache-man4140-MAN
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 2EB8
965 B
761 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:3b4::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=31962
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
js
www.googletagmanager.com/gtag/ Frame 4E0A
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b078acca5079cc43614182feddcc9f3a3d5c733eb382d596f1cfcb7eaa82f326
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38971
x-xss-protection
0
last-modified
Wed, 09 Dec 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Dec 2020 02:45:01 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame B8C8
4 KB
2 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.97.161 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-97-161.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 08 Dec 2020 08:57:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
64026
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
ktZDhznT7MUKl9qLu3WNXmvLzlIKWd18kb2RWKuPL8QPv7LAI6MNWQ==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 2B11
7 KB
3 KB
Script
General
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:01 GMT
Content-Encoding
gzip
Age
20001
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2601
X-Served-By
cache-lga21961-LGA, cache-hhn4042-HHN
Access-Control-Allow-Origin
*
Last-Modified
Thu, 14 May 2020 21:04:36 GMT
Server
nginx/1.13.10
X-Timer
S1607481902.992891,VS0,VE0
ETag
W/"5ebdb264-1cfb"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 15 May 2020 21:04:39 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
3, 3675
activityi;dc_pre=CK-Iht7wv-0CFfPjuwgdoL8EKA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9644436378179.729
8228261.fls.doubleclick.net/ Frame E5E5
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9644436378179.729?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CK-Iht7wv-0CFfPjuwgdoL8EKA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=964443637817...
0
0
Document
General
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CK-Iht7wv-0CFfPjuwgdoL8EKA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9644436378179.729?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8228261.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CK-Iht7wv-0CFfPjuwgdoL8EKA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9644436378179.729?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 09 Dec 2020 02:45:02 GMT
expires
Wed, 09 Dec 2020 02:45:02 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
330
x-xss-protection
0
set-cookie
IDE=AHWqTUlXDPtVZFoS_nFWClc_NtvnI5UeZc1a2XRylZZepMhXnihAryd0LPgcFYDK; expires=Mon, 03-Jan-2022 02:45:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 09 Dec 2020 02:45:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CK-Iht7wv-0CFfPjuwgdoL8EKA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9644436378179.729?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;dc_pre=CP_Dht7wv-0CFabtuwgdZeYGVw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=686470517979.0254
8228261.fls.doubleclick.net/ Frame 8BEC
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=686470517979.0254?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CP_Dht7wv-0CFabtuwgdZeYGVw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=686470517979...
0
0
Document
General
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CP_Dht7wv-0CFabtuwgdZeYGVw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=686470517979.0254?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8228261.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CP_Dht7wv-0CFabtuwgdZeYGVw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=686470517979.0254?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 09 Dec 2020 02:45:02 GMT
expires
Wed, 09 Dec 2020 02:45:02 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
329
x-xss-protection
0
set-cookie
IDE=AHWqTUk7vo5hWaULf-ZJX22RWZzbzSZBFH18Wfk8VPZ8hbJjde0VwTlZVHBHRw45; expires=Mon, 03-Jan-2022 02:45:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 09 Dec 2020 02:45:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CP_Dht7wv-0CFabtuwgdZeYGVw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=686470517979.0254?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js
www.googletagmanager.com/gtag/ Frame 7E8C
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8600099f7e30b15cb09a2746c608dec0944c9a031c8b4794010ab943f2a98522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38969
x-xss-protection
0
last-modified
Wed, 09 Dec 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Dec 2020 02:45:01 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 31DE
30 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11865
x-xss-protection
0
server
cafe
etag
18432201170715473949
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 09 Dec 2020 02:45:02 GMT
activity
au-gmtdmp.mookie1.com/t/v2/ Frame 0436
43 B
607 B
Image
General
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
secure.adnxs.com/ Frame B275
Redirect Chain
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:02 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.185:80
AN-X-Request-Uuid
ffcc75e4-9baf-4234-bfe6-068263e94ee0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:02 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid
53e0a12d-4fa6-4bf7-9bc1-e80a72346755
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
0
1023 B
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:02 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.148:80
AN-X-Request-Uuid
8c447495-95be-48f8-80c2-24dc2795142e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:02 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80
AN-X-Request-Uuid
cade6f5b-3fee-429f-9ad7-7597b4834079
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
0
1022 B
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:02 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.74:80
AN-X-Request-Uuid
a481312f-62f4-4748-9436-4390d7734122
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:02 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid
99487753-73d0-42c9-a915-e55b5cfa6a78
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s06419290171997
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/
43 B
443 B
Image
General
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s06419290171997?AQB=1&ndh=1&pf=1&t=9%2F11%2F2020%203%3A45%3A1%203%20-60&cid.&newsnkidcookie.&id=bc65a0576d8df0c7dc57b9f9daa67b9f&as=1&.newsnkidcookie&.cid&vid=bc65a0576d8df0c7dc57b9f9daa67b9f&mid=39884072906893602232607653547178914573&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D51&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=1%3A45%20PM%7CWednesday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cmac%20os%20x%7C10_14_5&c60=D%3Dv60&v60=51&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=no%20plugins&v77=D%3Dmid&v78=dk%7Cunknown%7Ccopenhagen%7C55.67%7C12.58%7Cgmt%2B1%7Cunknown&v79=dk&v80=bc65a0576d8df0c7dc57b9f9daa67b9f-00000000000000000000000000000000-1607481901369-685351&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:01 GMT
x-content-type-options
nosniff
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 10 Dec 2020 02:45:01 GMT
server
jag
xserver
anedge-f7bfdfcfd-mn6v7
etag
3452041096938749952-4621545086646638430
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 08 Dec 2020 02:45:01 GMT
glcfg510.js
cdn-gl.imrworldwide.com/novms/js/2/configs/
2 KB
1 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by
Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:ce00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
a9yv6FoqUOJEHV8JhhsvdvrSixeG3nZZ
content-encoding
gzip
etag
"931051f801612c3a0e2782961ac3d56c"
last-modified
Tue, 17 Nov 2020 14:36:24 GMT
server
AmazonS3
age
3422
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 09 Dec 2020 01:48:00 GMT
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
Kf-vy6Un2PNk5lolIoEwEefTnkLhSJDvbxHf_bStNgRVLaysGHwnhw==
insight.old.min.js
snap.licdn.com/li.lms-analytics/ Frame 2EB8
3 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:3b4::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2020 20:29:41 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=36753
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
conversion_async.js
www.googleadservices.com/pagead/ Frame 4E0A
30 KB
13 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12174
x-xss-protection
0
server
cafe
etag
1959326039972715456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 09 Dec 2020 02:45:02 GMT
integrator.js
adservice.google.dk/adsid/
109 B
803 B
Script
General
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c06::9c Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
803 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c06::9c Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
122 KB
14 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3522182618150384&correlator=2456104442157273&output=ldjh&impl=fifs&hxva=1&scor=3138374770660050&eid=21068773%2C21068809&vrg=2020120301&co=1&npa=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201209&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D88fe6dd7-39c8-11eb-bd24-067f141e2336%7Cpos%3D1%26id%3D88fe6dd8-39c8-11eb-bd24-067f141e2336%26vw%3D40%2C50%2C60%2C70%26vw05%3D40%26grm%3D40%2C50%2C60%26pub%3D40%7Cpos%3D2%26id%3D88fe6dd9-39c8-11eb-bd24-067f141e2336%7Cpos%3D1%26id%3D88fe6dda-39c8-11eb-bd24-067f141e2336%7Cpos%3D2%26id%3D88fe6ddb-39c8-11eb-bd24-067f141e2336%7Cpos%3D1%26id%3D88fe6ddc-39c8-11eb-bd24-067f141e2336&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3Dbc65a0576d8df0c7dc57b9f9daa67b9f%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26pvid%3Dbc65a0576d8df0c7dc57b9f9daa67b9f-00000000000000000000000000000000-1607481901369-685351%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1607481902&dt=1607481902014&dlt=1607481900537&idt=1270&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1123%2C1124%2C176%2C176%2C0&adys=28%2C467%2C8154%2C9069%2C3084%2C9711&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C300x0%7C300x0%7C1248x0%7C1248x0%7C1600x9710&msz=728x133%7C300x276%7C1248x276%7C1000x50%7C728x90%7C1x1&ga_vid=1179068489.1607481902&ga_sid=1607481902&ga_hid=281737053&fws=640%2C640%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
16940d2c1b3f16385e4168b6aa839738762a99aa8289394d1782608f25e27e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14145
x-xss-protection
0
google-lineitem-id
4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234092474,138234092042,138234092456,138234082439,138234025551,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
80c3cdb7f72544d3cffdfa4925c14fa9.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://80c3cdb7f72544d3cffdfa4925c14fa9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/
32 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:ce00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d53de17c52365eb4ce49341da6d0844aa24c93f5191d0ce0b6892b4edb78574

