urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
2.18.233.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Submission: On July 03 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 63 IPs in 8 countries across 53 domains to perform 178 HTTP transactions. The main IP is 2.18.233.28, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 225613.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 38 2.18.233.28 16625 (AKAMAI-AS)
1 19 2.18.233.169 16625 (AKAMAI-AS)
1 151.101.2.217 54113 (FASTLY)
5 151.101.129.44 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 52.95.129.58 16509 (AMAZON-02)
2 52.95.134.54 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 151.101.65.44 54113 (FASTLY)
2 13.32.121.37 16509 (AMAZON-02)
4 23.205.241.50 16625 (AKAMAI-AS)
4 104.75.88.194 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 141.226.228.48 200478 (TABOOLA-AS)
1 2600:9000:225... 16509 (AMAZON-02)
2 5 172.217.18.102 15169 (GOOGLE)
1 2600:9000:236... 16509 (AMAZON-02)
1 10 172.217.18.2 15169 (GOOGLE)
1 108.138.7.28 16509 (AMAZON-02)
1 13.32.99.67 16509 (AMAZON-02)
1 151.101.1.175 54113 (FASTLY)
2 92.123.225.40 20940 (AKAMAI-ASN1)
3 2600:9000:224... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
1 52.222.214.98 16509 (AMAZON-02)
1 12 52.51.78.176 16509 (AMAZON-02)
1 44.195.113.55 14618 (AMAZON-AES)
1 52.213.95.155 16509 (AMAZON-02)
2 34.241.214.203 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 3.65.187.215 16509 (AMAZON-02)
2 13.225.85.149 16509 (AMAZON-02)
1 199.232.136.157 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.35.236.188 16625 (AKAMAI-AS)
1 142.250.185.66 15169 (GOOGLE)
2 4 185.33.221.11 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:0:890::100 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.74.90.159 16509 (AMAZON-02)
1 52.215.108.43 16509 (AMAZON-02)
2 15.188.95.229 16509 (AMAZON-02)
1 1 34.248.32.199 16509 (AMAZON-02)
1 2 185.33.220.145 29990 (ASN-APPNEX)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 69.173.144.138 26667 (RUBICONPR...)
1 2 142.250.185.162 15169 (GOOGLE)
1 15.197.193.217 16509 (AMAZON-02)
1 1 23.35.236.201 16625 (AKAMAI-AS)
2 3 104.18.18.126 13335 (CLOUDFLAR...)
1 1 199.127.207.182 26120 (RHYTHMONE)
1 1 3.120.214.218 16509 (AMAZON-02)
1 1 54.166.21.101 14618 (AMAZON-AES)
1 34.248.96.95 16509 (AMAZON-02)
1 1 69.192.160.219 16625 (AKAMAI-AS)
8 8 151.101.194.49 54113 (FASTLY)
1 35.244.159.8 15169 (GOOGLE)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 213.19.147.44 3356 (LEVEL3)
178 63
38    2.18.233.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com
heraldsun.com.au
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
19    2.18.233.169 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-169.deploy.static.akamaitechnologies.com
tags.news.com.au
resourcesssl.newscdn.com.au
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
5    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)
origin.go.heraldsun.com.au
2    52.95.129.58 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
2    52.95.134.54 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
1    2600:9000:223e:ee00:1f:1414:da40:93a1 (United States)

