www.theherald.com.au Open in urlscan Pro
2.16.181.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.theherald.com.au/
Effective URL:
https://www.theherald.com.au/
Submission: On May 16 via api (May 16th 2019, 3:07:26 pm UTC) from DE

Summary HTTP 93 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 44 IPs in 7 countries across 31 domains to perform 93 HTTP transactions. The main IP is 2.16.181.216, located in Ascension Island and belongs to AKAMAI-ASN1, US. The main domain is www.theherald.com.au.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 15th 2019. Valid for: 3 months.

This is the only time www.theherald.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2.16.181.216 2.16.181.216	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba6b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:183::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a02:26f0:6c0... 2a02:26f0:6c00:19d::1ba9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	136.243.218.211 136.243.218.211	24940 (HETZNER-AS) (HETZNER-AS)
1	142.93.164.216 142.93.164.216	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba49	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.65.63.14 52.65.63.14	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	151.101.0.175 151.101.0.175	54113 (FASTLY) (FASTLY - Fastly)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	138.201.44.8 138.201.44.8	24940 (HETZNER-AS) (HETZNER-AS)
2	88.99.106.112 88.99.106.112	24940 (HETZNER-AS) (HETZNER-AS)
1	138.201.138.163 138.201.138.163	24940 (HETZNER-AS) (HETZNER-AS)
3	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	147.75.83.82 147.75.83.82	54825 (PACKET) (PACKET - Packet Host)
1	52.49.216.17 52.49.216.17	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.204.215 147.75.204.215	54825 (PACKET) (PACKET - Packet Host)
1	34.196.234.179 34.196.234.179	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	54.172.174.181 54.172.174.181	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2606:4700:e4:... 2606:4700:e4::ac40:a222	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	104.18.74.113 104.18.74.113	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2600:9000:20b... 2600:9000:20bb:7600:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.217.209.208 54.217.209.208	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.30.203.60 52.30.203.60	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	2600:9000:20b... 2600:9000:20bb:be00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	107.23.115.104 107.23.115.104	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4	95.216.24.148 95.216.24.148	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:20b... 2600:9000:20bb:9a00:14:e8dc:9940:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2600:9000:20b... 2600:9000:20bb:4400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	104.16.52.111 104.16.52.111	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	3.92.15.142 3.92.15.142	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
93	44

2 2.16.181.216 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-181-216.deploy.static.akamaitechnologies.com

www.theherald.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:6c00::210:ba6b (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

nnstatic-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:183::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:19d::1ba9 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

www.fairfaxstatic.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.218.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.218.243.136.clients.your-server.de

b823s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.164.216 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: cdn-eu-7.fra1.do.onthe.io

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba49 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

nnstatic-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.65.63.14 (Sydney, Australia)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-65-63-14.ap-southeast-2.compute.amazonaws.com

sochi.fairfaxregional.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.fairfaxregional.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.175 (United States)

ASN54113 (FASTLY - Fastly, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.44.8 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.8.44.201.138.clients.your-server.de

hm732.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.106.112 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-106-112.clients.your-server.de

by217.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.138.163 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s4.oriel.io

advertising.oriel.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id-au.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.83.82 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-29

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.216.17 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-216-17.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.34 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.204.215 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-22

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.234.179 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-196-234-179.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.172.174.181 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-172-174-181.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a222 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.74.113 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.72.113 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20bb:7600:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.209.208 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-217-209-208.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.203.60 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-203-60.eu-west-1.compute.amazonaws.com

secure-au.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20bb:be00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.115.104 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-23-115-104.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.216.24.148 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.24.216.95.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20bb:9a00:14:e8dc:9940:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20bb:4400:1e:a43d:b640:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.52.111 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

newcastleherald.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.92.15.142 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-92-15-142.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	akamaihd.net nnstatic-a.akamaihd.net	678 KB
10	imrworldwide.com 2 redirects secure-au.imrworldwide.com cdn-gl.imrworldwide.com secure-gl.imrworldwide.com secure-dcr.imrworldwide.com	66 KB
7	zdassets.com static.zdassets.com ekr.zdassets.com	502 KB
5	onthe.io cdn.onthe.io tt.onthe.io	16 KB
5	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net	82 KB
5	google-analytics.com www.google-analytics.com	46 KB
5	fairfaxstatic.com.au www.fairfaxstatic.com.au	89 KB
4	zendesk.com 1 redirects assets.zendesk.com newcastleherald.zendesk.com	2 KB
4	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	39 KB
4	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	86 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	89 KB
3	piano.io cdn-au.piano.io buy-au.piano.io id-au.piano.io	116 KB
3	fairfaxregional.com.au sochi.fairfaxregional.com.au cdn.fairfaxregional.com.au	145 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	113 KB
2	by217.com by217.com	708 B
2	gstatic.com fonts.gstatic.com	18 KB
2	google.de www.google.de adservice.google.de	280 B
2	google.com 1 redirects www.google.com adservice.google.com	362 B
2	theherald.com.au 1 redirects www.theherald.com.au	241 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	npttech.com www.npttech.com	2 KB
1	googlesyndication.com tpc.googlesyndication.com
1	googletagservices.com www.googletagservices.com	10 KB
1	adsrvr.org match.adsrvr.org	530 B
1	oriel.io advertising.oriel.io	348 B
1	hm732.com hm732.com	348 B
1	indexww.com js-sec.indexww.com	27 KB
1	b823s.com b823s.com	10 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
1	googleapis.com fonts.googleapis.com	710 B
93	31

	Domain	Requested by
17	nnstatic-a.akamaihd.net	www.theherald.com.au
6	cdn-gl.imrworldwide.com	www.theherald.com.au cdn-gl.imrworldwide.com
5	static.zdassets.com	static.zdassets.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.theherald.com.au
5	www.fairfaxstatic.com.au	www.theherald.com.au
4	tt.onthe.io	cdn.onthe.io
3	newcastleherald.zendesk.com	static.zdassets.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	secure-gl.imrworldwide.com	1 redirects
2	ekr.zdassets.com	static.zdassets.com
2	errors.client.optimizely.com	cdn.optimizely.com
2	www.i.matheranalytics.com	www.theherald.com.au
2	js.matheranalytics.com	1 redirects www.theherald.com.au
2	by217.com	www.theherald.com.au
2	cdn.krxd.net	www.theherald.com.au cdn.krxd.net
2	fonts.gstatic.com	www.theherald.com.au
2	cdn.fairfaxregional.com.au	www.theherald.com.au
2	stats.g.doubleclick.net	1 redirects www.theherald.com.au
2	www.theherald.com.au	1 redirects
1	secure-dcr.imrworldwide.com
1	ping.chartbeat.net
1	secure-au.imrworldwide.com	1 redirects
1	beacon.krxd.net	cdn.krxd.net
1	static.chartbeat.com	www.theherald.com.au
1	assets.zendesk.com	1 redirects
1	www.npttech.com	nnstatic-a.akamaihd.net
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	vars.hotjar.com	static.hotjar.com
1	id-au.piano.io	cdn-au.piano.io
1	consumer.krxd.net	cdn.krxd.net
1	buy-au.piano.io	cdn-au.piano.io
1	script.hotjar.com	static.hotjar.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.googletagservices.com	www.theherald.com.au
1	match.adsrvr.org	js-sec.indexww.com
1	static.hotjar.com	www.theherald.com.au
1	cdn-au.piano.io	nnstatic-a.akamaihd.net
1	advertising.oriel.io	b823s.com
1	hm732.com	b823s.com
1	js-sec.indexww.com	www.googletagmanager.com
1	sochi.fairfaxregional.com.au	www.theherald.com.au
1	cdn.onthe.io	www.theherald.com.au
1	b823s.com	www.theherald.com.au
1	www.google.de	www.theherald.com.au
1	www.google.com	1 redirects
1	www.googletagmanager.com	www.theherald.com.au
1	fonts.googleapis.com	www.theherald.com.au
1	cdn.optimizely.com	www.theherald.com.au
93	49

This site contains links to these domains. Also see Links.

Domain
theherald.mybigcommerce.com
tributes.theherald.com.au
celebrations.theherald.com.au
www.countrycars.com.au
advertisers.com.au
www.domain.com.au
www.agtrader.com.au
www.fairfaxmedia.com.au
www.thesenior.com.au
www.theland.com.au
www.drive.com.au
www.facebook.com
twitter.com
australiancommunitymedia.zendesk.com
www.oneflare.com.au

Subject Issuer	Validity	Valid
fairfaxregional.com.au Let's Encrypt Authority X3	`2019-04-15` - `2019-07-14`	3 months	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-10-18` - `2019-10-18`	a year	crt.sh
cdn.optimizely.com DigiCert ECC Secure Server CA	`2018-11-24` - `2020-02-23`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
fairfaxmedia.com.au DigiCert SHA2 Secure Server CA	`2019-02-25` - `2020-02-25`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
b823s.com Let's Encrypt Authority X3	`2019-02-20` - `2019-05-21`	3 months	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2019-03-04` - `2020-05-02`	a year	crt.sh
*.prod.newsnow.io Amazon	`2018-11-05` - `2019-12-05`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.c.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-03-29` - `2019-09-27`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-05-08` - `2020-03-09`	10 months	crt.sh
hm732.com Let's Encrypt Authority X3	`2019-02-20` - `2019-05-21`	3 months	crt.sh
by217.com Let's Encrypt Authority X3	`2019-02-20` - `2019-05-21`	3 months	crt.sh
*.oriel.io RapidSSL RSA CA 2018	`2018-08-24` - `2019-10-23`	a year	crt.sh
ssl714310.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-02-19` - `2019-08-28`	6 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-04-09` - `2019-07-08`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
js.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-04` - `2021-04-03`	2 years	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-04-09` - `2019-07-08`	3 months	crt.sh
www.i.matheranalytics.com COMODO RSA Domain Validation Secure Server CA	`2017-12-10` - `2020-02-08`	2 years	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-04-09` - `2019-07-08`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
sni101653.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-04` - `2019-11-10`	6 months	crt.sh
*.zdassets.com COMODO RSA Domain Validation Secure Server CA	`2017-09-14` - `2020-09-13`	3 years	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.krxd.net Go Daddy Secure Certificate Authority - G2	`2017-06-12` - `2019-07-11`	2 years	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2019-02-25` - `2020-02-25`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2018-12-20` - `2020-01-01`	a year	crt.sh
newcastleherald.zendesk.com CloudFlare Inc ECC CA-2	`2018-09-20` - `2019-09-20`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.theherald.com.au/
Frame ID: 306902DB4B7E6FBC4CAAC0609A2E7670
Requests: 96 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: EDBA0BAF46FA434B037A2B57EFB1F30F
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 4556FF6C3220C40F6ACEF91419299464
Requests: 3 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 4B95E84B284788857DE4F48C30F8D0CD
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/runtime.fa28037f158c4c49acea.js
Frame ID: 37D33FB2FBC486F53D9FFFE2815FCB56
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.theherald.com.au/ HTTP 301
https://www.theherald.com.au/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^Handlebars$/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^_sf_(?:endpt|async_config)$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i
env /^google_tag_manager$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^moment$/i

Titan (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^titan$/i
env /^titanEnabled$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