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
p.GIn_m4VYJlheE7y0NcSd7KUR4Ge7Si
content-encoding
gzip
etag
"b3ba4d2f55bcb9dab2f815325629c81b"
last-modified
Tue, 08 Dec 2020 19:18:20 GMT
server
AmazonS3
age
1673
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Wed, 09 Dec 2020 02:17:10 GMT
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
MRPChXG4orPFZMJ9NRek6cXnbBtijQlB-pDjUxwIfoKm55__rGMv3w==
collect
px.ads.linkedin.com/ Frame 2EB8
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607481902047
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1607481902...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607481902047&liSync=true
0
57 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607481902047&liSync=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
9Cf9E0bsThZwxhdgKCsAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
yIXpBUbsThaw4NecbysAAA==
pragma
no-cache
x-li-pop
afd-prod-esv5
x-msedge-ref
Ref A: 9BC19AA3C51A433FA1B26AA19CC62E66 Ref B: FRAEDGE0917 Ref C: 2020-12-09T02:45:02Z
x-frame-options
sameorigin
date
Wed, 09 Dec 2020 02:45:02 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607481902047&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixie
ib.adnxs.com/ Frame 2B11
42 B
353 B
Image
General
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1607481902057&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1607481902057&et=1607481902058&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 02:45:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.17.9
Connection
keep-alive
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 10.2.80.148:80
Content-Length
42
Content-Type
image/gif
conversion_async.js
www.googleadservices.com/pagead/ Frame 7E8C
30 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12174
x-xss-protection
0
server
cafe
etag
1959326039972715456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 09 Dec 2020 02:45:02 GMT
adsct
t.co/i/ Frame 772A
43 B
448 B
Image
General
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Wed, 09 Dec 2020 02:45:02 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e9d6f8cc9f7062bc11a683977cd4add5
x-transaction
0013ef2b004bcace
expires
Tue, 31 Mar 1981 05:00:00 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/
173 KB
50 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:ce00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
8pyu2AVizz7qLhkNLlydOCakgrumnPjD
content-encoding
gzip
etag
"2a3ec0074402cc8fa654f381bebd2e04"
last-modified
Tue, 17 Nov 2020 14:36:24 GMT
server
AmazonS3
age
3046
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 09 Dec 2020 01:54:17 GMT
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
8KxsXA53K2AvFk4j4XYa5P9MmFyzuyGCkPUwW_aY6Q8pnLxtIHI3PQ==
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/
0
413 B
XHR
General
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?tvi2=4013&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1607481902.140196,VS0,VE9
x-served-by
cache-hhn4030-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 31DE
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1607481902126&cv=9&fst=1607481902126&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f87468e1bdae50491f38052d22728ee148bbf84f03392367f0669522d9953311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
971
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 4E0A
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1607481902134&cv=9&fst=1607481902134&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3f768fa9f478b8419452d36321d54ace2c95e55258d98d0848dc5e37516cd54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1012
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 14B2
0
0
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:ce00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn-gl.imrworldwide.com
:scheme
https
:path
/novms/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCVER=v1; IMRID=88e40760-39c8-11eb-adbd-c3e52d0e3b23
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html
last-modified
Tue, 17 Nov 2020 14:36:23 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
fXiAi9JTI1XHMxGqL.0MvkCakB1rMXT9
server
AmazonS3
content-encoding
gzip
date
Wed, 09 Dec 2020 02:12:33 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
cache-control
max-age=86400
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
c8yF_BDYJURn5MddR2bBpQbZuwhhjtutFxkfTaqPwOQJJvrmhEaqgA==
age
1949
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 7E8C
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1607481902153&cv=9&fst=1607481902153&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75dc6d97ecae48f265048ab2c15b8a9edb925fb86dda4a0518b9b59f71fdbcb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1009
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1BF2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlRfB1d5v5dhHDy_xBOauNE0A7Y83iupkR5n4HNTjHQCpSzpVeGVf3ZXa9F2MpxR-P14NKiqZ9QwL0htyZz2HKIbh4G1vyfjBZkLGTr5tCsoLVn5fhJCTurw0yAAAgUkvLYGzLjxqSnwGFDGLh6lGqZBXI1aC04N81K7F4k48BJn1ltM-8C-XQ7P5ADxtPDJXxgX56yETObxLstrw-T1eJSaHm4udPcOsbf-JLljKMLbUtoGJSju6-v8C3ujqtBrigSm6FnvMC&sig=Cg0ArKJSzAmegN1X6dZ0EAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 1BF2
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 20:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7483
x-xss-protection
0
server
cafe
etag
7789600959769866771
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Dec 2020 20:40:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 1BF2
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 11:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1494
x-xss-protection
0
server
cafe
etag
5335486849732140232
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Dec 2020 11:34:13 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 1BF2
76 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607379317188095"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29426
x-xss-protection
0
expires
Wed, 09 Dec 2020 02:45:02 GMT
l
www.google.com/ads/measurement/ Frame 1BF2
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4GKduTZKEI07eqedtkOKScXp0Kbt3_vmJyJH-R8d5QM05l0MdCsjqgsL96BsqIC5BIkqq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 1BF2
68 B
232 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 08:14:37 GMT
x-content-type-options
nosniff
age
325825
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Dec 2021 08:14:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 531F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtkzz7rYHNBM0TCNgkdTyIBUq9N5WOnex-l3H7xqoHOklpYo488RvqT4zc5F7ca1WBpd5_6qlYeAcVZAUy6d1LsnNKY9uHsaVBR34Ay08AEutpHMK0Dcadxr0QvqlbsFB40RHAgdcZwhwTVGCf6aewSD_ic5fKtLrnoqAlSggj2s5NGuZpo14QUPfOxPqsQwzzTDuAkw77GTg2l1Km1E6mqhm6qAdoHeDDW4c1TfuK4_tjIOSIGlDtUn5Djc2XB8SvEBQ2yO-1&sig=Cg0ArKJSzH8ppI-iCYn5EAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 531F
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 20:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7483
x-xss-protection
0
server
cafe
etag
7789600959769866771
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Dec 2020 20:40:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 531F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 11:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1494
x-xss-protection
0
server
cafe
etag
5335486849732140232
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Dec 2020 11:34:13 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 531F
76 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607379317188095"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29426
x-xss-protection
0
expires
Wed, 09 Dec 2020 02:45:02 GMT
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 531F
68 B
169 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 10:35:12 GMT
x-content-type-options
nosniff
age
317390
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Dec 2021 10:35:12 GMT
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
187f0e2d2331f649e0afc51f0567cf23ef47d57283aa928313452eb1a559efb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607379317188095"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28447
x-xss-protection
0
expires
Wed, 09 Dec 2020 02:45:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FE78
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5mywp2yPIc3ppnJ0jBbjh9hht7NbLQTA539Ix7s8kgRfkjoC6qWfoG5f_hQrKF_HRTTq3399vXUYEwydgU_COJT20VSVLrYOto_qi7vnWD54OCGNchfsmFaMSQNiTwt5I-pp_YALReS9Bjdw343BnHtuA-8S2Qosb0snXSbjRsFMC2-uBIeTqK1NSeIYutw0ZpvRBQfUtAthA7Rz6eFfOC97JY8O3JxzOKvfmH7dJz9q37Ag1Ug8tjWMxWeLlNt00HY2PpEhY&sig=Cg0ArKJSzPK1p49k4qJTEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame FE78
68 B
94 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 10:35:12 GMT
x-content-type-options
nosniff
age
317390
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Dec 2021 10:35:12 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame FE78
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 20:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7483
x-xss-protection
0
server
cafe
etag
7789600959769866771
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Dec 2020 20:40:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame FE78
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 11:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1494
x-xss-protection
0
server
cafe
etag
5335486849732140232
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Dec 2020 11:34:13 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame FE78
76 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607379317188095"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29426
x-xss-protection
0
expires
Wed, 09 Dec 2020 02:45:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 83E6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv40eQhNbxv_Efksennjl-OtIsXnkcKxrNzgAAIor6LDPFtgDSfWi-FEHwK2_pSpXYT7T_SL833Li9gT6r9gPFZ_aVJMCoUyh9aLjeYav1-rFdrXTJh8i1wvhX2YmzgiuAHqGvAlqikOVjigcBREhGziraK508kqvD-yHEiKC5HLJzicv_tqRgVICYPTe_19b64pN8xgqWC5hRWlFNDLIiR9E8HGwLhw5GQeuts4m-bTHFUGUklI-l67ARBhRETbZpLSJ4u-e7l&sig=Cg0ArKJSzFP4ISi2VPXbEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 83E6
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 20:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7483
x-xss-protection
0
server
cafe
etag
7789600959769866771
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Dec 2020 20:40:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 83E6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 11:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1494
x-xss-protection
0
server
cafe
etag
5335486849732140232
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Dec 2020 11:34:13 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 83E6
76 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607379317188095"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29426
x-xss-protection
0
expires
Wed, 09 Dec 2020 02:45:02 GMT
l
www.google.com/ads/measurement/ Frame 83E6
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEwzrkJDFu0dr2811Q2pBuwlgtmhhuLCyzGdH4Y2LyIVCXKoPRqaZBNocC9TvrUeGgi4pP
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 83E6
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13503232906761715217
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 11:38:19 GMT
x-content-type-options
nosniff
age
486403
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3270
x-xss-protection
0
last-modified
Wed, 23 May 2018 04:43:28 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 11:38:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1D0F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGlY7A8F4oP0AQhmbEv5zg0dbDa1aWVDWHj4KszJjTZVZ8VXqOy8TssUKSlRu2g-UNy84dKZW8EefOBIMMz4tXC4J0iWOGCdhHKutHP3dsYvyBWPfBuD-L6Q-R_gNssOTxLMHhyyIEUY18uWVjzeO6Gs-7-FZ75lSch5EUtZ69GRFb8w2NMrqLNDCdLT5-W5Ld8p9uihSSHuL0oUi17BpsTsNIEsYFOMrVrQbN0Bp2qg_JIj3zqnoWgPKhSu7ayMeMA7ncRLbx&sig=Cg0ArKJSzMm7tFKOTYE1EAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=bc65a0576d8df0c7dc57b9f9daa67b9f-1607481897
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 1D0F
68 B
94 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 08:14:37 GMT
x-content-type-options
nosniff
age
325825
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Dec 2021 08:14:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 1D0F
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 20:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7483
x-xss-protection
0
server
cafe
etag
7789600959769866771
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Dec 2020 20:40:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 1D0F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 11:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1494
x-xss-protection
0
server
cafe
etag
5335486849732140232
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Dec 2020 11:34:13 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 1D0F
76 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607379317188095"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29426
x-xss-protection
0
expires
Wed, 09 Dec 2020 02:45:02 GMT
l
www.google.com/ads/measurement/ Frame 1D0F
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSRRbtBen_RaVuOhzh4FNohw90FtnCpj9QRF5JCYrmDnHfn3-pgx8cAnv3Ip7J93tWQG_6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