ASN16509 (AMAZON-02, US)
edition.pagesuite.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
2    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
4    23.205.241.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-50.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
4    104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
1    2600:9000:2251:6600:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.vidora.com
5    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net
ad.doubleclick.net
8228261.fls.doubleclick.net
1    2600:9000:236e:8800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
10    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
securepubads.g.doubleclick.net
1    108.138.7.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-28.fra56.r.cloudfront.net
ats.rlcdn.com
1    13.32.99.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-67.fra60.r.cloudfront.net
au.tags.newscgp.com
1    151.101.1.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    92.123.225.40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-40.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
3    2600:9000:2240:c600:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
1    52.222.214.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-98.fra56.r.cloudfront.net
cdn.adsafeprotected.com
12    52.51.78.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    44.195.113.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-113-55.compute-1.amazonaws.com
ping.chartbeat.net
1    52.213.95.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-95-155.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    34.241.214.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-214-203.eu-west-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    2600:9000:2190:5800:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
v7wnkrcqnn0fxfphbouru4pbwbq9u1656831702.nuid.imrworldwide.com
1    3.65.187.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-187-215.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
2    13.225.85.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-149.fra2.r.cloudfront.net
js.adsrvr.org
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
4    185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e61c7690020ca5005d3a32fecc92150f.safeframe.googlesyndication.com
1    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
5    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
m.doubleclick.net
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
marketingplatform.google.com
2    3.74.90.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-90-159.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
1    52.215.108.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-108-43.eu-west-1.compute.amazonaws.com
newscorpau.demdex.net
2    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
metrics.heraldsun.com.au
1    34.248.32.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-32-199.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
image5.pubmatic.com
3    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
dsum-sec.casalemedia.com
1    199.127.207.182 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
1    3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    54.166.21.101 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-21-101.compute-1.amazonaws.com
usermatch.krxd.net
1    34.248.96.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-96-95.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
8    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    213.19.147.44 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
Apex Domain
Subdomains		 Transfer
27 heraldsun.com.au
heraldsun.com.au — Cisco Umbrella Rank: 206728
www.heraldsun.com.au — Cisco Umbrella Rank: 225613
origin.go.heraldsun.com.au
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
845 KB
19 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 189
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 556658
googleads.g.doubleclick.net Failed
m.doubleclick.net — Cisco Umbrella Rank: 454540
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
192 KB
14 api.news
content.api.news — Cisco Umbrella Rank: 60462
208 KB
13 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 192
newscorpau.demdex.net — Cisco Umbrella Rank: 91295
17 KB
10 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 83666
82 KB
10 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 51880
mhr.talk.news.com.au — Cisco Umbrella Rank: 644909
215 KB
9 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 850
sync-tm.everesttech.net — Cisco Umbrella Rank: 612
2 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
marketingplatform.google.com — Cisco Umbrella Rank: 23158
549 B
7 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 591
secure.adnxs.com — Cisco Umbrella Rank: 408 Failed
ib.adnxs.com — Cisco Umbrella Rank: 244 Failed
9 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
e61c7690020ca5005d3a32fecc92150f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160 Failed
13 KB
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 982
trc.taboola.com — Cisco Umbrella Rank: 672
am-trc-events.taboola.com — Cisco Umbrella Rank: 14634
175 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2752
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 7227
v7wnkrcqnn0fxfphbouru4pbwbq9u1656831702.nuid.imrworldwide.com
68 KB
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1709
bs.serving-sys.com — Cisco Umbrella Rank: 1051
lm.serving-sys.com — Cisco Umbrella Rank: 1808
26 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 836
22 KB
4 amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 880799
60 KB
3 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1349
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608
3 KB
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1332
insight.adsrvr.org Failed
match.adsrvr.org — Cisco Umbrella Rank: 367
5 KB
3 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 112134
3 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 501
1 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1270
beacon.krxd.net — Cisco Umbrella Rank: 457
529 B
2 pubmatic.com
image5.pubmatic.com — Cisco Umbrella Rank: 38909
image2.pubmatic.com — Cisco Umbrella Rank: 865
574 B
2 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 711
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
453 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
86 KB
2 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3596
pixel.adsafeprotected.com — Cisco Umbrella Rank: 536
8 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 134
2 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3602
32 KB
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 540
107 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
542 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 387
275 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 483
488 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 976
418 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 23765
698 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 909
402 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
43 KB
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 127414
3 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7751
792 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
17 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 780
3 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 632
15 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1095
201 B
1 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4020
1 KB
1 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 99115
48 KB
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1392
36 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1217
24 KB
1 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 11987
5 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 964
12 KB
1 pagesuite.com
edition.pagesuite.com — Cisco Umbrella Rank: 93066
49 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
2 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5954
7 KB
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 twitter.com Failed
analytics.twitter.com Failed
0 t.co Failed
t.co Failed
0 mookie1.com Failed
au-gmtdmp.mookie1.com Failed
178 53
Domain Requested by
22 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
14 content.api.news www.heraldsun.com.au
12 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
10 securepubads.g.doubleclick.net 1 redirects tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
10 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
9 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
8 sync-tm.everesttech.net 8 redirects
5 www.google.com securepubads.g.doubleclick.net
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.heraldsun.com.au
4 secure.adnxs.com www.heraldsun.com.au
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 trc.taboola.com cdn.taboola.com
3 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 sync.search.spotxchange.com 1 redirects
2 ssum.casalemedia.com 2 redirects
2 cm.g.doubleclick.net 1 redirects
2 metrics.heraldsun.com.au tags.news.com.au
2 lm.serving-sys.com secure-ds.serving-sys.com
2 ib.adnxs.com www.heraldsun.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 js.adsrvr.org secure-ds.serving-sys.com
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 am-trc-events.taboola.com www.heraldsun.com.au
2 sb.scorecardresearch.com cdn.taboola.com
www.heraldsun.com.au
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
2 news-networkeditorial.s3.ap-southeast-2.amazonaws.com www.heraldsun.com.au
2 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
1 sync.1rx.io
1 www.facebook.com
1 image2.pubmatic.com
1 us-u.openx.net
1 dsum-sec.casalemedia.com
1 pixel.rubiconproject.com
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 ps.eyeota.net 1 redirects
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com 1 redirects
1 match.adsrvr.org
1 token.rubiconproject.com
1 d.turn.com 1 redirects
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 marketingplatform.google.com www.heraldsun.com.au
1 m.doubleclick.net 1 redirects
1 www.googletagservices.com securepubads.g.doubleclick.net
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 e61c7690020ca5005d3a32fecc92150f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.googleadservices.com secure-ds.serving-sys.com
www.googletagmanager.com
1 acdn.adnxs.com www.heraldsun.com.au
1 snap.licdn.com www.heraldsun.com.au
1 static.ads-twitter.com www.heraldsun.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 v7wnkrcqnn0fxfphbouru4pbwbq9u1656831702.nuid.imrworldwide.com www.heraldsun.com.au
1 pixel.adsafeprotected.com cdn.adsafeprotected.com
1 ping.chartbeat.net www.heraldsun.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 pagead2.googlesyndication.com ad.doubleclick.net
1 nebula-cdn.kampyle.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 ats.rlcdn.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 assets.vidora.com www.heraldsun.com.au
1 use.fontawesome.com cdn.taboola.com
1 mhr.talk.news.com.au www.heraldsun.com.au
1 edition.pagesuite.com www.heraldsun.com.au
1 origin.go.heraldsun.com.au www.heraldsun.com.au
1 cdn.ampproject.org www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
1 heraldsun.com.au 1 redirects
0 googleads.g.doubleclick.net Failed www.googleadservices.com
0 px.ads.linkedin.com Failed www.heraldsun.com.au
0 analytics.twitter.com Failed www.heraldsun.com.au
0 t.co Failed www.heraldsun.com.au
0 au-gmtdmp.mookie1.com Failed www.heraldsun.com.au
0 insight.adsrvr.org Failed www.heraldsun.com.au
178 86