93
Requests

100 %
HTTPS

47 %
IPv6

31
Domains

49
Subdomains

44
IPs

7
Countries

2517 kB
Transfer

7822 kB
Size

7
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: http://theherald.mybigcommerce.com/
Title: Herald Shop

Search URL Search Domain Scan URL

URL: http://tributes.theherald.com.au/obituaries/theherald-au/
Title: Tributes

Search URL Search Domain Scan URL

URL: http://celebrations.theherald.com.au/celebration/theherald-au/
Title: Celebrations

Search URL Search Domain Scan URL

URL: http://www.countrycars.com.au/?utm_source=website&utm_medium=nav_secondary&utm_campaign=cars_nav
Title: Cars

Search URL Search Domain Scan URL

URL: https://advertisers.com.au/?utm_source=website&utm_medium=nav_secondary&utm_campaign=place_a_classifieds_ad_nav
Title: Place your own classified

Search URL Search Domain Scan URL

URL: https://www.domain.com.au/sale/newcastle-nsw-2300/
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://www.agtrader.com.au/search/nsw--hunter,-central-&-north-coasts--newcastle-&-region?utm_source=theherald.com.au&utm_medium=classifieds&utm_campaign=regionals
Title: Ag and Rural

Search URL Search Domain Scan URL

URL: https://www.fairfaxmedia.com.au/company/privacy/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.fairfaxmedia.com.au/company/conditions-of-use/conditions-of-use
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.thesenior.com.au/
Title: Stories From

Search URL Search Domain Scan URL

URL: https://www.thesenior.com.au/story/6126243/why-kids-are-debra-byrnes-top-priority

Search URL Search Domain Scan URL

URL: https://www.thesenior.com.au/story/6126226/lack-of-financial-knowledge-soaring

Search URL Search Domain Scan URL

URL: https://www.thesenior.com.au/story/6126175/older-participants-needed-for-new-immune-boosting-drug-trial

Search URL Search Domain Scan URL

URL: https://www.theland.com.au/
Title: Stories From

Search URL Search Domain Scan URL

URL: https://www.theland.com.au/story/6129340/bob-hawke-dies-at-age-89

Search URL Search Domain Scan URL

URL: https://www.theland.com.au/story/6126676/wellington-seasons-reversing

Search URL Search Domain Scan URL

URL: https://www.theland.com.au/story/6121864/limousin-heifer-takes-supreme-title-of-hawkesbury-show

Search URL Search Domain Scan URL

URL: https://www.domain.com.au/
Title: Property by

Search URL Search Domain Scan URL

URL: https://www.drive.com.au/
Title: Cars by

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newcastleherald/
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/newcastleherald
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: http://www.fairfaxmedia.com.au/company/privacy/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://australiancommunitymedia.zendesk.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: https://www.oneflare.com.au/
Title: OneFlare

Search URL Search Domain Scan URL

URL: https://advertisers.com.au/?pub=NCH
Title: Place an Ad

Search URL Search Domain Scan URL

URL: http://www.countrycars.com.au/
Title: Cars

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.theherald.com.au/ HTTP 301
https://www.theherald.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-61683903-1&cid=2049418693.1558019227&jid=201529761&gjid=335046443&_gid=810920770.1558019227&_u=aGDAgEAjQ~&z=520396802 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=2049418693.1558019227&jid=201529761&_v=j75&z=520396802 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=2049418693.1558019227&jid=201529761&_v=j75&z=520396802&slf_rd=1&random=3957643699

Request Chain 64

https://js.matheranalytics.com/s/ma30461/481249905/all/ml.js?cb=1503 HTTP 301
https://js.matheranalytics.com/static/ltm/ma30461/all/7/ml.br.js

Request Chain 80

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 83

https://secure-au.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 98

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019230944&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019230944&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200&ja=1

93 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.theherald.com.au/
Redirect Chain

http://www.theherald.com.au/
https://www.theherald.com.au/

965 KB
241 KB

448ms
373ms

Document
text/html

2.16.181.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theherald.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.16.181.216 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-216.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.0 /

Resource Hash

e73fc1b0f2e75430243e466ea06d9f9d0a05df77e84924e606123c806d7e9061

Security Headers

Name	Value
Content-Security-Policy	child-src * blob:

Request headers

:method: GET
:authority: www.theherald.com.au
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
cookie: AWSALB=rKApK0QfN02I37cg+dAyz1hv5moJ3k2EYbbYAUtnPEnW1NCWjFZn3nsiEW1ADob7GWjUgeffwl+wrAUxon+2V+B1t6TBm3ZAWHKkKmOAA/H5gp9Q2tlKTntN+sOm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 245441
content-security-policy: child-src * blob:
content-encoding: gzip
server: Microsoft-IIS/8.0
accept-ranges: bytes
date: Thu, 16 May 2019 15:07:06 GMT
vary: Accept-Encoding
set-cookie: AWSALB=j7pm1C0FdIXAfKjcG8GTzqKqJYapYedPhEddpsPXF2Qeouk4dH1q+idJU+6h9u15rkGqdWMDXD431jRrzKx8YFqmCDADGYNwxwH6M0gdn+CxUJfuHzd49ZzBkNq9; Expires=Thu, 23 May 2019 15:07:06 GMT; Path=/

Redirect headers

Content-Length: 0
Server: Varnish
X-Varnish: 744930572
Location: https://www.theherald.com.au/
Date: Thu, 16 May 2019 15:07:05 GMT
Connection: keep-alive
Set-Cookie: AWSALB=rKApK0QfN02I37cg+dAyz1hv5moJ3k2EYbbYAUtnPEnW1NCWjFZn3nsiEW1ADob7GWjUgeffwl+wrAUxon+2V+B1t6TBm3ZAWHKkKmOAA/H5gp9Q2tlKTntN+sOm; Expires=Thu, 23 May 2019 15:07:05 GMT; Path=/

GET
H/1.1 200
OK base.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/ 162 KB
32 KB 61ms
9ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/base.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 82f4eba71f16faf1d7c280a2b8c9138c2e465902deceb9e8a1590df6acce0a40

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-287c7"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 32906
Expires: Sat, 15 Jun 2019 15:07:06 GMT

GET
H/1.1 200
OK desktop.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/ 62 KB
12 KB 60ms
9ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/desktop.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 8a9fc6b7cc97c329b87a2c7ca7ec0b30ef584276333ff82b52dcb6c2b5a40bfd

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-f9ea"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 12327
Expires: Sat, 15 Jun 2019 15:07:06 GMT

GET
H/1.1 200
OK masthead-tablet.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/ 215 KB
46 KB 60ms
9ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/masthead-tablet.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 52edbe109ac49d0b2065a86d9b66f47bfa49d6ae157eb077a330b6e6468b2b29

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-35a0c"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 46608
Expires: Sat, 15 Jun 2019 15:07:06 GMT

GET
H/1.1 200
OK icons.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/masthead/ 248 KB
54 KB 61ms
10ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/masthead/icons.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 30121367e1b2323392e95380e8df04d38c4c00126946e99b9d2597abdcfd2ac1

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-3deff"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 55049
Expires: Sat, 15 Jun 2019 15:07:06 GMT

GET
H/1.1 200
OK masthead-skin-canberratimes.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/ 2 KB
854 B 63ms
11ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/masthead-skin-canberratimes.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 80f16f6cc6ad09222b82ead9d638ce890ccebcf88a91984d9527b0537b48d524

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-708"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 532
Expires: Sat, 15 Jun 2019 15:07:06 GMT

GET
H/1.1 200
OK legolite.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/ 44 KB
11 KB 63ms
12ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/legolite.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: ebcc5baa538ee8a13582cdc2decb26237567d4dae58350f8edb6da148c200bfb

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-affc"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 10658
Expires: Sat, 15 Jun 2019 15:07:06 GMT

GET
H2 200 6938472286.js Show response
cdn.optimizely.com/js/ 353 KB
113 KB 74ms
30ms Script
text/javascript 2a02:26f0:6c00:183::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/6938472286.js

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:183::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4bacda126d4318418c593800f3ed310cdc4e9d0f0b4e5e7485f268d3e8ceb12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: bfP10mg3XSXAHvyWzgcW1yhbZSls9cf5
content-encoding: gzip
x-amz-request-id: C417AD090BA08D92
status: 200
access-control-max-age: 86400
date: Thu, 16 May 2019 15:07:06 GMT
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:183::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
content-length: 114544
x-amz-id-2: fWc2Gx4dLGBnAiuVsLlw9grZQeO+45bwsyzWtHHp0zYZJkfxouIMmvCixGUDX7VWFVRGj+Rlp8g=
last-modified: Tue, 15 Jan 2019 02:37:10 GMT
server: AmazonS3
etag: "b67c5880d20cd3b34aa3c45a6dbb05dd"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 47
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK mobile.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/ 76 KB
14 KB 9ms
8ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/mobile.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 5024d862c9d18b5393a95464d736ee00d88bba8ce166774db11b131682425e95

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-131e8"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 14445
Expires: Sat, 15 Jun 2019 15:07:06 GMT

GET
H/1.1 200
OK tablet.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/ 71 KB
14 KB 9ms
8ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/tablet.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: af3493b3a347f14e1b8da7c7e2808274606ae5ff13d559c2525cdd477e3e5a21

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-11bc6"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 13716
Expires: Sat, 15 Jun 2019 15:07:06 GMT

GET
H/1.1 200
OK tablet-landscape.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/ 65 KB
13 KB 10ms
9ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/tablet-landscape.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: ec2c5c23282a69a44cf751f989077cb6f74a2606c555fd24a2b551fb59bfb1d0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-10299"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 12745
Expires: Sat, 15 Jun 2019 15:07:06 GMT

GET
H/1.1 200
OK masthead-mobile.css
nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/ 186 KB
40 KB 9ms
8ms Stylesheet
text/css 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/css/vendor/masthead-mobile.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: b85d2c05bbb35dde5f7ceff8bd5e46d9e4381559565a795748b6a31a59a049a8

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-2e71e"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 41102
Expires: Sat, 15 Jun 2019 15:07:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
710 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

728175c2094ac11d1371369cddc1ab6985c1c588530a30c767f43e07c6de5a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 16 May 2019 15:07:06 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 16 May 2019 15:07:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Thu, 16 May 2019 15:07:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 142 KB
37 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:81e::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?cachebust=20190219&gtm_cookies_win=x&id=GTM-KPMZ4JM

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

675e48226e9457c0625d152828a05d6d1df2d2f82c1f37796dd9c8e322f444e0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:06 GMT
content-encoding: br
last-modified: Wed, 15 May 2019 19:53:59 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 38034
x-xss-protection: 0
expires: Thu, 16 May 2019 15:07:06 GMT

GET
DATA 200
OK truncated
/ 548 B
548 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6355605e3df681ae62b6e9186d7f2992b348366c48291401183e12e8a0ac1449