/
www.google.com/pagead/1p-user-list/859754747/ Frame 31DE
42 B
329 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1607481902126&cv=9&fst=1607479200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=4046023418&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/859754747/ Frame 31DE
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/859754747/?random=1607481902126&cv=9&fst=1607479200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=4046023418&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 1BF2
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0968471ad43671d3addd5b524a988e251edec63b4ee742071fae2750c057c082

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 558D
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1337133826&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd7-39c8-11eb-bd24-067f141e2336
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fb580609463ffdeaf3b84cdb743472de15f1497b1c033be1642bc7b44c777c59

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-server-name
app39.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame 531F
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b365316ac5070821d725091506517c40b5fd0ec1f6c14ea3dc4da9bfe3c0869

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame CA28
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1939348180&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd8-39c8-11eb-bd24-067f141e2336
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9b016f90e066a91355c9becea1caadd2433f73cfd8a2cb36823556ff00a242cc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-server-name
app16.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
/
www.google.com/pagead/1p-user-list/707564276/ Frame 4E0A
42 B
66 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1607481902134&cv=9&fst=1607479200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=2448922492&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/707564276/ Frame 4E0A
42 B
66 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/707564276/?random=1607481902134&cv=9&fst=1607479200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=2448922492&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame 7E8C
42 B
66 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1607481902153&cv=9&fst=1607479200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=212317812&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/820018408/ Frame 7E8C
42 B
530 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/820018408/?random=1607481902153&cv=9&fst=1607479200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=212317812&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame FE78
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72c9f53abc637ac99fdde80196eba1ef4f0d61be616b2e4133dbbc70e3206cd7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 1072
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=118083900&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd9-39c8-11eb-bd24-067f141e2336
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f0d362a02953b077bdb72368bdcc030d7b85f054ac82554a81b51b842fbc1b06

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-server-name
app44.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 83E6
0
22 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkTSN3pR_Y7Gg5gl9iSoPnLVmYUUo07XeB4HcDCxY2xsIq5Pvpt9EeqUqcNWcuj3OEDxtnUuFcm3dStHjsutPZDTaQNeBlMtLkK6OoQ3Jg7q2AtlRHuQErjfdTDDkvFqlKf4PY8kpy9q_uDFKbJR8FWQT40hWBiafsh-QcP8ofZzt7DlCfHDzK5qVuH-i0YSbiOtL0hAGSKTKMlWrO1bqJdanBQZ7hq3X-kxycvR6Ml9b5FzfGsXCjACG0bCyuYvsPdcE8uv2KiLI&sig=Cg0ArKJSzDxAGCaIHoJrEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 83E6
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34d8ddeeec9183aa5bbdd586faee5ffdbdef6c242fd68a0268ebaace40578ce6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 0F47
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=361234278&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dda-39c8-11eb-bd24-067f141e2336
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3da22675d8a4acf66e57544b9e5ca05c313e923aa956f2c909bce800cc83858f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-server-name
app04.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1BF2
0
22 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQhfbgFHASQlPiE_IaOtOZKNCLYl6W4DssPCh-ERZ2MGNcGoZ8ZzFfFOIjRRPOiW7uDfgQqkAJesMfRJSRrNOTgpVpa79SkcjZhzSd4YYzrOmwVqluHnOmRL_GfjcdorciaNe4EVf_2X9J-lbJcMQ9ixo5WXN7l4USQjhIYvVCYOw1o4XJT6jSmQuYH2FQ3El2cHh_DxFxFRI0G90vo2Nhe9w3SK5o5rXrTLqFGOtv_8HgcO03wX2RwQOjJGyG1SC_Ro8Smz_P-7U&sig=Cg0ArKJSzLJezNlmZTwzEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame FE78
0
22 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcLhvHrGNE9-7yoGVsvom0HDowmrMHAR5BCI-xYc35pcMcsy3tYfbeJ4uLIfAT5Nnfj3qVB8dnaIrm0kaPJLwKO6Lg1ktMMZFTGA1ggGIAf75jaou-0REuCk2tvbkfqXAS17bXaZf0r33pjIUHhpjFmyNWzESOufbsE9TYiX957qCCibucgxLYFAQmjpjN1MtdfAIXmLIGy8olnhQfIM1WtrtGBXwS7cLlOIGsPH30AsGWD9TL-URnvujAYaHrfQJ8TAnHMmWVRI4&sig=Cg0ArKJSzCUbdWGQXldUEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 1D0F
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69f731c62e5da2fafe17128a3dc49132d36dbf0062066f2c71d0ee493d6da44d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 98DB
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=328257083&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6ddb-39c8-11eb-bd24-067f141e2336
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
713a4849fb10824c9b5c7a446b39f65edd12b9a73897f0fc8b706e9441591317