This site contains no links.

Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-12 -
2022-11-13		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
origin.go.heraldsun.com.au
R3		 2022-05-14 -
2022-08-12		 3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2021-12-15 -
2022-12-14		 a year crt.sh
edition.pagesuite.com
Amazon		 2021-10-18 -
2022-11-15		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.vidora.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
au.tags.newscgp.com
Amazon		 2022-01-11 -
2023-02-08		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
secure-ds.serving-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-05 -
2023-03-08		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
web.app
GTS CA 1D4		 2022-06-13 -
2022-09-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh

This page contains 18 frames:

Primary Page: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Frame ID: 4F622E0C5C291E3C4DCB5A2EFC9370CD
Requests: 130 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=gighEZkSpmMT33ru0aXUglX2Lcejs5KI&nonce=8wzXfVe8UngukJYIXqcJl01VUlm2FxN4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: 4DDA53B7BA255BA4D509910E6D530EB6
Requests: 3 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: BDDE2A3F6CD9DEB1AFED148A22CFE279
Requests: 3 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 71EC08E451D9B50535C0A16E4AE2259F
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 169BDC7443263BAC49CCF8F3E3589F04
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: FCA657251DA32DA403B8C945D7BB469D
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: BB5B9FDE1C6E2690303261A288517D07
Requests: 2 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 2E346860D84E843043F8969E4B889E7F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: B4A3B306128CDE1F9868BD54418B5BBB
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIiX_YiT3PgCFeBDHQkd5ggBxQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6325342907729.552
Frame ID: 72AF20986680A6E972A0489A22A39885
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKiV_YiT3PgCFRbkGwodFAIDow;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9204100755291.344
Frame ID: 1284E69B1DE900E51E4FF945EE5B2C88
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 1B004AB24DB65C0F76FCC788D63A5C8F
Requests: 2 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 279D969B968EFCADADB7E861F0257292
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
Frame ID: C4BBD4C39286271A70D6D771AAD45000
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 528FF815DE132A124E88AB0CDEF8E600
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 27F4A39D25F89C627FC95CA9250A9F1F
Requests: 1 HTTP requests in this frame

Frame: https://e61c7690020ca5005d3a32fecc92150f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3408FF096BB5C2FDB5D9FDC1A0506446
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: CBAD1E6425B03FDBD02B0AAA1FDA8415
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://heraldsun.com.au/ HTTP 301
    http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&165... HTTP 302
    https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