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.theherald.com.au

Response headers

Content-Type: application/font-woff2

GET
H2 200 merriweather-regular-woff2.css Show response
www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/ 18 KB
14 KB 76ms
13ms XHR
text/css 2a02:26f0:6c00:19d::1ba9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/merriweather-regular-woff2.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19d::1ba9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Fairfax CMS (Static) /
Resource Hash: 2a8350ad156df9702f344dfde49982ad163553e5393b086fc658df19b8de74b0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

date: Thu, 16 May 2019 15:07:06 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 13847
x-esi-enable: 0
last-modified: Tue, 23 May 2017 23:23:27 GMT
server: Fairfax CMS (Static)
etag: "43b7aa3e360d0f6280fbb5092cdabd32"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
x-varnish: 343603311
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
content-type: text/css; charset=utf-8; valid=no;
access-control-allow-headers: *
expires: Fri, 15 May 2020 15:07:06 GMT

GET
H2 200 merriweather-bold-woff2.css Show response
www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/ 19 KB
15 KB 80ms
18ms XHR
text/css 2a02:26f0:6c00:19d::1ba9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/merriweather-bold-woff2.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19d::1ba9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Fairfax CMS (Static) /
Resource Hash: 7abe57e3ac6419dd07499ca2a01c7e6c44fd646acedb7d0c4b4a89dd6adcff9e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

date: Thu, 16 May 2019 15:07:06 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 15049
x-esi-enable: 0
last-modified: Tue, 23 May 2017 23:23:27 GMT
server: Fairfax CMS (Static)
etag: "758c29261871ee489ed91907f1c0da2a"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
x-varnish: 475565963 475195018
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
content-type: text/css; charset=utf-8; valid=no;
access-control-allow-headers: *
expires: Fri, 15 May 2020 15:07:06 GMT

GET
H2 200 sourcesanspro-regular-woff2.css Show response
www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/ 32 KB
24 KB 91ms
29ms XHR
text/css 2a02:26f0:6c00:19d::1ba9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/sourcesanspro-regular-woff2.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19d::1ba9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Fairfax CMS (Static) /
Resource Hash: 8ee068e2b4b02c330d4b9b7943547cee6f4326342b9d6432945812bcaf0238a3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

date: Thu, 16 May 2019 15:07:06 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 24588
x-esi-enable: 0
last-modified: Tue, 23 May 2017 23:23:27 GMT
server: Fairfax CMS (Static)
etag: "6ad48c480eaadad0d44d22968f9de8eb"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
x-varnish: 400035925
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
content-type: text/css; charset=utf-8; valid=no;
access-control-allow-headers: *
expires: Fri, 15 May 2020 15:07:06 GMT

GET
H2 200 sourcesanspro-bold-woff2.css Show response
www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/ 31 KB
24 KB 86ms
24ms XHR
text/css 2a02:26f0:6c00:19d::1ba9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/sourcesanspro-bold-woff2.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19d::1ba9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Fairfax CMS (Static) /
Resource Hash: 47de29dd54d340be725f57f4f4b08ed58ab612ac7376199b7fd441376dee9654

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

date: Thu, 16 May 2019 15:07:06 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 24043
x-esi-enable: 0
last-modified: Tue, 23 May 2017 23:23:28 GMT
server: Fairfax CMS (Static)
etag: "05d1de5b6c59d2f85068eec05192c8e6"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
x-varnish: 472048057
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
content-type: text/css; charset=utf-8; valid=no;
access-control-allow-headers: *
expires: Fri, 15 May 2020 15:07:06 GMT

GET
H2 200 montserrat-bold-woff2.css Show response
www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/ 14 KB
11 KB 95ms
33ms XHR
text/css 2a02:26f0:6c00:19d::1ba9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fairfaxstatic.com.au/resources/css/mastheads/1.10.28/fonts/montserrat-bold-woff2.css
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19d::1ba9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Fairfax CMS (Static) /
Resource Hash: eac2bc2c09f3efa6f2f8a2689f7afd875ee2b6ab03bf7841c48c793bb6f8b36a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

date: Thu, 16 May 2019 15:07:06 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 11231
x-esi-enable: 0
last-modified: Tue, 23 May 2017 23:23:27 GMT
server: Fairfax CMS (Static)
etag: "2c109003eb3004e469484d24591bceda"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
x-varnish: 672500220
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
content-type: text/css; charset=utf-8; valid=no;
access-control-allow-headers: *
expires: Fri, 15 May 2020 15:07:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?cachebust=20190219&gtm_cookies_win=x&id=GTM-KPMZ4JM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 May 2019 01:33:03 GMT
server: Golfe2
age: 4810
date: Thu, 16 May 2019 13:46:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17779
expires: Thu, 16 May 2019 15:46:56 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
928 B 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 14:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 3030
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 856
x-xss-protection: 0
expires: Thu, 16 May 2019 15:16:36 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 101 KB
27 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5QH7B8D&t=gtm2&cid=2049418693.1558019227

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

a045644e3e18855f6abeeabf898f93d292eea4d4db9afb2aca954fe1cf083556

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:06 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27494
x-xss-protection: 0
expires: Thu, 16 May 2019 15:07:06 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
110 B 6ms
6ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j75&a=1226733830&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theherald.com.au%2F&ul=en-us&de=UTF-8&dt=Newcastle%20News%2C%20sport%20and%20weather%20%7C%20Newcastle%20Herald&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjQ~&jid=1796766524&gjid=485420414&cid=2049418693.1558019227&tid=UA-16730067-3&_gid=810920770.1558019227&gtm=2wg5a1KPMZ4JM&cd1=Newcastle%20Herald&cd2=lego1&cd3=home&cd4=&cd5=home&cd6=&cd7=&cd8=&z=1846675641

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2019 22:34:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5934737
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 15ms
14ms Image
image/gif 2a00:1450:400c:c08::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-16730067-3&cid=2049418693.1558019227&jid=1796766524&gjid=485420414&_gid=810920770.1558019227&_u=aGBAgEAjQ~&z=1138600552

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Thu, 16 May 2019 15:07:06 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67744fe3abc70b4eeac16c6e9fc06d056b8bb7e5f142804ff96a5befc55cdbf7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.theherald.com.au

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cb3863e9ae8ddcb2ced99f68916d78c908f634316993f6a4b82707fa9c0e1d6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.theherald.com.au

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be4aaab18446e78340c823c0c461eac098f748b6fbcd27e30100af266870eeb1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.theherald.com.au

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 24 KB
24 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a1ea144f62bf6e0c1eb4f022b0ed2ee33e46fd6d7a805f44c49650ca53daf4c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.theherald.com.au

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8150191e6c92a50a143fb7158e59737fd8261fb28d3894ff65233fd4fa20013f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.theherald.com.au

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
5ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j75&a=1226733830&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theherald.com.au%2F&ul=en-us&de=UTF-8&dt=Newcastle%20News%2C%20sport%20and%20weather%20%7C%20Newcastle%20Herald&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=lz394hssSU6hWZofCyDMIQ.1&_u=aGDAgEAjQ~&jid=201529761&gjid=335046443&cid=2049418693.1558019227&tid=UA-61683903-1&_gid=810920770.1558019227&gtm=2wg5a1KPMZ4JM&cd1=Newcastle%20Herald&cd2=lego1&cd3=home&cd4=&cd5=home&cd6=&cd7=&cd8=&cd35=&cd36=&cd47=&cd49=&z=1206759453

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2019 22:34:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5934737
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-61683903-1&cid=2049418693.1558019227&jid=201529761&gjid=335046443&_gid=810920770.1558019227&_u=aGDAgEAjQ~&z=520396802
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=2049418693.1558019227&jid=201529761&_v=j75&z=520396802
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=2049418693.1558019227&jid=201529761&_v=j75&z=520396802&slf_rd=1&random=3957643699

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=2049418693.1558019227&jid=201529761&_v=j75&z=520396802&slf_rd=1&random=3957643699

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 May 2019 15:07:06 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 May 2019 15:07:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-61683903-1&cid=2049418693.1558019227&jid=201529761&_v=j75&z=520396802&slf_rd=1&random=3957643699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jdkog4d33gm6tm5h7eq67854maaz.js Show response
b823s.com/ 25 KB
10 KB 98ms
27ms Script
application/javascript 136.243.218.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://b823s.com/jdkog4d33gm6tm5h7eq67854maaz.js
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.218.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.218.243.136.clients.your-server.de
Software: nginx/1.10.0 (Ubuntu) /
Resource Hash: 2de6c03c57fa6f56315d0a90e9f188bf61ba1de455f0ceb50cd14902eba3d78a

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

PRAGMA: no-cache
Date: Thu, 16 May 2019 15:07:08 GMT
CONTENT-ENCODING: gzip
Server: nginx/1.10.0 (Ubuntu)
Content-Type: application/javascript
Access-Control-Allow-Origin: *
CACHE-CONTROL: no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 10035
EXPIRES: 0

GET
H/1.1 200
OK a8v9omjCclKc Show response
cdn.onthe.io/io.js/ 44 KB
15 KB 78ms
26ms Script
text/javascript 142.93.164.216
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/a8v9omjCclKc
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.93.164.216 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS: cdn-eu-7.fra1.do.onthe.io
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 960381cdbe4eddade3c3b0c4d8bf5513cf9768c26c43db27e53df742f4f7b535

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 May 2018 15:26:07 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"5afd9f0f-b1e8"
Transfer-Encoding: chunked
X-Hostname: cdn-eu-7
Content-Type: text/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
Expires: Thu, 16 May 2019 21:18:26 GMT

GET
H/1.1 200
OK puzzles.png
nnstatic-a.akamaihd.net/s/1557985731/images/ 10 KB
10 KB 9ms
8ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/images/puzzles.png
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: cd257d196733acfdafab94b36a074f6de01c2d21ccfcf28215c443a7998ae340

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:08 GMT
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: "5cdcf9c3-2658"
Content-Type: image/png
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9816
Expires: Sat, 15 Jun 2019 15:07:08 GMT

GET
H/1.1 200
OK puzzles_mobile.png
nnstatic-a.akamaihd.net/s/1557985731/images/ 3 KB
3 KB 17ms
8ms Image
image/png 2a02:26f0:6c00::210:ba6b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/images/puzzles_mobile.png
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba6b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: e32d18ce4816c4bf5847e24fcafc650ea566be289229347f1c85fa59f35d728a

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:08 GMT
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: "5cdcf9c3-b45"
Content-Type: image/png
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2885
Expires: Sat, 15 Jun 2019 15:07:08 GMT

GET
H/1.1 200
OK masthead-main.png
nnstatic-a.akamaihd.net/s/1557985731/sites/newcastle-herald/images/masthead/ 217 KB
217 KB 37ms
20ms Image
image/png 2a02:26f0:6c00::210:ba49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/sites/newcastle-herald/images/masthead/masthead-main.png
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 90493b7d09262ca31da85504d3fb39ec95a204e2cd8614ffd75a86b167ad2d79

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:08 GMT
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: "5cdcf9c3-36209"
Content-Type: image/png
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 221705
Expires: Sat, 15 Jun 2019 15:07:08 GMT

GET
H/1.1 404
Not Found spinner.gif
nnstatic-a.akamaihd.net/s/1523247119/images/ 0
0 323ms
307ms Image
text/html 2a02:26f0:6c00::210:ba49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnstatic-a.akamaihd.net/s/1523247119/images/spinner.gif
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 1.jpg
sochi.fairfaxregional.com.au/proxy/dpe/DPE/NCH/2019/05/16/3dissue/files/pages/smartphone/ 134 KB
135 KB 1176ms
398ms Image
image/jpeg 52.65.63.14
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sochi.fairfaxregional.com.au/proxy/dpe/DPE/NCH/2019/05/16/3dissue/files/pages/smartphone/1.jpg