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
content-encoding
gzip
x-server-name
app15.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 531F
0
22 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvInvC_G2G25miyAxIFW8tBfU74_pASZ19-Zfh9mwxmfSOG4mrw1jfEv7AT4wt9g2AdqSYeuzZAtY7TtrRoxbW5yMWGHGSx4cLVxW3Dx0dPuBiNbJwwYV8MthyKpT9Yb2HoNi9eeWgYUTZ7WitslaIArlLSj614zms0KCxDGC4sJGSAgwpb3VzLaO1wGvoCzEErBV2ZzCYkZj0HE2RgEdko75JPqr6Pf7JD0w8q4HA7RyZ_WrYzw7zStamKJBvW1Fo5-XPYMqclQms&sig=Cg0ArKJSzJWJGmsEkpANEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1D0F
0
22 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQrGO5bEtW-paVTf_dMnujtvlJ_XH9q8knJNXYSlWQebAUGqihC5in4GBmCbLjRBTR82HF2Ht8upt6zw229vEiqy6jC86k0IaxQnvJvc5hZ9C6mqiov0ke4RJwLRMwecOFYGduHbJFMz9HD2H0hQSkdMXkN1j2HtAot8MVjHHDAhV8O-rF9xX7QKuGdm0B_Cxt_lX38AoW7RX49h_Sy3KdiZuOq7dqvIf2zh5xFa8Gu4KZX8hqZWH5Tyz92ThivR5c-OGBkQWS7ac&sig=Cg0ArKJSzBKfUXnE6lryEAE&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
main.gr.19.8.148.js
static.adsafeprotected.com/ Frame 558D
176 KB
56 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.148.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1337133826&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd7-39c8-11eb-bd24-067f141e2336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 22:36:18 GMT
content-encoding
gzip
age
533325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 02 Dec 2020 22:21:10 GMT
server
AmazonS3
etag
W/"759b8caa427845cb0f35061a0cbe8d07"
vary
Accept-Encoding
x-amz-version-id
jFlCPuWZb13F7XOq7x4jZr7K0ZmVQw0z
via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
MaI1lzcnIyT30GRm3piH3bCnTAN8ch-zWNmvfX_i2NAY21s_lXkwow==
main.gr.19.8.148.js
static.adsafeprotected.com/ Frame 98DB
176 KB
56 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.148.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=328257083&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6ddb-39c8-11eb-bd24-067f141e2336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 22:36:18 GMT
content-encoding
gzip
age
533325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 02 Dec 2020 22:21:10 GMT
server
AmazonS3
etag
W/"759b8caa427845cb0f35061a0cbe8d07"
vary
Accept-Encoding
x-amz-version-id
jFlCPuWZb13F7XOq7x4jZr7K0ZmVQw0z
via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
ON7edyNnbseqV1HIIGSJg_wgBaH6u_fcgUapqMX3-eRLerIvuyyzdQ==
main.gr.19.8.148.js
static.adsafeprotected.com/ Frame 0F47
176 KB
56 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.148.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=361234278&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dda-39c8-11eb-bd24-067f141e2336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 22:36:18 GMT
content-encoding
gzip
age
533325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 02 Dec 2020 22:21:10 GMT
server
AmazonS3
etag
W/"759b8caa427845cb0f35061a0cbe8d07"
vary
Accept-Encoding
x-amz-version-id
jFlCPuWZb13F7XOq7x4jZr7K0ZmVQw0z
via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
spQBDlYuDlTBHwHHtLo6RZ_H5NJjynh1DkhAuctLp5SqGrMt9rDTFw==
main.gr.19.8.148.js
static.adsafeprotected.com/ Frame 1072
176 KB
56 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.148.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=118083900&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd9-39c8-11eb-bd24-067f141e2336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 22:36:18 GMT
content-encoding
gzip
age
533325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 02 Dec 2020 22:21:10 GMT
server
AmazonS3
etag
W/"759b8caa427845cb0f35061a0cbe8d07"
vary
Accept-Encoding
x-amz-version-id
jFlCPuWZb13F7XOq7x4jZr7K0ZmVQw0z
via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
CmcockTIk7vcx5-CTMpKiYV2fqED8LOmqmOhQ-dbzd7_Z9_DjoFacA==
main.gr.19.8.148.js
static.adsafeprotected.com/ Frame CA28
176 KB
56 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.148.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1939348180&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd8-39c8-11eb-bd24-067f141e2336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 22:36:18 GMT
content-encoding
gzip
age
533325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 02 Dec 2020 22:21:10 GMT
server
AmazonS3
etag
W/"759b8caa427845cb0f35061a0cbe8d07"
vary
Accept-Encoding
x-amz-version-id
jFlCPuWZb13F7XOq7x4jZr7K0ZmVQw0z
via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
W-sdgLQlSOCnquCJERL2i_17D67ow8_ljEjEORHU9PjRrBv3e0EQ5g==
sca.17.4.114.js
static.adsafeprotected.com/ Frame 1E3E
81 KB
82 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.4.114.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 03:12:04 GMT
via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
age
1380779
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
83389
last-modified
Mon, 13 Jan 2020 23:54:54 GMT
server
AmazonS3
etag
"e456dd0e5be3c2494dd734db6c5b965c"
x-amz-version-id
gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
80O8Lhix1clFm_1wMHwS-q-S76crcv1I2bL9Xipe2ZExJolZqi4EqA==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1337133826&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd7-39c8-11eb-bd24-067f141e2336&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:271866eb-cea8-a030-cdce-daca5826e3aa,c:wmuVW4,sl:outOfView,em:true,fr:true,mn:app39ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:siDAf98+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h*.10507|1h1|1i1|1j1|1k1|1l1|1m,idMap:1h*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:99,oid:8943dac2-39c8-11eb-a5ff-0a02ecb6ddbb,v:19.8.148,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
x-server-name
app33.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.4.114.js
static.adsafeprotected.com/ Frame 6230
81 KB
82 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.4.114.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 03:12:04 GMT
via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
age
1380779
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
83389
last-modified
Mon, 13 Jan 2020 23:54:54 GMT
server
AmazonS3
etag
"e456dd0e5be3c2494dd734db6c5b965c"
x-amz-version-id
gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Y0dtElReESuRI1qFrUmuhQ4YYVvhGvS3-lM26sWllSUoTODiMW5Adw==
mon
pixel.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=361234278&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dda-39c8-11eb-bd24-067f141e2336&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:9d81aefc-ece5-7fd7-55d2-382bfb428987,c:wmuVWH,sl:outOfView,em:true,fr:true,mn:app04ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.9220.10.10,am:i,cc:795.9220.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:siDAf9B+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i1|1j1|1k*.10507|1k1|1l1|1m,idMap:1k*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:109,oid:8943db57-39c8-11eb-a5ff-061b2abdf756,v:19.8.148,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.4.114.js
static.adsafeprotected.com/ Frame 7FCC
81 KB
82 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.4.114.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 03:12:04 GMT
via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
age
1380779
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
83389
last-modified
Mon, 13 Jan 2020 23:54:54 GMT
server
AmazonS3
etag
"e456dd0e5be3c2494dd734db6c5b965c"
x-amz-version-id
gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lI6UYDSVLtVVjSrMRXkBlDGKM1UTYEdDPGZg-3AkETT_816tofP0RA==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=328257083&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6ddb-39c8-11eb-bd24-067f141e2336&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:d8e54ce2-30f8-2172-69da-214fa08fe80e,c:wmuVX5,sl:outOfView,em:true,fr:true,mn:app15ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.3101.1.1,am:i,cc:800.3101.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:siDAf9f+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i1|1j1|1k1|1k2|1l*.10507|1l1|1m,idMap:1l*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:155,oid:8943daf6-39c8-11eb-80fd-0a320acf4edc,v:19.8.148,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
x-server-name
app30.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.4.114.js
static.adsafeprotected.com/ Frame D2D1
81 KB
82 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.4.114.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 03:12:04 GMT
via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
age
1380779
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
83389
last-modified
Mon, 13 Jan 2020 23:54:54 GMT
server
AmazonS3
etag
"e456dd0e5be3c2494dd734db6c5b965c"
x-amz-version-id
gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
GucLTYt31woRzyM67Ih3cjKNPWpDHO5hpBNdgisLhipnjkui4O5iVA==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=118083900&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd9-39c8-11eb-bd24-067f141e2336&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:4f443996-7a99-a93e-3e9e-a820982e003d,c:wmuVXn,sl:outOfView,em:true,fr:true,mn:app44ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.8189.1.1,am:i,cc:1274.8189.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:siDAf9G+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i1|1j*.10507|1j1|1k1|1k2|1l1|1l2|1m,idMap:1j*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:145,oid:8943daeb-39c8-11eb-a7da-0af2cba1aaf5,v:19.8.148,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.4.114.js
static.adsafeprotected.com/ Frame 13CD
81 KB
82 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.4.114.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 03:12:04 GMT
via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
age
1380779
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
83389
last-modified
Mon, 13 Jan 2020 23:54:54 GMT
server
AmazonS3
etag
"e456dd0e5be3c2494dd734db6c5b965c"
x-amz-version-id
gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Yg3_mq5B7EYpfjdcUkeDugknPLzGO-mm4_R5L9CqQRp8TXD_ooSexw==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1939348180&custom=homepage&custom3=168400391&adsafe_par&impId=88fe6dd8-39c8-11eb-bd24-067f141e2336&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:ba968cd2-d37d-9b54-d467-09c41dd9759c,c:wmuVXE,sl:outOfView,em:true,fr:true,mn:app16ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:siDAf9L+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i*.10507|1i1|1j1|1j2|1k1|1k2|1l1|1l2|1m,idMap:1i*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:158,oid:894401be-39c8-11eb-bd24-067f141e2336,v:19.8.148,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:02 GMT
x-server-name
app24.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=271866eb-cea8-a030-cdce-daca5826e3aa&tv={c:wmuVY2,pingTime:-2,time:220,type:a,im:{sf:0,pom:1,prf:{beA:184,beZ:186,mfA:263,cmA:264,inA:265,inZ:270,prA:270,prZ:276,si:284,poA:284,poZ:294,cmZ:294,mfZ:294,loA:331,loZ:335,ltA:404,ltZ:404}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:98}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:220,n:0,pp:0,pm:0},slEvents:[{sl:o,t:98,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[137~0],as:[137~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDAf98+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h*.10507|1h1|1i1|1j1|1k.10507|1k1|1l.10507|1l1|1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1],sinceFw:119,readyFired:true}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt40sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
campaigns
resourcesssl.newscdn.com.au/indies/
7 KB
2 KB
XHR
General
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
8098cb7d558587738407817676b8d08b140ac6e1c80c3037f6510de7e7af1a96