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.65.63.14 Sydney, Australia, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-65-63-14.ap-southeast-2.compute.amazonaws.com

Software

nginx / ASP.NET

Resource Hash

ff865fd3ebf65b46f940231a357eb502b869a705b5354526997f4edc1c6e3dbc

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:09 GMT
etag: "99ea7467fbd51:0"
last-modified: Wed, 15 May 2019 11:14:46 GMT
server: nginx
x-frame-options: DENY
x-powered-by: ASP.NET
vary: Cookie
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 137700

GET
DATA 200
OK truncated
/ 718 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e7bbb56b609b0eab34a187e417daa43e74cbb03f467fcaa12f5ed5615fadf40

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 257 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86f1962100b67cc5225608b37c8c42fdb453f0e1dafde4b3ac5cd13f188a2e57

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 89270c71-0f2e-4955-b35d-8649ceffc313.png
cdn.fairfaxregional.com.au/XWwqerAXUUiAT4pUPaZjTV/ 2 KB
2 KB 2228ms
1457ms Image
image/png 52.65.63.14
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fairfaxregional.com.au/XWwqerAXUUiAT4pUPaZjTV/89270c71-0f2e-4955-b35d-8649ceffc313.png
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.65.63.14 Sydney, Australia, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-65-63-14.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2b141c19916841d85deef62c5e829492f3f92784be3f85b65beb3ad4f3f48658

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:09 GMT
last-modified: Thu, 10 May 2018 06:00:20 GMT
server: nginx
etag: "5af3dff4-85c"
x-cache-stats: ft:0.10
x-cache: Hit
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 2140

GET
H2 200 8afcc05d-9da1-4158-832b-03cf1d0d5d0b.png
cdn.fairfaxregional.com.au/M4qG8tFwm4mdvYjNdABvPv/ 8 KB
8 KB 2228ms
1445ms Image
image/png 52.65.63.14
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fairfaxregional.com.au/M4qG8tFwm4mdvYjNdABvPv/8afcc05d-9da1-4158-832b-03cf1d0d5d0b.png
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.65.63.14 Sydney, Australia, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-65-63-14.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2b2a58484d626ebe05c14698bf8488ed0734d2d60befdc1c13af99b60071bc03

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:09 GMT
last-modified: Fri, 03 Aug 2018 04:22:33 GMT
server: nginx
etag: "5b63d889-1e39"
x-cache-stats: ft:0.09
x-cache: Hit
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 7737

GET
H/1.1 200
OK masthead-alt.png
nnstatic-a.akamaihd.net/s/1557985731/sites/newcastle-herald/images/masthead/ 9 KB
10 KB 57ms
46ms Image
image/png 2a02:26f0:6c00::210:ba49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/sites/newcastle-herald/images/masthead/masthead-alt.png
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 006bcd48bf865825e46b8bab92c9c938a6e55246694d049241eee2e696dbf48d

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:08 GMT
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: "5cdcf9c3-25f3"
Content-Type: image/png
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9715
Expires: Sat, 15 Jun 2019 15:07:08 GMT

GET
H/1.1 200
OK vendor.js Show response
nnstatic-a.akamaihd.net/s/1557985731/legolite/js/ 455 KB
154 KB 31ms
19ms Script
application/javascript 2a02:26f0:6c00::210:ba49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/js/vendor.js
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: ce9725c8fd030478ee28606364de5b03ac3ba8fe407276144cddf6650206851a

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-71d22"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 157641
Expires: Sat, 15 Jun 2019 15:07:08 GMT

GET
H/1.1 200
OK app.js Show response
nnstatic-a.akamaihd.net/s/1557985731/legolite/js/ 149 KB
47 KB 19ms
8ms Script
application/javascript 2a02:26f0:6c00::210:ba49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/js/app.js
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba49 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: e072617c2a134d2d80d3c83fe4f98d78df7f1a91c49a48eca640751502028f01

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 05:48:51 GMT
ETag: W/"5cdcf9c3-254af"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 47367
Expires: Sat, 15 Jun 2019 15:07:08 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Origin: https://www.theherald.com.au

Response headers

date: Mon, 25 Mar 2019 20:19:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:10:29 GMT
server: sffe
age: 4474057
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:31 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Origin: https://www.theherald.com.au

Response headers

date: Fri, 10 May 2019 08:52:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:11:39 GMT
server: sffe
age: 540892
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 0
expires: Sat, 09 May 2020 08:52:16 GMT

GET
H/1.1 200
OK snxj6l9wj.js Show response
cdn.krxd.net/controltag/ 20 KB
6 KB 72ms
14ms Script
text/javascript 151.101.0.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.175 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: abb0b45bc4bc0e6b957dae12f1800f512fc691a2a499ede129fe9c9beba1d601

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Config_Service_V3
Date: Thu, 16 May 2019 15:07:08 GMT
Content-Encoding: gzip
Age: 997
X-Cache: MISS, HIT, HIT
X-App-Cache: HIT
Connection: keep-alive
Content-Length: 5215
X-Served-By: config-service-a001.krxd.net, cache-iad2148-IAD, cache-hhn1537-HHN
X-Response-Time: 0
Accept-Ranges: bytes
X-Do-Esi: esi
X-Timer: S1558019229.635808,VS0,VE1
ETag: "8641a618967fed1a1bfe50c412776a28ac420eb3"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=1200
X-Age: 0
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK 186432-278594325649166.js Show response
js-sec.indexww.com/ht/p/ 86 KB
27 KB 161ms
36ms Script
text/javascript 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186432-278594325649166.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?cachebust=20190219&gtm_cookies_win=x&id=GTM-KPMZ4JM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2a98b3b10247f3a9c87515d1a22a1f5ff0315f288d70a5c0edb7f47315e90200

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 May 2019 14:45:46 GMT
Server: Apache
ETag: "7616a5-157ba-58902523c829a"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2388
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 27000
Expires: Thu, 16 May 2019 15:46:56 GMT

GET
H/1.1 200
OK ad-400.js Show response
hm732.com/adverts/ 1 B
348 B 87ms
23ms XHR
application/javascript 138.201.44.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hm732.com/adverts/ad-400.js
Requested by: Host: b823s.com
URL: https://b823s.com/jdkog4d33gm6tm5h7eq67854maaz.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.44.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.8.44.201.138.clients.your-server.de
Software: nginx/1.10.0 (Ubuntu) /
Resource Hash: 41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

Pragma: public
Date: Thu, 16 May 2019 15:07:08 GMT
Server: nginx/1.10.0 (Ubuntu)
Content-Type: application/javascript, application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 1
Expires: Fri, 17 May 2019 15:07:08 GMT

GET
H/1.1 200
OK lxkkpn
by217.com/ 35 B
354 B 123ms
46ms Image
image/gif 88.99.106.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://by217.com/lxkkpn?MXwXWhsdGQpIU1cMER8AU1FFQBlWU19VTVwKRRUUVBISTkJJRklXU0tZVxIIBBAWS1hLGFMRFAgBEEsbU0MVDxhaR0kFBw5LT1cOAF4WEQcUFVhJAE8F
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.106.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-106-112.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

PRAGMA: no-cache
Date: Thu, 16 May 2019 15:07:08 GMT
CONTENT-ENCODING: gzip
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
CACHE-CONTROL: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52
EXPIRES: 0

GET
DATA 200
OK truncated
/ 366 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf4bad2bed510d5a98da212aa8ace1554e0da88e7c72bf824ac66b671927153c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 508 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9926599f340fa47d63665b751525f58cad4aa90e110c9aa6f4489ffaf5a1dc11

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c0ab613b042bfbc9c5f5e9a9a547283fb9125b14846d9f4864ef3b853f6e7f9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e38ea1af225b43e5e55a1264bbfaa0b2518ac03da73b403a4582fbf9d8c52d60

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 278 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4abe9cdc849179867d36f46e63d86bfad9f88012a023889526f75df42ebcd8bf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK controltag.js.b3e38a58706a8dccd9e35f7d4fbedb33 Show response
cdn.krxd.net/ctjs/ 249 KB
80 KB 13ms
12ms Script
application/javascript 151.101.0.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.b3e38a58706a8dccd9e35f7d4fbedb33
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.175 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 73befba6079d62cda9ad97982f2de870df5bf6235cf67d8e78977d4a1509496b

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Thu, 16 May 2019 15:07:08 GMT
Content-Encoding: gzip
Age: 608486
X-Cache: HIT
Connection: keep-alive
Content-Length: 81035
X-Served-By: cache-hhn1537-HHN
Last-Modified: Tue, 07 May 2019 19:07:53 GMT
X-Timer: S1558019229.696583,VS0,VE0
ETag: "b3e38a58706a8dccd9e35f7d4fbedb33"
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Fri, 04 May 2029 19:07:51 GMT
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
X-Cache-Hits: 2964256

GET
H/1.1 200
OK ad-400.js Show response
advertising.oriel.io/adverts/ 1 B
348 B 94ms
25ms XHR
application/javascript 138.201.138.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://advertising.oriel.io/adverts/ad-400.js
Requested by: Host: b823s.com
URL: https://b823s.com/jdkog4d33gm6tm5h7eq67854maaz.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.138.163 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s4.oriel.io
Software: nginx/1.10.0 (Ubuntu) /
Resource Hash: 41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

Pragma: public
Date: Thu, 16 May 2019 15:07:08 GMT
Server: nginx/1.10.0 (Ubuntu)
Content-Type: application/javascript, application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 1
Expires: Fri, 17 May 2019 15:07:08 GMT

GET
H2 200 tinypass.min.js Show response
cdn-au.piano.io/api/ 343 KB
115 KB 19ms
18ms Script
application/javascript 2606:4700::6810:2a41
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-au.piano.io/api/tinypass.min.js
Requested by: Host: nnstatic-a.akamaihd.net
URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: de82c2a59238a710f2b780989c77d443eec90afe8416e8e70e50f8097cdadf16

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:08 GMT
content-encoding: gzip
cf-cache-status: HIT
wn: prodau-dash-node4
server: cloudflare
p3p: CP="NON DSP COR OUR IND"
etag: W/"351334-1557957006000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
last-modified: Wed, 15 May 2019 21:50:06 GMT
cf-ray: 4d7e42740cc96407-FRA
expires: Thu, 16 May 2019 19:07:08 GMT

GET
H2 200 hotjar-1265741.js Show response
static.hotjar.com/c/ 3 KB
2 KB 119ms
36ms Script
application/javascript 147.75.83.82
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1265741.js?sv=6

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.82 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-29

Software

openresty /

Resource Hash

c16f2ab35d11169b90455bb2c9888d8dc396f2da1b37c886ad91d0162082b14f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 6
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 1543
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/d1d527beb7ed6185264cadbce227d242
access-control-max-age: 600
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.075
accept-ranges: bytes
section-io-id: aa4a0ab9765d6b5dfae627194a6a3c57

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ac2c7b85bdd8fc2b9219e5404775cc7283bc5152f6bf70fd0e5e683e87ae853