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 09 Dec 2020 02:45:03 GMT
Content-Encoding
gzip
ETag
W/"1b44-Kt7sI4CQtYhqkq8PP8/xKEcOzwI"
X-Powered-By
Express
X-Cache-Hits
0
Connection
keep-alive
Content-Length
1844
X-Served-By
cache-dca17757-DCA
Server
Google Frontend
X-Timer
S1607409595.793480,VS0,VE298
X-i
true
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cloud-Trace-Context
a66a0bc9b79a773406c038d69c421b16
Cache-Control
private, max-age=532511
Function-Execution-Id
xlzpuzom5o66
Accept-Ranges
bytes
X-Orig-Accept-Language
en-US,en;q=0.5
X-Country-Code
DE
Expires
Tue, 15 Dec 2020 06:40:14 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame
0
0
Other
General
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
HTTP/1.1
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Content-Type
text/html
Function-Execution-Id
bk3gkbaxbr5t
Server
Google Frontend
X-Cloud-Trace-Context
f8311cd688ba67272ee2fc89aa43beab
X-Country-Code
DE
X-Orig-Accept-Language
en-US
X-Powered-By
Express
Accept-Ranges
bytes
X-Served-By
cache-dca17733-DCA
X-Cache-Hits
0
X-Timer
S1607481903.757612,VS0,VE211
Cache-Control
private, max-age=604784
Expires
Wed, 16 Dec 2020 02:44:47 GMT
Date
Wed, 09 Dec 2020 02:45:03 GMT
Connection
keep-alive
X-i
true
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=9d81aefc-ece5-7fd7-55d2-382bfb428987&tv={c:wmuVYk,pingTime:-2,time:209,type:a,im:{sf:0,pom:1,prf:{beA:145,beZ:146,mfA:239,cmA:240,inA:240,inZ:242,prA:242,prZ:246,si:253,poA:253,poZ:259,cmZ:259,mfZ:259,loA:329,loZ:330,ltA:353,ltZ:353}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:10,h:10,t:108}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:209,n:0,pp:0,pm:0},slEvents:[{sl:o,t:108,wc:0.0.1600.1200,ac:795.9220.10.10,am:i,cc:795.9220.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[114~0],as:[113~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDAf9f+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i.10507|1i1|1j.10507|1j1|1k*.10507|1k1|1l.10507|1l1|1m,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1],sinceFw:100,readyFired:true}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt47sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d8e54ce2-30f8-2172-69da-214fa08fe80e&tv={c:wmuVYr,pingTime:-2,time:238,type:a,im:{sf:0,pom:1,prf:{beA:96,beZ:97,mfA:240,cmA:241,inA:241,inZ:243,prA:243,prZ:247,si:251,poA:251,poZ:256,cmZ:256,mfZ:256,loA:311,loZ:312,ltA:333,ltZ:333}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:154}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:238,n:0,pp:0,pm:0},slEvents:[{sl:o,t:154,wc:0.0.1600.1200,ac:800.3101.1.1,am:i,cc:800.3101.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[93~0],as:[93~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDAf9f+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i.10507|1i1|1j.10507|1j1|1k.10507|1k1|1k2|1l*.10507|1l1|1m,idMap:1l*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168],sinceFw:82,readyFired:true}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt22sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4f443996-7a99-a93e-3e9e-a820982e003d&tv={c:wmuVYu,pingTime:-2,time:214,type:a,im:{sf:0,pom:1,prf:{beA:193,beZ:194,mfA:327,cmA:327,inA:327,inZ:329,prA:329,prZ:333,si:338,poA:338,poZ:343,cmZ:343,mfZ:343,loA:387,loZ:388,ltA:406,ltZ:406}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:144}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:214,n:0,pp:0,pm:0},slEvents:[{sl:o,t:144,wc:0.0.1600.1200,ac:1274.8189.1.1,am:i,cc:1274.8189.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[79~0],as:[79~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDAf9f+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i.10507|1i1|1j*.10507|1j1|1k.10507|1k1|1k2|1l.10507|1l1|1l2|1m,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22],sinceFw:68,readyFired:true}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt36sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ba968cd2-d37d-9b54-d467-09c41dd9759c&tv={c:wmuVYH,pingTime:-2,time:222,type:a,im:{sf:0,pom:1,prf:{beA:215,beZ:216,mfA:361,cmA:362,inA:362,inZ:363,prA:363,prZ:368,si:373,poA:373,poZ:377,cmZ:377,mfZ:377,loA:409,loZ:410,ltA:437,ltZ:437}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:157}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:223,n:0,pp:0,pm:0},slEvents:[{sl:o,t:157,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[76~0],as:[76~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDAf9f+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i*.10507|1i1|1j.10507|1j1|1j2|1k.10507|1k1|1k2|1l.10507|1l1|1l2|1m,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3],sinceFw:64,readyFired:true}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt01sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=271866eb-cea8-a030-cdce-daca5826e3aa&tv={c:wmuVZL,time:327,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:327,n:0,pp:0,pm:0},slEvents:[{sl:o,t:98,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[245~0],as:[245~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDAf98+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h*.10507|1h1|1i.10507|1i1|1j.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt62sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=9d81aefc-ece5-7fd7-55d2-382bfb428987&tv={c:wmuVZM,time:299,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:299,n:0,pp:0,pm:0},slEvents:[{sl:o,t:108,wc:0.0.1600.1200,ac:795.9220.10.10,am:i,cc:795.9220.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[203~0],as:[202~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDAf9f+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i.10507|1i1|1j.10507|1j1|1k*.10507|1k1|1l.10507|1l1|1m,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt40sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d8e54ce2-30f8-2172-69da-214fa08fe80e&tv={c:wmuVZN,time:322,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:322,n:0,pp:0,pm:0},slEvents:[{sl:o,t:154,wc:0.0.1600.1200,ac:800.3101.1.1,am:i,cc:800.3101.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[177~0],as:[177~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDAf9f+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i.10507|1i1|1j.10507|1j1|1k.10507|1k1|1k2|1l*.10507|1l1|1m,idMap:1l*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt47sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4f443996-7a99-a93e-3e9e-a820982e003d&tv={c:wmuVZO,time:296,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:296,n:0,pp:0,pm:0},slEvents:[{sl:o,t:144,wc:0.0.1600.1200,ac:1274.8189.1.1,am:i,cc:1274.8189.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[161~0],as:[161~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDAf9f+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i.10507|1i1|1j*.10507|1j1|1k.10507|1k1|1k2|1l.10507|1l1|1l2|1m,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt36sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ba968cd2-d37d-9b54-d467-09c41dd9759c&tv={c:wmuVZP,time:292,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:292,n:0,pp:0,pm:0},slEvents:[{sl:o,t:157,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[145~0],as:[145~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDAf9f+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i*.10507|1i1|1j.10507|1j1|1j2|1k.10507|1k1|1k2|1l.10507|1l1|1l2|1m,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt22sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
up
insight.adsrvr.org/track/ Frame 59F2
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.200.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TDID=7d0e09a8-ddb9-4082-bb19-f18cf5567d40; TDCPM=CAESEgoDYWFtEgsI1J2J2879jTkQBRgFIAEoAjILCJL1iYrl_Y05EAU4AQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

date
Wed, 09 Dec 2020 02:45:03 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
adsct
analytics.twitter.com/i/ Frame 772A
31 B
389 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
109
pragma
no-cache
last-modified
Wed, 09 Dec 2020 02:45:02 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f88741cde00f16bc684bfce2d495fa22
x-transaction
003d7acb00376e1e
expires
Tue, 31 Mar 1981 05:00:00 GMT
up
insight.adsrvr.org/track/ Frame 95C4
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.200.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TDID=7d0e09a8-ddb9-4082-bb19-f18cf5567d40; TDCPM=CAESEgoDYWFtEgsI1J2J2879jTkQBRgFIAEoAjILCJL1iYrl_Y05EAU4AQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