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
530 B 124ms
35ms XHR
application/json 52.49.216.17
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186432
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186432-278594325649166.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.216.17 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-216-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fc8252e5fceae65540379ff3739b79eab75d3fe1c5a81ab28d4bae70138517c8

Request headers

Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 16 May 2019 15:07:08 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theherald.com.au
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 15 Jun 2019 15:07:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 31 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.theherald.com.au
URL: https://www.theherald.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

73105bd49cc381afe3583872c08f24f301299ddeb7764b72c575cf02f8f8f2dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "167 / 550 of 1000 / last-modified: 1558015537"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10539
x-xss-protection: 0
expires: Thu, 16 May 2019 15:07:08 GMT

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma30461/all/7/
Redirect Chain

https://js.matheranalytics.com/s/ma30461/481249905/all/ml.js?cb=1503
https://js.matheranalytics.com/static/ltm/ma30461/all/7/ml.br.js

130 KB
38 KB

14ms
13ms

Script
application/x-javascript

107.178.250.234
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma30461/all/7/ml.br.js
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.250.234 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5b376b9656bdae0ddbc27a370224a543a0279ea24c627eda3524335309973dea

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 14 May 2019 05:18:32 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2019 11:46:20 GMT
server: nginx
age: 208116
etag: "5777ec3b1d7d88fabbfae922ba8dcd5f"
vary: Accept-Encoding
x-cache: HIT Mon, 22 Apr 2019 11:59:11 GMT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=269200
alt-svc: clear
content-length: 39250
via: 1.1 google

Redirect headers

date: Thu, 16 May 2019 15:07:08 GMT
via: 1.1 google
server: nginx
location: https://js.matheranalytics.com/static/ltm/ma30461/all/7/ml.br.js
vary: Accept-Encoding
status: 301
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 4-gc-euw1-10906

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theherald.com.au

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 19ms
18ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theherald.com.au

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019050901.js Show response
securepubads.g.doubleclick.net/gpt/ 150 KB
55 KB 47ms
47ms Script
text/javascript 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

a161cba4b2b8a90e2ca19e935256925fa3920b6ed129ec1568fccbd1a290b1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 May 2019 13:16:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55799
x-xss-protection: 0
expires: Thu, 16 May 2019 15:07:08 GMT

GET
H2 200 modules.fbe6b6c15e2af6afe9ac.js Show response
script.hotjar.com/ 421 KB
88 KB 102ms
28ms Script
application/javascript 147.75.204.215
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fbe6b6c15e2af6afe9ac.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1265741.js?sv=6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.204.215 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-22

Software

Resource Hash

d12b53b875b02458512c3049cd40119d0ac77b75b431a2cbbc997574b8eeb814

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 May 2019 14:20:47 GMT
access-control-allow-origin: *
etag: W/"8657d4a060e509c56e788e2dc2e6aa8d"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.028
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 381f9f554c2a39166437e566f3a75db2
content-length: 89203

GET
H/1.1 200
OK lxkkpn
by217.com/ 35 B
354 B 103ms
37ms Image
image/gif 88.99.106.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://by217.com/lxkkpn?MXwXWhsdGQpIU1cMER8AU1FFQBlWU19aSlEESBUUVBISTkJbR1IYCwUAEEZTWUlRHRsKUVNfTx0SVx9NFBlSFAUcSVFSBANfBhcKHwcJSwxABw
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.106.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-106-112.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

PRAGMA: no-cache
Date: Thu, 16 May 2019 15:07:09 GMT
CONTENT-ENCODING: gzip
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
CACHE-CONTROL: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52
EXPIRES: 0

GET
H2 200 get Show response
buy-au.piano.io/api/v3/anon/user/ 116 B
214 B 1440ms
1440ms Script
application/json 2606:4700::6810:2a41
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://buy-au.piano.io/api/v3/anon/user/get?aid=jB2cYAVqtu&user_provider=piano_id&user_token=&callback=jQuery171001921967648556433_1558019228918&_=1558019229025
Requested by: Host: cdn-au.piano.io
URL: https://cdn-au.piano.io/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e007cb3c9c1dbce7e62f8b0e9f98c7f3dfcc980dec237aa27e374e69429be68a

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 May 2019 15:07:10 GMT
content-encoding: gzip
wn: prodau-dash-node1
server: cloudflare
p3p: CP="NON DSP COR OUR IND"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4d7e42757dd16407-FRA
x-request-id: CybrlrpnoFU
expires: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 422ms
100ms Image
image/gif 34.196.234.179
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fwww.theherald.com.au%2F&page=Newcastle%20News%2C%20sport%20and%20weather%20%7C%20Newcastle%20Herald&sec=home&pubname=Newcastle%20Herald&ptype=home&hier=home&cms=lego1&tv=js-3.0.74&tna=Mather&aid=v1&p=web&tz=UTC&tzoff=0&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=7&tvcfg=all&tid=d8635a16-c2ac-4ad5-ad00-41844fc36f23&pid=a8450dbc-44ee-44c3-8a2a-70f05848d353&dtm=1558019229032&qnm=_matherq&visible=1&tabid=50da3103-8c7b-46f6-a2c6-89d5495b1bf8&vp=1600x1200&ds=1585x7044&tofa=1558019229&vid=1&duid=89d76632aaf85e7c&fp=3998842399&cid=ma30461&mrk=481249905&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU1ODAxOTIyNTU2NSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMC4wNDM4NDFtYiIsImhlYXBUIjoiMjIuNzY5ODA5bWIiLCJmc3RQYWludCI6IjI5MjAiLCJmZXRjaFMiOiIzNjIiLCJkb21haW5TIjoiMzYzIiwiZG9tYWluRSI6IjQwMiIsImNvbm5TIjoiNDAyIiwiY29ubkUiOiI0MzgiLCJzc2xTIjoiNDE0IiwicmVxdVMiOiI0MzgiLCJyZXNwUyI6IjgxMSIsInJlc3BFIjoiMjg4MiIsImRvbUxvYWQiOiI4MTciLCJkb21JbnRlciI6IjMyMzUiLCJkb21Mb2FkUyI6IjMyMzYiLCJkb21Mb2FkRSI6IjMyNjQifX0
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.234.179 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-196-234-179.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:09 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK 3220481e-9545-495d-b98d-6e863d0aa1af Show response
consumer.krxd.net/consent/get/ 238 B
614 B 63ms
13ms Script
text/javascript 151.101.0.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/3220481e-9545-495d-b98d-6e863d0aa1af?idt=device&dt=kxcookie&callback=Krux.ns.fairfaxacm.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.b3e38a58706a8dccd9e35f7d4fbedb33
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.175 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: a973cc2fc7a6aaa01a049277eb7032b95c6f35713604eae45fa6ce65032b9f68

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:09 GMT
Via: 1.1 varnish
Age: 150
X-Timer: S1558019229.091365,VS0,VE1
Vary: Accept-Encoding
X-Cache: MISS, HIT
Content-Type: text/javascript; charset=UTF-8
Cache-Control: max-age=1800
X-Cache-Hits: 0, 1
Connection: keep-alive
Accept-Ranges: bytes
Content-Encoding: gzip
X-Age: 0
Content-Length: 194
X-Served-By: consumer-a008-dub.krxd.net, cache-hhn1546-HHN

GET
H2 200 verify Show response
id-au.piano.io/id/api/v1/identity/token/ 161 B
468 B 1422ms
1421ms Script
application/json 2606:4700::6810:2a41
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://id-au.piano.io/id/api/v1/identity/token/verify?callback=jQuery171001921967648556433_1558019228919&client_id=jB2cYAVqtu&token=&site=https%3A%2F%2Fwww.theherald.com.au&_=1558019229052
Requested by: Host: cdn-au.piano.io
URL: https://cdn-au.piano.io/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0649633877c7786fd993b57e50d7da9e93182294ab500220bcc062d9b6c4af1

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:10 GMT
content-encoding: gzip
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
status: 200
pragma: no-cache
wn: prodau-dash-node2
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 4d7e42759dee6407-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame EDBA 0
0 101ms
25ms Document
text/html 147.75.83.82
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1265741.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.83.82 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-29
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.theherald.com.au/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/

Response headers

status: 200
date: Thu, 16 May 2019 15:07:09 GMT
content-type: text/html
content-length: 967
cache-control: max-age=31536000
last-modified: Tue, 30 Apr 2019 14:57:42 GMT
section-io-origin-status: 200
section-io-origin-time-seconds: 0.049
etag: W/"90f3a29ef7448451db5af955688970d7"
content-encoding: gzip
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: adc5eb584914aefb325eda8c5fe1f506

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 710 B
486 B 62ms
62ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1594820974871378&correlator=1449591055302580&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061864%2C21063159%2C21063406&vrg=2019050901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&iu_parts=21666581298%2Cnewcastleherald%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=6x1%2C1x1&ists=1&prev_scp=pos%3D1%26ur%3Dnewcastleherald%257Chomepage%257Chome%257C%257C1%257C6x1%257Cdesktop%26urh%3D-417239817%7Cur%3Dnewcastleherald%257Chomepage%257Chome%257C%257C%257Cint%257Cdesktop%26urh%3D825609984&cust_params=region%3Dnorthern%26ctype%3Dhomepage%26cat%3Dhome%26locstate%3Dnsw%26kuid%3D%26sysEnv%3Ddesktop%26generator%3Dnewsnow%26brms%3Dtrue%26brvs%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1558019229&dt=1558019229109&dlt=1558019226382&idt=2696&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C0&adys=0%2C0&adks=2002901277%2C1667787902&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.theherald.com.au%2F&dssz=54&icsg=549755824640&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x0%7C1585x7043&msz=6x1%7C1x1&blev=1&bisch=1&ga_vid=200210871.1558019229&ga_sid=1558019229&ga_hid=1226733830&fws=128%2C128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

02248b9b356d66ce75a856855925e068f0accb6d7a93cde522459e72c6ce9741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

date: Thu, 16 May 2019 15:07:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 304
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theherald.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019050901.js Show response
securepubads.g.doubleclick.net/gpt/ 71 KB
27 KB 47ms
47ms Script
text/javascript 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019050901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

93d39da3773a26f38a235454f91d1d2a57a0d9d066c72f9a41452651b08e539e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 May 2019 13:16:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27443
x-xss-protection: 0
expires: Thu, 16 May 2019 15:07:09 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ 0
0 12ms
11ms Other
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019050901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
412 B 473ms
111ms XHR
text/plain 54.172.174.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/6938472286.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.174.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-172-174-181.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://www.theherald.com.au
Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Thu, 16 May 2019 15:07:11 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.theherald.com.au
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
2 KB 12ms
11ms Script
application/javascript 2606:4700:e4::ac40:a222
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: nnstatic-a.akamaihd.net
URL: https://nnstatic-a.akamaihd.net/s/1557985731/legolite/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:10 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 68E1383B2332C2CE
cf-ray: 4d7e42803f31d709-FRA
status: 200
x-amz-id-2: xiMJPdF0bfv1nWVbnsRhApBDRafQfgOVHs06+RmcqZMEqnTjO+VgvW2JCaqYluIiRy/6qe7rSsU=
last-modified: Wed, 20 Mar 2019 08:41:04 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: X57jS16C5nGCzFSxngcUi3lF_R_2.PZg
cache-control: public, max-age=28800
content-type: application/javascript
expires: Thu, 16 May 2019 23:07:10 GMT