date
Wed, 09 Dec 2020 02:45:03 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=271866eb-cea8-a030-cdce-daca5826e3aa&tv={c:wmuW41,pingTime:-10,time:591,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607481903056||e719a824c55783780e976f0c820f43be||71ff54ebddb1e090fbf173d96e2342c8||8a0af36017b514191f7f374129ca02b9||70558548bb495a07e7e29499a472e5d3||42bbd6a24bef3128aeb76c936f193dcc||ceed362387dbe4e4fec1529dca4d4ce0||79a5537e1ae1155a11f68e0c4f307b62||1576000828}
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt01sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/
969 B
975 B
Stylesheet
General
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/style.css
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Encoding
gzip
X-i
true
Date
Wed, 09 Dec 2020 02:45:03 GMT
Connection
keep-alive
Content-Length
406
X-Served-By
cache-dca17738-DCA
Last-Modified
Wed, 09 Dec 2020 00:31:23 GMT
X-Timer
S1607473942.822857,VS0,VE1
ETag
"617866c501ae2baecee3c33975ca8125d4935302e86a88dedf91278f1aec543e"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Expires
Wed, 09 Dec 2020 03:07:27 GMT
Cache-Control
max-age=1344
Accept-Ranges
bytes
X-Cache-Hits
1
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/
3 KB
2 KB
Script
General
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/main.js
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Encoding
gzip
X-i
true
Date
Wed, 09 Dec 2020 02:45:03 GMT
Connection
keep-alive
Content-Length
1276
X-Served-By
cache-dca17761-DCA
Last-Modified
Wed, 09 Dec 2020 00:31:23 GMT
X-Timer
S1607473953.173767,VS0,VE1
ETag
"799b8c406ecbbc260dc9ac71c011202326bd9a557b155ba1707af12579eded3c"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Expires
Wed, 09 Dec 2020 03:02:24 GMT
Cache-Control
max-age=1041
Accept-Ranges
bytes
X-Cache-Hits
1
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=9d81aefc-ece5-7fd7-55d2-382bfb428987&tv={c:wmuW4T,pingTime:-10,time:616,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607481903056||e719a824c55783780e976f0c820f43be||71ff54ebddb1e090fbf173d96e2342c8||8a0af36017b514191f7f374129ca02b9||70558548bb495a07e7e29499a472e5d3||42bbd6a24bef3128aeb76c936f193dcc||ceed362387dbe4e4fec1529dca4d4ce0||79a5537e1ae1155a11f68e0c4f307b62||1576000828,sca:{spg:271866eb-cea8-a030-cdce-daca5826e3aa}}
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt62sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
validate
assets.vidora.com/v1/
0
313 B
Other
General
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b600:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 09 Dec 2020 02:45:03 GMT
via
1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
_PEJNyhh-nAj4iiaWwaUL8lA9MyeFLmyGVUIY6fgabfE3T6T-Yj7rQ==
expires
Wed, 09 Dec 2020 02:45:02 GMT
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14e57f862c816986562e351b96c920b93137396bd5d4ce0773cb6b1c38298030
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Dec 2020 02:45:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6382
x-xss-protection
0
d293f2be231cb3d52ccd524a69f17d28
content.api.news/v3/images/bin/
10 KB
11 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/d293f2be231cb3d52ccd524a69f17d28?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ba46b08770588d361ae4378b13dc52d2d7e88e23708ef0050c98debe93bcf94e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
d293f2be231cb3d52ccd524a69f17d28
date
Wed, 09 Dec 2020 02:45:03 GMT
last-modified
Tue, 08 Dec 2020 21:55:15 GMT
server
Akamai Image Manager
etag
5599971de085c784812ec45a7288f9c7-d293f2be231cb3d52ccd524a69f17d28-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5166630
access-control-allow-headers
x-newsapi-api-key
content-length
10618
expires
Sat, 06 Feb 2021 21:55:33 GMT
37b43d0356ac09dcaddd142e30ac480f
content.api.news/v3/images/bin/
15 KB
15 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/37b43d0356ac09dcaddd142e30ac480f?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5a009109c724b5261b6506dbef1a6c5b30289089c31e903026cfaa09c3d4c03d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
37b43d0356ac09dcaddd142e30ac480f
date
Wed, 09 Dec 2020 02:45:03 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
1de1fd40a5379327bedf02588eb36114-37b43d0356ac09dcaddd142e30ac480f-320
x-serial
91
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5169248
last-modified
Tue, 08 Dec 2020 22:40:23 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
15114
expires
Sat, 06 Feb 2021 22:39:11 GMT
6720fe0fd549841e23d23f0c099d7369
content.api.news/v3/images/bin/
11 KB
12 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/6720fe0fd549841e23d23f0c099d7369?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0b862c637f98718c24ac5c974c6e19e74e910bd699177163f8ecdccab155670a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
6720fe0fd549841e23d23f0c099d7369
date
Wed, 09 Dec 2020 02:45:03 GMT
last-modified
Tue, 08 Dec 2020 13:05:00 GMT
server
Akamai Image Manager
etag
3d23a430b62e84e795058de9bff55a40-6720fe0fd549841e23d23f0c099d7369-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5134820
access-control-allow-headers
x-newsapi-api-key
content-length
11618
expires
Sat, 06 Feb 2021 13:05:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 02:45:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Wed, 09 Dec 2020 02:45:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 3622
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Tue, 08 Dec 2020 23:34:08 GMT
expires
Wed, 08 Dec 2021 23:34:08 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11455
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c871ec036fe01e1900bc54f98d0a53ef
content.api.news/v3/images/bin/
6 KB
7 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/c871ec036fe01e1900bc54f98d0a53ef?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a0177b4b4071d6d394503fd26a79b8a9eefc634387a1754f84b06511ee6391de

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag
c871ec036fe01e1900bc54f98d0a53ef
date
Wed, 09 Dec 2020 02:45:03 GMT
last-modified
Wed, 09 Dec 2020 00:28:55 GMT
server
Akamai Image Manager
etag
7c040e7a0d08c78a39c4b660aadb7f9f-c871ec036fe01e1900bc54f98d0a53ef-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5175725
access-control-allow-headers
x-newsapi-api-key
content-length
6463
expires
Sun, 07 Feb 2021 00:27:08 GMT
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=271866eb-cea8-a030-cdce-daca5826e3aa&tv={c:wmuWfL,time:1319,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1319,n:0,pp:0,pm:0},slEvents:[{sl:o,t:98,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1236~0],as:[1236~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:419,fm:siDAf98+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h*.10507|1h1|1i.10507|1i1|1j.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt62sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
gen_204
pagead2.googlesyndication.com/pagead/
0
33 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120301&jk=3522182618150384&bg=!v7ylvJzNAAUbEDgJG1g6fNV2csLtvAIAAACIUgAAABVoAQcKAW88J0xdnCZwMz04BFGXtEqlEj1o4TKTAPc80snzPYo6FBML-w55-tw7v59dBt_GjJtcwYgftWfpFjGPdqdbeVf0ha97BGvlLsAFcGhlLjv3TjVU3OcPTM9jEkFOz50WTLqdeEcmrrJUQg2zQp0T7--7TNZakw6ziotr_s_tuCMCMoodr3qzX62r5fFKU-cnaUv5t4h_Gjo9RKJsRSQlupHo9BfPHGmpwZaIpkL1W4VyrWyxaW_bQwzOjoX0aHZXKe1ArLkwP3kt37oADrsJ58mp5ejsRteYSug-lID18EE3zfEcxVZ_OprPtDTsqJpOnWT7ciUjKUdzDRd6y5D0jakX2R-G_sUSyTK-tbkhYg6NYL3FVtgmKNTexKJahhLg1ynPsKKi49lKxp65SJ3p3dx8LMFRxvQaDcVKWK6yHZvRaiPHy6DKYyDyx4vA77BFtmfKDZGhyL6pnRJVGKq5eKPDbR5Kg35u1BwSQfnxpbhAmQG9qLIoA2cycWiD7CYid2lWj83AHojuPHs-vQrXXTWEI8OwU5IOrl4h_2iKpyFJEKYJkGQ3x70U1Ud-h8Rc2yUCwpE84-ai8tfcCdEe4Q2iuNC7nPclcA6NMZYECAxdSgWV_TyCMpTEzq7zkgtI_K3Jy4Ypp4rQM4n0t_iy2ghk63T6hLQV7B8GzgClfQRvKSiuvJlpYhUNBm7QrvPuO9XKrcq8JB4iAO7mKFgyam21qyNNVETcJqoZmafDf_ubAYEwPz03q4Y2dDMfhVRnKnNCxAXGf7r3xI_qgH_PA6anCs70I8pQD3buv8ccLnXa32bPyXRDcRy4m2rmG3mRD470VTlwn0mSMNX_KAfRHN8TlWHti_EQBwWSK918de7CZdrwQUlq2UI_tsbUf3mPv4H0_TLReV0G7JpW2f2WbviVSy-B2HJdQ5zZZ5RDOsUwHVfi-95A0jKvnlp6EHmW_KkVmzFBMsJMbwSzx54ZNdvRUsj92OyN_l1DL8vlrhbxmH5UOiANfN14BJ9bobq2thnJvwLcjtVl9jjzz0mqiujGZKFc_11Q9MxZD6W0Kzfm6nu3Wl6T5kqVYz1KXh1Vww
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d8e54ce2-30f8-2172-69da-214fa08fe80e&tv={c:wmuWgl,pingTime:-10,time:1348,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607481903056||e719a824c55783780e976f0c820f43be||71ff54ebddb1e090fbf173d96e2342c8||8a0af36017b514191f7f374129ca02b9||70558548bb495a07e7e29499a472e5d3||42bbd6a24bef3128aeb76c936f193dcc||ceed362387dbe4e4fec1529dca4d4ce0||79a5537e1ae1155a11f68e0c4f307b62||1576000828,sca:{spg:271866eb-cea8-a030-cdce-daca5826e3aa}}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt01sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ba968cd2-d37d-9b54-d467-09c41dd9759c&tv={c:wmuWgI,time:1339,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1339,n:0,pp:0,pm:0},slEvents:[{sl:o,t:157,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1192~0],as:[1192~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:649,fm:siDAf9f+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i*.10507|1i1|1j.10507|1j1|1j2|1k.10507|1k1|1k2|1l.10507|1l1|1l2|1m,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:03 GMT
X-Server-Name
dt22sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4f443996-7a99-a93e-3e9e-a820982e003d&tv={c:wmuWi4,pingTime:-10,time:1428,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607481903056||e719a824c55783780e976f0c820f43be||71ff54ebddb1e090fbf173d96e2342c8||8a0af36017b514191f7f374129ca02b9||70558548bb495a07e7e29499a472e5d3||42bbd6a24bef3128aeb76c936f193dcc||ceed362387dbe4e4fec1529dca4d4ce0||79a5537e1ae1155a11f68e0c4f307b62||1576000828,sca:{spg:271866eb-cea8-a030-cdce-daca5826e3aa}}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:04 GMT
X-Server-Name
dt36sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ba968cd2-d37d-9b54-d467-09c41dd9759c&tv={c:wmuWif,pingTime:-10,time:1434,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607481903056||e719a824c55783780e976f0c820f43be||71ff54ebddb1e090fbf173d96e2342c8||8a0af36017b514191f7f374129ca02b9||70558548bb495a07e7e29499a472e5d3||42bbd6a24bef3128aeb76c936f193dcc||ceed362387dbe4e4fec1529dca4d4ce0||79a5537e1ae1155a11f68e0c4f307b62||1576000828,sca:{spg:271866eb-cea8-a030-cdce-daca5826e3aa}}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:04 GMT
X-Server-Name
dt47sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
gn
secure-dcr.imrworldwide.com/cgi-bin/
44 B
336 B
Image
General
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=r5lb0i8rhwe8uouec3wykh9eozsgt1607481902&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,idefqegi1mef8fglqr9862wtgeswu1607481902&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16074819021451988&c30=bldv,6.0.0.563&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1607481901967&c3=st,c&c64=starttm,1607481904&adid=1607481901967&c58=isLive,false&c59=sesid,&c61=createtm,1607481905&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&c62=sendTime,1607481905&rnd=464891
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.195.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-195-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Dec 2020 02:45:05 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=271866eb-cea8-a030-cdce-daca5826e3aa&tv={c:wmuXim,time:5324,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5324,n:0,pp:0,pm:0},slEvents:[{sl:o,t:98,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5241~0],as:[5241~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:184,fm:siDAf98+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h*.10507|1h1|1i.10507|1i1|1j.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:07 GMT
X-Server-Name
dt47sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/
43 B
308 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ba968cd2-d37d-9b54-d467-09c41dd9759c&tv={c:wmuXjg,time:5341,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5341,n:0,pp:0,pm:0},slEvents:[{sl:o,t:157,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5194~0],as:[5194~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:184,fm:siDAf9f+11|12|13|14|15|16|17|18|19|1a1|1b1|1c|1d|1e|1f|1g|1h1|1h2|1i*.10507|1i1|1j.10507|1j1|1j2|1k.10507|1k1|1k2|1l.10507|1l1|1l2|1m,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
sjedt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 02:45:07 GMT
X-Server-Name
dt36sje.sje.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
heraldsun.digitaleditions.com.au
URL
http://heraldsun.digitaleditions.com.au/

Verdicts & Comments Add Verdict or Comment

286 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| _taboola object| utag_data object| bruce_rtget number| LUX_t_start number| LUX_t_end object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| loadjs function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| udm_ object| ns_p object| COMSCORE boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| lazySizes object| ads_api function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| placementData string| nam function| Rampart function| webpackHotUpdateRampart object| __core-js_shared__ function| parcelRequire object| auth object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag undefined| isAsync undefined| httpGetAsync undefined| parseResponse object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| Nielsen_Event object| trac function| _tealium_old_error boolean| __tealium_twc_switch object| newskey object| nb function| Krux object| sectionData number| _sf_endpt number| gptPluginLoaded object| vidora function| vidoraTrackExtraElements object| m object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| _hjSettings function| hj object| nn function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc object| ads_core object| ads_extra object| googletag string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| __iasPET object| kw_ignore object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts function| pbjsChunk object| pbjs object| _pbjsGlobals function| AppNexusPrebidAnalytics object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| ggeac object| google_js_reporting_queue function| omrhp function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick object| V60 object| NOLBUNDLE string| localstorageframe object| NOLCMB object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData object| diagPixSentCodes object| __iasAdRefreshConfig string| ptclString function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ads_ready number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error string| google_ad_output string| google_flash_version boolean| google_webgl_support string| google_ad_section string| google_country undefined| oneTagObj object| bsResponseObj string| s_tnt string| f0 object| s_i_newscorpau-hsweb_newscorpau-global object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| _typeof object| ns object| paramsPassed object| stateObject string| BUILDVERSION object| stateEvents object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __IntegralASExec object| indieApps object| tbopt object| GoogleGcLKhOms object| google_image_requests

42 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: RUL
Value: EK70wP4FGK7bxY0GIi8BNmGQ4x7i5fuK_xSLSuvT6uDS0xlwRIIDayFzrij_Z_YVY5Vu9Q7XE00rE6tSWg|cs=AP6Md-V_MEOxWgMsSDLhWWOqzLGn
.adsrvr.org/ Name: TDID
Value: 7d0e09a8-ddb9-4082-bb19-f18cf5567d40
.demdex.net/ Name: demdex
Value: 39860089644780913332610032048156549655
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsI1J2J2879jTkQBRgFIAEoAjILCJL1iYrl_Y05EAU4AQ..
.heraldsun.com.au/ Name: tp
Value: 9904
www.heraldsun.com.au/ Name: AWSALBCORS
Value: D/z5ikPPexWzKr6KZbd+38nEqSyb4ThyO/DgCZQhssLMAgd9nv4H7e16NT9eGb5iw5IEw1SZuHFjupb5YwydJQYdHIgRDC+yUdklOP+ZFK/DKCl0y0UNAj95pok7
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C12%2C12%2C1200
www.heraldsun.com.au/ Name: vidoraUserId
Value: rued7dafsiin3nnp7e70jhu75buv3l
.demdex.net/ Name: dextp
Value: 358-1-1607481901962|470-1-1607481902063|481-1-1607481902165|771-1-1607481902266|903-1-1607481902367|19566-1-1607481902468|23728-1-1607481902569|30432-1-1607481902669|30064-1-1607481902770|66757-1-1607481902871|134096-1-1607481902973|144230-1-1607481903074|144231-1-1607481903175|144232-1-1607481903276|144233-1-1607481903377|144234-1-1607481903478
.heraldsun.com.au/ Name: anonymous_token
Value: {%22entitlements%22:anon}
.heraldsun.com.au/ Name: s_cc
Value: true
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: s_nr
Value: 1607481901940-New
www.heraldsun.com.au/ Name: _hjIncludedInSessionSample
Value: 1
.heraldsun.com.au/ Name: _hjFirstSeen
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk7vo5hWaULf-ZJX22RWZzbzSZBFH18Wfk8VPZ8hbJjde0VwTlZVHBHRw45
.imrworldwide.com/ Name: IMRID
Value: 88e40760-39c8-11eb-adbd-c3e52d0e3b23
www.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: _hjAbsoluteSessionInProgress
Value: 0
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C39884072906893602232607653547178914573
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.imrworldwide.com/ Name: SSCVER
Value: v1
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 990fced9-bf82-463b-bebe-2a04ca48c306.1607481902.1.1607481902.1607481902.01f5fab1-5a55-4d6a-ad0d-cb34b751bc49
www.heraldsun.com.au/ Name: _hjIncludedInPageviewSample
Value: 1
www.heraldsun.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D3ef03755-6368-4720-a7cb-0951626b936b-tuct6c9bfac
.heraldsun.com.au/ Name: nc_eu
Value: y
www.heraldsun.com.au/ Name: _chartbeat2
Value: .1607481901383.1607481901383.1.BvvgXCR7JKcCRjpF1D8rDP7Dboaep.1
www.heraldsun.com.au/ Name: _cb
Value: 62D0DCGk1OdCWpHa3
www.heraldsun.com.au/ Name: AWSALB
Value: D/z5ikPPexWzKr6KZbd+38nEqSyb4ThyO/DgCZQhssLMAgd9nv4H7e16NT9eGb5iw5IEw1SZuHFjupb5YwydJQYdHIgRDC+yUdklOP+ZFK/DKCl0y0UNAj95pok7
.heraldsun.com.au/ Name: _hjTLDTest
Value: 1
www.heraldsun.com.au/ Name: _tb_t_ppg
Value: https%3A//www.heraldsun.com.au/
.heraldsun.com.au/ Name: _hjid
Value: b72fe8b7-082a-4a57-8813-ba87ff556526
www.heraldsun.com.au/ Name: _tb_sess_r
Value:
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C18606%7CMCMID%7C39884072906893602232607653547178914573%7CMCAAMLH-1608086701%7C6%7CMCAAMB-1608086701%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-1728734906%7CMCOPTOUT-1607489101s%7CNONE%7CMCSYNCSOP%7C411-18613%7CMCAID%7CNONE%7CvVersion%7C5.1.1
.heraldsun.com.au/ Name: s_gdslv_s
Value: First%20Visit
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
www.heraldsun.com.au/ Name: lux_uid
Value: 160748190074039647
www.heraldsun.com.au/ Name: _cb_ls
Value: 1
.heraldsun.com.au/ Name: s_gdslv
Value: 1607481901940
.heraldsun.com.au/ Name: utag_main
Value: v_id:017645634116004adf498a006c0800078001d07000b08$_sn:1$_se:1$_ss:1$_st:1607483701335$ses_id:1607481901335%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nk
Value: bc65a0576d8df0c7dc57b9f9daa67b9f
.heraldsun.com.au/ Name: n_regis
Value: 123456789

5 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbnails-midrail-native
console-api log URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18)
Message:
UTRACK loaded (from tealium)
console-api log URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3)
Message:
vidora-client 1.3.3 68d5ea1ec45c96bafd89f1a57b8aa2345fbf87f3
console-api log URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1)
Message:
%c Vidora API finished initializing! background: #222; color: #b9da52
console-api debug URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32)
Message:
a: 0.003173828125 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