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/ Frame 4556
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

24 KB
7 KB

39ms
37ms

Script
application/javascript

104.18.72.113
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbe42375f89b1b60e63cab69f39cf643e51318e004b58af528a3f44c4cafd711

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:10 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: A383ACC1B221A667
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-type: application/javascript
x-amz-id-2: P8ZNVlTXmrknrt7aPIWPCMmMqUze3AdABK62gMjMbDKXqX4XdhlZp48S6ljmSfjhLMNfLCtsHTI=
last-modified: Thu, 09 May 2019 06:26:10 GMT
server: cloudflare
etag: W/"900f9b4dedbc0f34b05b14425f37386b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 2Kdt9_2NDyrC16g7mZ8PRxgDRyOPYaJR
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 4d7e42808f6d3534-LHR

Redirect headers

date: Thu, 16 May 2019 15:07:10 GMT
server: cloudflare
location: https://static.zdassets.com/ekr/asset_composer.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 301
cache-control: max-age=3600
strict-transport-security: max-age=0
cf-ray: 4d7e42804b60c83f-AMS
expires: Thu, 16 May 2019 16:07:10 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 10ms
9ms Script
application/x-javascript 2600:9000:20bb:7600:18:1fcd:349:ca21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:7600:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b8a8385400d498bd2379a4abd15c533ae635bc5a958198b339cd19662d062e39

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 01:07:46 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2019 01:35:46 GMT
server: nginx
age: 50364
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-id: Sn-ewCoI2_ACq2aruvddx7pvjJI8O1wJM3dlPWR9Tkh0UZRY1r4bcw==
via: 1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)
expires: Fri, 17 May 2019 01:07:46 GMT

GET
H/1.1 200
OK optout_check Show response
beacon.krxd.net/ 64 B
317 B 164ms
40ms Script
text/javascript 54.217.209.208
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.fairfaxacm.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.b3e38a58706a8dccd9e35f7d4fbedb33
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.209.208 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-217-209-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4a182727f67e363ee9bae8e743947f3e56c807c9659cab3dd91e4b3320e7c15b

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:10 GMT
Cache-Control: private, max-age=0, s-max-age=0
X-Request-Time: D=57 t=1558019230
Connection: keep-alive
X-Served-By: beacon-n030-dub.krxd.net
Content-Length: 64
Content-Type: text/javascript

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-au.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

8ms
7ms

Script
text/javascript

2600:9000:20bb:be00:2:42d9:3100:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: V6f0f8aPs4uc7kiNd9V1rxWOPadm6KHc
content-encoding: gzip
last-modified: Wed, 27 Mar 2019 02:17:52 GMT
server: AmazonS3
age: 71899
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=86400
date: Wed, 15 May 2019 19:09:18 GMT
x-amz-cf-id: 61FjjoYAWoHgYR1_Xd6oBmi5Ny6r9qRXu18aetf6HY_DRo--ENhVoQ==
via: 1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)

Redirect headers

status: 301
date: Thu, 16 May 2019 15:07:10 GMT
server: awselb/2.0
content-length: 150
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-type: text/html

GET
H2 200 ggcmb510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 7ms
6ms Script
application/javascript 2600:9000:20bb:be00:2:42d9:3100:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: www.theherald.com.au
URL: https://www.theherald.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: eV4ifaHCsLoRUqgtPitq6T30xrVcwbo9
content-encoding: gzip
last-modified: Wed, 27 Mar 2019 16:35:08 GMT
server: AmazonS3
age: 71915
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Wed, 15 May 2019 19:08:35 GMT
x-amz-cf-id: _MF-40gCBrNPBHxsIokK7FboUhXcS47LeFTOxj-V1JYXyjjm_PHNQg==
via: 1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 204ms
203ms Image
image/gif 107.23.115.104
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=theherald.com.au&p=%2F&u=DVFHibDkrQvuV1CGE&d=theherald.com.au&g=27223&g0=home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7118&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=5183&t=CE1TTuD7ecualWiH30tORpD0qLQE&V=113&i=Newcastle%20News%2C%20sport%20and%20weather%20%7C%20Newcastle%20Herald&tz=0&sn=1&sv=CoeFRMBP9OY1FaQf3IoyToCD4ucH&sd=1&im=062b0733&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.115.104 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-107-23-115-104.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 16 May 2019 15:07:10 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 7ms
7ms Script
application/javascript 2600:9000:20bb:be00:2:42d9:3100:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: uISShhR4AS42ssOdQwxKF7F02AFNsCVV
content-encoding: gzip
last-modified: Wed, 27 Mar 2019 16:35:08 GMT
server: AmazonS3
age: 71898
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Wed, 15 May 2019 19:09:09 GMT
x-amz-cf-id: ywvakRP8I6t2I2aNQ1UAN0V9xmsek0zkcEmtP-fBasUJjSe6s_WINQ==
via: 1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)

GET
H2 200 P553E793A-7C43-4F14-9680-D63B52235283.js Show response
cdn-gl.imrworldwide.com/conf/ 33 KB
7 KB 8ms
7ms Script
application/javascript 2600:9000:20bb:be00:2:42d9:3100:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P553E793A-7C43-4F14-9680-D63B52235283.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d075a83599848e3fe7a5ef7d22cddad3b6da99ce8b0c7b71a9a9016d0d754f19

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 13:08:34 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2019 12:30:40 GMT
server: AmazonS3
age: 477
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: RPonnBvbPeyhdyZQecnBGNCRfVS2yYC3
status: 200
cache-control: max-age=86400,s-maxage=86400
content-type: application/javascript
x-amz-cf-id: CvxbOSR4M5SRCG6U1Cd-Yro7ubeZG2-kZtvpdY0GTLrl6nd14VR3UA==
via: 1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 155ms
47ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42433:uniques_instantly[domain:www.theherald.com.au,url:%2F,language:en,page:Main%20page,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36,device:desktop,browser_version:Other%2067,browser:Other,depth:1,user_type:new,user_id:c4c634820.965f5bc9b_1558019230846,cdn_version:18]&s=af4c9512891beba751a8fbf484775b7c&1558019230850
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/a8v9omjCclKc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

Pragma: no-cache
Date: Thu, 16 May 2019 15:07:10 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 newcastleherald.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ Frame 4556 238 B
777 B 14ms
14ms XHR
application/json 2600:9000:20bb:9a00:14:e8dc:9940:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ekr.zdassets.com/compose/web_widget/newcastleherald.zendesk.com
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:9a00:14:e8dc:9940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 94b7b00ea6b3939ad365c28a6c6779d8877517086d47043e778f91612e67948d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

date: Thu, 16 May 2019 13:10:48 GMT
via: 1.1 c5ad7defce0694621f07129d852e42da.cloudfront.net (CloudFront)
vary: Origin
age: 57
x-cache: Hit from cloudfront
status: 200, 200 OK
content-length: 238
x-request-id: 5498abdc-3cd8-4bea-97a3-9b85955f313d
x-runtime: 0.007334
server: nginx
etag: W/"94b7b00ea6b3939ad365c28a6c6779d8"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theherald.com.au
access-control-expose-headers
cache-control: public, max-age=600, s-maxage=60
access-control-allow-credentials: true
x-amz-cf-id: AAS96-K_3TPiEGhP15d7i0m6HHX8u5fOLDXRAJkj65-ZBjEJAS_lUg==

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 152ms
48ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42433:visits_instantly[domain:www.theherald.com.au,url:%2F,language:en,page:Main%20page,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36,device:desktop,browser_version:Other%2067,browser:Other,depth:1,user_type:new,user_id:c4c634820.965f5bc9b_1558019230846,cdn_version:18]&s=af4c9512891beba751a8fbf484775b7c&__io=c4c634820.965f5bc9b_1558019230846&1558019230855
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/a8v9omjCclKc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

Pragma: no-cache
Date: Thu, 16 May 2019 15:07:10 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 149ms
48ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42433:pageviews[domain:www.theherald.com.au,url:%2F,language:en,page:Main%20page,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36,device:desktop,browser_version:Other%2067,browser:Other,depth:1,user_type:new,user_id:c4c634820.965f5bc9b_1558019230846,cdn_version:18]&s=af4c9512891beba751a8fbf484775b7c&1558019230857
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/a8v9omjCclKc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

Pragma: no-cache
Date: Thu, 16 May 2019 15:07:10 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 154 KB
45 KB 7ms
6ms Script
application/javascript 2600:9000:20bb:be00:2:42d9:3100:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P553E793A-7C43-4F14-9680-D63B52235283.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb555becf9cb272e5d13e3f54a07a06034900816f1805c4ec4df7d719d45ae17

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: OqMDVoXMC0Pl.vtZ9bUCz1Vpdssske9w
content-encoding: gzip
last-modified: Wed, 27 Mar 2019 16:35:08 GMT
server: AmazonS3
age: 71924
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Wed, 15 May 2019 19:08:40 GMT
x-amz-cf-id: pTV1Glgr07JYH7Zn0OPZ7IbYTrr1cJAFa5n1gMuHwoyO4ePtrwxJ7Q==
via: 1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)

GET
H2 200 a868061aedd230501d2a8a522cee6005ca7778fb Show response
ekr.zdassets.com/compose_product/web_widget/ Frame 4556 339 B
873 B 21ms
21ms XHR
application/json 2600:9000:20bb:9a00:14:e8dc:9940:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ekr.zdassets.com/compose_product/web_widget/a868061aedd230501d2a8a522cee6005ca7778fb?features[]=ticket_submission&use_json=true
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:9a00:14:e8dc:9940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 2af904471216e1101423b2f6faa6cf5007eebfa2aea7438fd419605f3fdc55fa

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

date: Thu, 16 May 2019 07:08:37 GMT
via: 1.1 c5ad7defce0694621f07129d852e42da.cloudfront.net (CloudFront)
vary: Origin
age: 28713
x-cache: Hit from cloudfront
status: 200, 200 OK
content-length: 339
x-request-id: a1aa3b93-6509-4d7a-b087-61c3a276506e
x-runtime: 0.004411
server: nginx
etag: W/"2af904471216e1101423b2f6faa6cf50"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theherald.com.au
access-control-expose-headers
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-id: HqbqLQcimsyzhJ_JwuMLty7WEHrieuTcwnS2qtYbGCe_5bXQCc9z0Q==

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 4B95 0
0 14ms
14ms Document
text/html 2600:9000:20bb:be00:2:42d9:3100:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:be00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.theherald.com.au/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/

Response headers

status: 200
content-type: text/html
last-modified: Wed, 27 Mar 2019 16:35:07 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: rzSfMcx919QN3wc1e0jl4CN3A2NWibC3
server: AmazonS3
content-encoding: gzip
date: Wed, 15 May 2019 19:08:25 GMT
cache-control: max-age=86400
vary: Accept-Encoding
age: 71928
x-cache: Hit from cloudfront
via: 1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)
x-amz-cf-id: sI_kjhvglSihJ1P_S_UopGqUxgpDMrF2rfQVCT1u4jh8OxJfmBlDIg==

GET
H2 200 runtime.fa28037f158c4c49acea.js Show response
static.zdassets.com/web_widget/latest/ Frame 37D3 2 KB
1 KB 38ms
37ms Script
application/javascript 104.18.72.113
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/runtime.fa28037f158c4c49acea.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6feed27cb2bbf32a7c54e063b537c5be6ee7aab4e36a586fb733da2c05fdae5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:10 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: CCA675CDEEEFC050
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
x-amz-id-2: GsVd5qv12pT0tDPWoJEc69tN1ekn/DMOwkF8C4Ilz39t2ENeoCwNwGDOUUvQ32nx84kR5d058ZE=
last-modified: Tue, 14 May 2019 01:36:34 GMT
server: cloudflare
etag: W/"f7e8e083e466edeafb411e3b29ac7289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 4Sk8paewyrIYEQejKjYCILYBn2gKc.rb
cache-control: public, max-age=31536000
cf-ray: 4d7e42814fe13534-LHR
expires: Wed, 13 May 2020 01:36:33 GMT

GET
H2 200 common_vendor.1631a18322c1e45b326c.js Show response
static.zdassets.com/web_widget/latest/ Frame 37D3 283 KB
94 KB 152ms
151ms Script
application/javascript 104.18.72.113
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/common_vendor.1631a18322c1e45b326c.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeafacef5a6029fb54f0b596912d8d5f244924184a3133b8181a707d682f0d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:10 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 4ACD795148C0E46E
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
x-amz-id-2: 7E5fn0Q9qg0jGaj4B5sGO3tdpqb6nvweABr7mDBd62wCLF92Is9Qyql5xPB/2Jnwf8EExBtwHSA=
last-modified: Tue, 14 May 2019 01:36:34 GMT
server: cloudflare
etag: W/"4216abea22152f26d4f44e3ec9efcb93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: AxhpwbiyPOVqw.zYeCaLx35fEkHIvYJ3
cache-control: public, max-age=31536000
cf-ray: 4d7e42814fe23534-LHR
expires: Wed, 13 May 2020 01:36:33 GMT

GET
H2 200 web_widget.978983efead85e8f46bb.js Show response
static.zdassets.com/web_widget/latest/ Frame 37D3 2 MB
393 KB 38ms
38ms Script
application/javascript 104.18.72.113
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e11a84380b3d8221e4b6a58a148be42e5e815a32c1449d6dee5d84b39c23dc58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:10 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: C0E0DFB5CF98DBC8
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
x-amz-id-2: byhcj2EmYSIOuZKkorl0tNqbs+oXMftgxcRfk0Mmrj+ed9R6W/gvtRgTAfnvr3mok5TFmCB2/Wg=
last-modified: Wed, 15 May 2019 06:02:27 GMT
server: cloudflare
etag: W/"27323a9e1152c950965fe6b5b7b84e93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: g7QKcGrP5DPJpIJMJpHilLFkJofX4TeT
cache-control: public, max-age=31536000
cf-ray: 4d7e42814fe33534-LHR
expires: Thu, 14 May 2020 06:02:26 GMT

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019230944&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019230944&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200&ja=1

44 B
468 B

38ms
37ms

Image
image/gif

2600:9000:20bb:4400:1e:a43d:b640:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019230944&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200&ja=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:4400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 May 2019 15:07:11 GMT
via: 1.1 dfb957c193e8f98057bb6f530c2816a9.cloudfront.net (CloudFront)
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 200
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: N-8EMLaCN9rysmGr0ni1i8a2c9BZuD4PJ84y1y0vFCzJ3or3t5WT3Q==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 May 2019 15:07:10 GMT
via: 1.1 dfb957c193e8f98057bb6f530c2816a9.cloudfront.net (CloudFront)
server: nginx
access-control-allow-origin: *
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1558019230944&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.theherald.com.au%2F&sr=1600x1200&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 302
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: jrwx51scn4cm1GfuSJZPtwOMCyJWHmSnYS9DVDBEwr8hQzEQgWlTBg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
246 B 114ms
113ms XHR
text/plain 54.172.174.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.174.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-172-174-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.theherald.com.au
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Thu, 16 May 2019 15:07:11 GMT
Content-Type: text/plain

GET
H2 200 config Show response
newcastleherald.zendesk.com/embeddable/ Frame 37D3 505 B
663 B 170ms
169ms XHR
application/json 104.16.52.111
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://newcastleherald.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.52.111 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

02b4519d09518b283b7a2a427f77fc4c7422542064b0acb35ced834995dddd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.theherald.com.au

Response headers

date: Thu, 16 May 2019 15:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
vary: Origin, Accept-Encoding
x-request-id: 4d7e33ddd8234253-IAD
x-runtime: 0.002225
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-867556746b-vrfgs
cf-ray: 4d7e42847981ce5b-LHR

GET
H2 200 en-us.14a18486fe69862e0aa6.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame 37D3 21 KB
5 KB 42ms
42ms Script
application/javascript 104.18.72.113
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us.14a18486fe69862e0aa6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90061e3116a39fe12089aae5143fdc63620921a672a48d2a9e8baa18181232b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:11 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: EE24300BACD3271A
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
x-amz-id-2: JesQlrDBUswYJgZm0BvUeLfWz5SHB1feUrdkg7Q88ThUYBA/twtpa0r4DvHTytlgD1/achJsvE4=
last-modified: Wed, 01 May 2019 01:36:00 GMT
server: cloudflare
etag: W/"14a18486fe69862e0aa6b4a2764d0949"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Vp5AgBzM71QmCgmRPdE2qbeoyWQrqRaw
cache-control: public, max-age=31536000
cf-ray: 4d7e42858bee3534-LHR
expires: Thu, 30 Apr 2020 01:35:59 GMT

GET
H2 200 show_many.json Show response
newcastleherald.zendesk.com/api/v2/ticket_forms/ Frame 37D3 3 KB
1 KB 231ms
230ms XHR
application/json 104.16.52.111
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://newcastleherald.zendesk.com/api/v2/ticket_forms/show_many.json?ids=114093992954&include=ticket_fields&locale=en-US

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.52.111 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

372814b54995a67278ae9e0c7cae3139cbf9223ce1843941dc86ca029c8d4776

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US
Origin: https://www.theherald.com.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 May 2019 15:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rate-limit-remaining: 700
x-rate-limit: 700
x-zendesk-request-id: b9ad51e44c02c5f60979
status: 200
strict-transport-security: max-age=259200;
x-request-id: 4d7e42864f6fce5b-IAD
x-runtime: 0.097994
server: cloudflare
x-zendesk-api-version: v2
etag: W/"c11278c7b690eca91ce6c3066556ba51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: max-age=60, private
access-control-allow-credentials: true
x-zendesk-application-version: v2305.62
x-zendesk-origin-server: app37.pod14.use1.zdsys.com
cf-ray: 4d7e42864f6fce5b-LHR

GET
H2 200 embeddable_blip Show response
newcastleherald.zendesk.com/ Frame 37D3 0
39 B 140ms
129ms XHR
text/html 104.16.52.111
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://newcastleherald.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LnRoZWhlcmFsZC5jb20uYXUvIiwidGltZSI6MzQ1LCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiTmV3Y2FzdGxlIE5ld3MsIHNwb3J0IGFuZCB3ZWF0aGVyIHwgTmV3Y2FzdGxlIEhlcmFsZCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiNWEwMTFkMzZkMjE5MThkMWY5ZWEwMDMwYzc3OTEwMGYiLCJzdWlkIjoiNTAxNGNlMTdlNzliOGRjYWU2YmEzNWZjY2EyYmM1NjgiLCJ2ZXJzaW9uIjoiYTg2ODA2MWFlIiwidGltZXN0YW1wIjoiMjAxOS0wNS0xNlQxNTowNzoxMS43NjNaIiwidXJsIjoiaHR0cHM6Ly93d3cudGhlaGVyYWxkLmNvbS5hdS8ifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.52.111 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.theherald.com.au

Response headers

date: Thu, 16 May 2019 15:07:11 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.theherald.com.au
accept-ranges: bytes
cf-ray: 4d7e4286a8d9ce5b-LHR
content-length: 0

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
425 B 42ms
38ms Image
image/gif 52.30.203.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-302812&ch=au-302812_c111_Puzzles_S&asn=Puzzles&sessionId=o7JRBzHgfJb9yKcxFpNwO0DrEoesV1558019230&prv=1&c6=vc,c111&ca=NA&c13=asid,P553E793A-7C43-4F14-9680-D63B52235283&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,newcastleherald&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,15580192308863358&c30=bldv,6.0.0.333&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=homepage&c3=st,c&c64=starttm,1558019233&adid=homepage&c58=isLive,false&c59=sesid,&c61=createtm,1558019232&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.theherald.com.au%2F&c66=mediaurl,&c62=sendTime,1558019232&rnd=421560
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.203.60 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-30-203-60.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 May 2019 15:07:13 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 163ms
51ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42433:time[url:%2F,cdn_version:18]&s=af4c9512891beba751a8fbf484775b7c&1558019238747
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/a8v9omjCclKc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.theherald.com.au/
Origin: https://www.theherald.com.au

Response headers

Pragma: no-cache
Date: Thu, 16 May 2019 15:07:18 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 411ms
102ms Image
image/gif 3.92.15.142
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.74&tna=Mather&aid=v1&p=web&tz=UTC&tzoff=0&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=7&tvcfg=all&f_privb=0&tid=e02c324c-0579-454d-ae73-6a2622838637&pid=a8450dbc-44ee-44c3-8a2a-70f05848d353&dtm=1558019239032&qnm=_matherq&visible=1&tabid=50da3103-8c7b-46f6-a2c6-89d5495b1bf8&url=https%3A%2F%2Fwww.theherald.com.au%2F&vp=1600x1200&ds=1585x7118&tofa=1558019239&vid=1&duid=a61089b516ef6ff4&fp=3998842399&cid=ma30461&mrk=481249905&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU1ODAxOTIyNTU2NSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzOS43NzA3NDNtYiIsImhlYXBUIjoiNTMuMDQyODcxbWIiLCJmc3RQYWludCI6IjI5MjAiLCJmZXRjaFMiOiIzNjIiLCJkb21haW5TIjoiMzYzIiwiZG9tYWluRSI6IjQwMiIsImNvbm5TIjoiNDAyIiwiY29ubkUiOiI0MzgiLCJzc2xTIjoiNDE0IiwicmVxdVMiOiI0MzgiLCJyZXNwUyI6IjgxMSIsInJlc3BFIjoiMjg4MiIsImRvbUxvYWQiOiI4MTciLCJkb21JbnRlciI6IjMyMzUiLCJkb21Mb2FkUyI6IjMyMzYiLCJkb21Mb2FkRSI6IjMyNjQiLCJkb21DbXBsdCI6IjUxODMiLCJsb2FkUyI6IjUxODMiLCJsb2FkRSI6IjUyMjAifX0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.15.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-92-15-142.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.theherald.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 May 2019 15:07:19 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theherald.com.au/	1970-01-19 00:47:01	Name: _sp_ses.cd0e Value: *
.theherald.com.au/	1970-01-19 18:18:11	Name: _sp_id.cd0e Value: 89d76632aaf85e7c.1558019229.1.1558019229.1558019229
.theherald.com.au/	1970-01-19 18:18:11	Name: __gads Value: ID=01e0f916ad22186f:T=1558019229:S=ALNI_MZmem6fhYI9E_OX1-MPA1z0tM9oFw
www.theherald.com.au/	1970-01-19 00:47:06	Name: _stl Value: 1
www.theherald.com.au/	1970-01-19 18:18:11	Name: _las Value: 0
www.theherald.com.au/	1970-01-19 00:47:31	Name: kxfairfaxacm_visits Value: 1
www.theherald.com.au/	1970-01-19 18:18:11	Name: 420576909 Value: ji6sbnvol8e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://static.zdassets.com/web_widget/latest/web_widget.978983efead85e8f46bb.js(Line 8) Message: Our embeddable contains third-party, open source software and/or libraries. To view them and their license terms, go to http://goto.zendesk.com/embeddable-legal-notices