80c3cdb7f72544d3cffdfa4925c14fa9.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.dk
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
cm.everesttech.net
content.api.news
dpm.demdex.net
dt.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heraldsun.digitaleditions.com.au
ib.adnxs.com
in.hotjar.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
s1.rui.au.reastatic.net
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
script.hotjar.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.hotjar.com
t.co
tags.news.com.au
tags.tiqcdn.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
uconnect.tealiumiq.com
use.fontawesome.com
vars.hotjar.com
widget.perfectmarket.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.heraldsun.news.com.au
www.linkedin.com
www.news.com.au
heraldsun.digitaleditions.com.au
104.108.60.35
104.108.64.33
104.109.77.38
104.244.38.20
104.244.42.131
104.244.42.69
104.75.88.206
104.79.88.36
13.224.194.11
13.225.80.120
141.226.228.48
143.204.90.53
143.204.97.161
15.237.76.117
151.101.1.195
151.101.113.108
151.101.113.181
151.101.113.44
151.101.114.217
172.217.16.134
172.217.21.194
172.217.22.70
172.217.22.98
18.158.135.197
184.31.90.174
185.33.221.53
199.232.52.157
2.21.242.220
216.58.207.34
23.111.9.35
23.210.248.204
23.210.249.82
2600:9000:206f:b600:4:77d:a0c0:93a1
2600:9000:20eb:6a00:18:1fcd:34e:d2a1
2600:9000:2104:b200:8:48e:53c0:93a1
2600:9000:2104:ce00:2:42d9:3100:93a1
2600:9000:2104:d600:2:42d9:3100:93a1
2600:9000:2156:6a00:1e:a43d:b640:93a1
2600:9000:2156:7400:1e:c291:240:93a1
2620:1ec:21::14
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:815::2001
2a00:1450:4001:817::2002
2a00:1450:4001:818::2008
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2004
2a00:1450:4010:c06::9c
2a02:26f0:eb:3b4::25ea
2a04:fa87:fffd::c000:42d0
2a05:f500:11:101::b93f:9005
34.225.213.12
34.248.49.247
35.227.202.26
52.17.234.162
52.208.132.207
52.49.200.205
52.95.128.159
52.95.128.162
54.171.42.33
54.229.195.34
54.77.231.46
65.9.73.19
65.9.73.2
80.252.91.52
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03dfb52e472604e8d151a9e9006cce125ab9a53db1eefee272176af58725d323
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3
07bfaacd7e190a53caf41c6ad3961a9872f525fae01609605a59985731a9413b
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
0968471ad43671d3addd5b524a988e251edec63b4ee742071fae2750c057c082
0b365316ac5070821d725091506517c40b5fd0ec1f6c14ea3dc4da9bfe3c0869
0b862c637f98718c24ac5c974c6e19e74e910bd699177163f8ecdccab155670a
0f825080cc576dc4a60008db41aa7d0232dd907c4c7bcae8b67350bf8b94d131
1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c
11fcbb8aadc3ff4a29a62ac7523f3f63fa0804be2be0c3c55d11e7c98998730b
120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7
12b6163a5818be4a480779a405c48bb84a5f79c98dfadf573d5f230e866f504e
14e57f862c816986562e351b96c920b93137396bd5d4ce0773cb6b1c38298030
16940d2c1b3f16385e4168b6aa839738762a99aa8289394d1782608f25e27e27
187f0e2d2331f649e0afc51f0567cf23ef47d57283aa928313452eb1a559efb4
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e
27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2ba257240ffc08c6b68d4bca0a95796e0244b065df669aaa532f81064f4673b4
2fa62fdf8e026049d48ee5b0227b6cde543ff47ae4d3a7ee43b360f9d154305f
31bed423ce065ff8346c3bcd3e1e8586b935ffbe51bb7e8e3be3dabbe1c645b2
3492bc139bf82bffa8725924455949cb36628db1491158107197f4f4829eeebb
34d8ddeeec9183aa5bbdd586faee5ffdbdef6c242fd68a0268ebaace40578ce6
386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
3da22675d8a4acf66e57544b9e5ca05c313e923aa956f2c909bce800cc83858f
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
496f507875a529b613576dd312577e9b7794101ff0a7184015a9d9fd42b87d06
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b80ab49cca418a05255ac5b92d063e739e028a005581148e2da1864e08618dc
4c1d569823d601d2615c87a02f7c1bd5572325ccab273f1199ec5aa07b4df818
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
5256cf9cad5cde786a8b5f580e953ccbd312ebb3257b199758d6ac799541ce1c
53c25ccb7181178c52c32fdf5e58a55d730bbfe8e45db600886adfb33d88411b
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
57401860e9af6c4ffccc7684a885c156af441747151ac5fda5342ab704df0898
58216d07697cb268f0b30bd5963a1515dd4ee3b5b185151bdb99d041f0fa73fc
5a009109c724b5261b6506dbef1a6c5b30289089c31e903026cfaa09c3d4c03d
5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
6474d56348e7fd4196787cc15b0c60da2d0520e541c336c71ecbcfeb8be42899
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
69f731c62e5da2fafe17128a3dc49132d36dbf0062066f2c71d0ee493d6da44d
6cdc46bd741ea434a62afefedad537b39f6ca9b52aea4f5828a2b2f27c419882
6d53de17c52365eb4ce49341da6d0844aa24c93f5191d0ce0b6892b4edb78574
6e3e3a7fb48024d92e9e8c43b7f636b0256f69c61114735d327ca43171ad5d11
713a4849fb10824c9b5c7a446b39f65edd12b9a73897f0fc8b706e9441591317
714cac8ff5400467459b98256c655279773669a2f54692d8d366c811100061b7
71d22297d22005f07794dbf3bb49372e36371c506c7b720467888ac9e38ea097
72c9f53abc637ac99fdde80196eba1ef4f0d61be616b2e4133dbbc70e3206cd7
7485944ba8666d3b30e9598aeb0b90381531951670fa085cb127049ef367e4d8
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
75dc6d97ecae48f265048ab2c15b8a9edb925fb86dda4a0518b9b59f71fdbcb6
796946758f534f8ce84f03a606a2e491cad0092aea5aee3a59c24eb1dcfb4f7c
7e4f4a23ed7a74e87caf199cb84e638f233d01a7aaa7c29b45862ed87747937f
8098cb7d558587738407817676b8d08b140ac6e1c80c3037f6510de7e7af1a96
8600099f7e30b15cb09a2746c608dec0944c9a031c8b4794010ab943f2a98522
876e1e0ee634961bee6ed09fc958445fed4966a255a4f1ec381ecebb83cca48e
8f44f60c9c455af508f75855f13e8989ea8e395f5ab9329da06a2387922fafc4
8f7aa3df4d2e429247f0c7e44a2a3006ff423e8fea24c36f2b0156f71d1ceca0
91d684c672c0a1dfd501546262b91d820d8c25bf5ff2968605c50123b5ebffe6
93b175796385750b38fd82e8e644a731aa51296a1a405fae8a12907be3e9eb39
94c849dad281228761f865b170f223a1ed34a321b92cb49addd0fc3fb9f0fb86
9b016f90e066a91355c9becea1caadd2433f73cfd8a2cb36823556ff00a242cc
a0177b4b4071d6d394503fd26a79b8a9eefc634387a1754f84b06511ee6391de
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3512335a2e1587c9914cc5711b17a5d1c9e4ae60f4721714baa9ec805b7c092
a3f768fa9f478b8419452d36321d54ace2c95e55258d98d0848dc5e37516cd54
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
abc7553db409e176fd4e0fdd716dabaf49d175d840096c36b490466c3342a90a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
b078acca5079cc43614182feddcc9f3a3d5c733eb382d596f1cfcb7eaa82f326
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835
b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda
ba46b08770588d361ae4378b13dc52d2d7e88e23708ef0050c98debe93bcf94e
befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040
bf24e327e3ce8b7aeb23a5f71c9332a0c74a5fcd46ca60cbe36e7aafa03ebf54
bf48adbfd3b42e3b64355dd9ca510e575bdbb4cf80408776c51c27b5c182d7b2
c2b6b853f4fed6850a7ed9d6f4f253dc5c46f38423517987dd13eecf02dbee58
c4ab088565b86231459d4b94bf85c93543664f8f457e128f651f756558b6d81e
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
cd0212aba1cf15644403bf20f01a4c2f592113a1a0118e262f4e063691dc5077
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dc3842d1ad8fde688d7b47fb100be5a4bcf18b97af2dd23d02dbb3713f6d520b
ddc7e3d1d80e6da62dc20bf916bb0672ae9b68ed7521655e7f14ab0bfffa199b
de178d8a9bbae956bc3430a9c9b32b09e7f19d38f635cd0ae46356821ad1ff43
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58c1d40350dfb19738c25fee478e3280f563459d97baa5cf37582a65f3552ad
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
ea924a43e215dc33b6f029e37fa7c89b14aad79909ebd00aaa3f78b96339a166
eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef024a5f6a6afe4d445fd60002ff33e71b80ca52cbaab97153e31ab62b40d379
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5fa8602198232e4f3704cf1dc886cb295af0f9906b0c9d63777b5f49852b84
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f0d362a02953b077bdb72368bdcc030d7b85f054ac82554a81b51b842fbc1b06
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f87468e1bdae50491f38052d22728ee148bbf84f03392367f0669522d9953311
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503
fb580609463ffdeaf3b84cdb743472de15f1497b1c033be1642bc7b44c777c59
fe5c6e8d5d904fde8658aa207e0b0ad25206d993e9a0f114c5faa0390c1ec14f