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	child-src * blob:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
advertising.oriel.io
assets.zendesk.com
b823s.com
beacon.krxd.net
buy-au.piano.io
by217.com
cdn-au.piano.io
cdn-gl.imrworldwide.com
cdn.fairfaxregional.com.au
cdn.krxd.net
cdn.onthe.io
cdn.optimizely.com
consumer.krxd.net
ekr.zdassets.com
errors.client.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
hm732.com
id-au.piano.io
js-sec.indexww.com
js.matheranalytics.com
match.adsrvr.org
newcastleherald.zendesk.com
nnstatic-a.akamaihd.net
ping.chartbeat.net
script.hotjar.com
secure-au.imrworldwide.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
sochi.fairfaxregional.com.au
static.chartbeat.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tt.onthe.io
vars.hotjar.com
www.fairfaxstatic.com.au
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.npttech.com
www.theherald.com.au
104.16.52.111
104.18.72.113
104.18.74.113
107.178.250.234
107.23.115.104
136.243.218.211
138.201.138.163
138.201.44.8
142.93.164.216
147.75.204.215
147.75.83.82
151.101.0.175
172.217.22.34
2.16.181.216
2.18.234.21
2600:9000:20bb:4400:1e:a43d:b640:93a1
2600:9000:20bb:7600:18:1fcd:349:ca21
2600:9000:20bb:9a00:14:e8dc:9940:93a1
2600:9000:20bb:be00:2:42d9:3100:93a1
2606:4700::6810:2a41
2606:4700:e4::ac40:a222
2a00:1450:4001:80b::2001
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::2008
2a00:1450:4001:820::2004
2a00:1450:4001:821::2002
2a00:1450:4001:824::2002
2a00:1450:4001:825::2002
2a00:1450:4001:825::200e
2a00:1450:400c:c08::9d
2a02:26f0:6c00:183::13b8
2a02:26f0:6c00:19d::1ba9
2a02:26f0:6c00::210:ba49
2a02:26f0:6c00::210:ba6b
3.92.15.142
34.196.234.179
52.30.203.60
52.49.216.17
52.65.63.14
54.172.174.181
54.217.209.208
88.99.106.112
95.216.24.148
006bcd48bf865825e46b8bab92c9c938a6e55246694d049241eee2e696dbf48d
02248b9b356d66ce75a856855925e068f0accb6d7a93cde522459e72c6ce9741
02b4519d09518b283b7a2a427f77fc4c7422542064b0acb35ced834995dddd3d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c0ab613b042bfbc9c5f5e9a9a547283fb9125b14846d9f4864ef3b853f6e7f9
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1ac2c7b85bdd8fc2b9219e5404775cc7283bc5152f6bf70fd0e5e683e87ae853
1cb3863e9ae8ddcb2ced99f68916d78c908f634316993f6a4b82707fa9c0e1d6
2a1ea144f62bf6e0c1eb4f022b0ed2ee33e46fd6d7a805f44c49650ca53daf4c
2a8350ad156df9702f344dfde49982ad163553e5393b086fc658df19b8de74b0
2a98b3b10247f3a9c87515d1a22a1f5ff0315f288d70a5c0edb7f47315e90200
2af904471216e1101423b2f6faa6cf5007eebfa2aea7438fd419605f3fdc55fa
2b141c19916841d85deef62c5e829492f3f92784be3f85b65beb3ad4f3f48658
2b2a58484d626ebe05c14698bf8488ed0734d2d60befdc1c13af99b60071bc03
2de6c03c57fa6f56315d0a90e9f188bf61ba1de455f0ceb50cd14902eba3d78a
30121367e1b2323392e95380e8df04d38c4c00126946e99b9d2597abdcfd2ac1
372814b54995a67278ae9e0c7cae3139cbf9223ce1843941dc86ca029c8d4776
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
47de29dd54d340be725f57f4f4b08ed58ab612ac7376199b7fd441376dee9654
4a182727f67e363ee9bae8e743947f3e56c807c9659cab3dd91e4b3320e7c15b
4abe9cdc849179867d36f46e63d86bfad9f88012a023889526f75df42ebcd8bf
4bacda126d4318418c593800f3ed310cdc4e9d0f0b4e5e7485f268d3e8ceb12d
4e7bbb56b609b0eab34a187e417daa43e74cbb03f467fcaa12f5ed5615fadf40
5024d862c9d18b5393a95464d736ee00d88bba8ce166774db11b131682425e95
52edbe109ac49d0b2065a86d9b66f47bfa49d6ae157eb077a330b6e6468b2b29
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5b376b9656bdae0ddbc27a370224a543a0279ea24c627eda3524335309973dea
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6355605e3df681ae62b6e9186d7f2992b348366c48291401183e12e8a0ac1449
675e48226e9457c0625d152828a05d6d1df2d2f82c1f37796dd9c8e322f444e0
67744fe3abc70b4eeac16c6e9fc06d056b8bb7e5f142804ff96a5befc55cdbf7
6feed27cb2bbf32a7c54e063b537c5be6ee7aab4e36a586fb733da2c05fdae5a
728175c2094ac11d1371369cddc1ab6985c1c588530a30c767f43e07c6de5a1a
73105bd49cc381afe3583872c08f24f301299ddeb7764b72c575cf02f8f8f2dd
73befba6079d62cda9ad97982f2de870df5bf6235cf67d8e78977d4a1509496b
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7abe57e3ac6419dd07499ca2a01c7e6c44fd646acedb7d0c4b4a89dd6adcff9e
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
80f16f6cc6ad09222b82ead9d638ce890ccebcf88a91984d9527b0537b48d524
8150191e6c92a50a143fb7158e59737fd8261fb28d3894ff65233fd4fa20013f
82f4eba71f16faf1d7c280a2b8c9138c2e465902deceb9e8a1590df6acce0a40
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86f1962100b67cc5225608b37c8c42fdb453f0e1dafde4b3ac5cd13f188a2e57
8a9fc6b7cc97c329b87a2c7ca7ec0b30ef584276333ff82b52dcb6c2b5a40bfd
8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb
8ee068e2b4b02c330d4b9b7943547cee6f4326342b9d6432945812bcaf0238a3
90493b7d09262ca31da85504d3fb39ec95a204e2cd8614ffd75a86b167ad2d79
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93d39da3773a26f38a235454f91d1d2a57a0d9d066c72f9a41452651b08e539e
94b7b00ea6b3939ad365c28a6c6779d8877517086d47043e778f91612e67948d
960381cdbe4eddade3c3b0c4d8bf5513cf9768c26c43db27e53df742f4f7b535
9926599f340fa47d63665b751525f58cad4aa90e110c9aa6f4489ffaf5a1dc11
a045644e3e18855f6abeeabf898f93d292eea4d4db9afb2aca954fe1cf083556
a161cba4b2b8a90e2ca19e935256925fa3920b6ed129ec1568fccbd1a290b1b1
a973cc2fc7a6aaa01a049277eb7032b95c6f35713604eae45fa6ce65032b9f68
abb0b45bc4bc0e6b957dae12f1800f512fc691a2a499ede129fe9c9beba1d601
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
af3493b3a347f14e1b8da7c7e2808274606ae5ff13d559c2525cdd477e3e5a21
b85d2c05bbb35dde5f7ceff8bd5e46d9e4381559565a795748b6a31a59a049a8
b8a8385400d498bd2379a4abd15c533ae635bc5a958198b339cd19662d062e39
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb555becf9cb272e5d13e3f54a07a06034900816f1805c4ec4df7d719d45ae17
be4aaab18446e78340c823c0c461eac098f748b6fbcd27e30100af266870eeb1
bf4bad2bed510d5a98da212aa8ace1554e0da88e7c72bf824ac66b671927153c
c16f2ab35d11169b90455bb2c9888d8dc396f2da1b37c886ad91d0162082b14f
cd257d196733acfdafab94b36a074f6de01c2d21ccfcf28215c443a7998ae340
ce9725c8fd030478ee28606364de5b03ac3ba8fe407276144cddf6650206851a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d075a83599848e3fe7a5ef7d22cddad3b6da99ce8b0c7b71a9a9016d0d754f19
d12b53b875b02458512c3049cd40119d0ac77b75b431a2cbbc997574b8eeb814
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
dbe42375f89b1b60e63cab69f39cf643e51318e004b58af528a3f44c4cafd711
de82c2a59238a710f2b780989c77d443eec90afe8416e8e70e50f8097cdadf16
e007cb3c9c1dbce7e62f8b0e9f98c7f3dfcc980dec237aa27e374e69429be68a
e072617c2a134d2d80d3c83fe4f98d78df7f1a91c49a48eca640751502028f01
e11a84380b3d8221e4b6a58a148be42e5e815a32c1449d6dee5d84b39c23dc58
e32d18ce4816c4bf5847e24fcafc650ea566be289229347f1c85fa59f35d728a
e38ea1af225b43e5e55a1264bbfaa0b2518ac03da73b403a4582fbf9d8c52d60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73fc1b0f2e75430243e466ea06d9f9d0a05df77e84924e606123c806d7e9061
eac2bc2c09f3efa6f2f8a2689f7afd875ee2b6ab03bf7841c48c793bb6f8b36a
ebcc5baa538ee8a13582cdc2decb26237567d4dae58350f8edb6da148c200bfb
ec2c5c23282a69a44cf751f989077cb6f74a2606c555fd24a2b551fb59bfb1d0
eeafacef5a6029fb54f0b596912d8d5f244924184a3133b8181a707d682f0d38
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0649633877c7786fd993b57e50d7da9e93182294ab500220bcc062d9b6c4af1
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f90061e3116a39fe12089aae5143fdc63620921a672a48d2a9e8baa18181232b
fc8252e5fceae65540379ff3739b79eab75d3fe1c5a81ab28d4bae70138517c8
ff865fd3ebf65b46f940231a357eb502b869a705b5354526997f4edc1c6e3dbc

www.theherald.com.au Open in urlscan Pro 2.16.181.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

100 %HTTPS

47 %IPv6

31 Domains

49 Subdomains

44 IPs

7 Countries

2517 kBTransfer

7822 kBSize

7 Cookies

26 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.theherald.com.au Open in urlscan Pro
2.16.181.216 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

100 %
HTTPS

47 %
IPv6

31
Domains

49
Subdomains

44
IPs

7
Countries

2517 kB
Transfer

7822 kB
Size

7
Cookies

93 HTTP transactions
15 data transactions