178
Requests

81 %
HTTPS

31 %
IPv6

53
Domains

86
Subdomains

63
IPs

8
Countries

2330 kB
Transfer

6093 kB
Size

58
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heraldsun.com.au/ HTTP 301
    http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1656831697706203174 HTTP 302
    https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1656831702638 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1656831702638
Request Chain 104
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6325342907729.552 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIiX_YiT3PgCFeBDHQkd5ggBxQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6325342907729.552
Request Chain 105
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9204100755291.344 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CKiV_YiT3PgCFRbkGwodFAIDow;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9204100755291.344
Request Chain 110
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Request Chain 111
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Request Chain 112
  • https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Request Chain 148
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-8eOSTgY21t2_4Yae76V8k9cMTWCgVDibzdn3qS6BJ4HkwLcZS24ys3sYR8ij8cmwxB2J-_FrqYxKtqkZxVCTDt2S4Q082sz6TJkxvvBDd16O0avVHTHd7AwmRoy8kRN8a_FUBm_L_Vt70GPG1LxKWgi8q582flKdE_TQRG2PMYRxEx8JOhp3W1c_TZrilCIBgsQEgu5znEiWYEtQeXvGF65CD_tunIBtwS9mN_-CSNOMLq78rJXJuaqI4cZLw1fXVrCzKjzQWfxR6CCJLDpFzGzw31_w1FK7h3c4WyDF-AbqKlYYdFD2_Yqm17ohJTaO&sig=Cg0ArKJSzFc9W_lctv3KEAE&uach_m=[UACH]&urlfix=1&adurl=http://m.doubleclick.net HTTP 302
  • https://m.doubleclick.net/ HTTP 301
  • https://marketingplatform.google.com/about/enterprise/
Request Chain 155
  • https://cm.everesttech.net/cm/dd?d_uuid=58596104037949955143735047307868381066 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YsE_2AAAAIKOyQN6
Request Chain 157
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=244323150248434036
Request Chain 158
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3538227364592229619
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTg1OTYxMDQwMzc5NDk5NTUxNDM3MzUwNDczMDc4NjgzODEwNjY= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI9qXuPiC_tn8xmxc-nvNqo&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 163
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Request Chain 164
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YsE.2c8M8kRBqiIK9PGwoAAA%262182
Request Chain 165
  • https://dt.scanscout.com/ssframework/uid?UIAA=58596104037949955143735047307868381066&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-6150b8c5dd239d41560acd975e100be6
Request Chain 167
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=58596104037949955143735047307868381066&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 168
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=58596104037949955143735047307868381066 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=58596104037949955143735047307868381066
Request Chain 169
  • https://tags.bluekai.com/site/43981?id=58596104037949955143735047307868381066&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 170
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXNFXzJBQUFBSUtPeVFONg==
Request Chain 171
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YsE_2AAAAIKOyQN6&expires=90
Request Chain 172
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YsE_2AAAAIKOyQN6
Request Chain 173
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YsE_2AAAAIKOyQN6
Request Chain 174
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YsE_2AAAAIKOyQN6
Request Chain 175
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YsE_2AAAAIKOyQN6
Request Chain 176
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YsE_2AAAAIKOyQN6&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YsE_2AAAAIKOyQN6&img=1&__user_check__=1&sync_id=00a05589-fa9e-11ec-b297-11482f420106
Request Chain 177
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YsE_2AAAAIKOyQN6&t=2592000&o=0

178 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://heraldsun.com.au/
  • http://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1656831697706203174
  • https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
467 KB
86 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
5c01f5ce1bf402eb4e4c08a5804f401c22e375a4dc3834bd0f8e8523833b96f6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Sun, 03 Jul 2022 07:01:40 GMT
expires
Sun, 03 Jul 2022 07:01:40 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 477903 0 pmb=mTOE,2
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d43fea6deba2873d6b12a28a65bc6abef-1656831698&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=43fea6deba2873d6b12a28a65bc6abef
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
ewr4 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Sun, 03 Jul 2022 07:01:38 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
expires
Sun, 03 Jul 2022 07:01:38 GMT
location
https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
vary
Accept-Encoding
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=19
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Wed, 08 Jun 2022 04:22:48 GMT
server
nginx
etag
"62a02418-37"
vary
User-Agent
content-type
text/css
expires
Sun, 03 Jul 2022 07:01:43 GMT
cache-control
max-age=2
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
533053FB3A9BBEB1
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=548342
accept-ranges
bytes
content-length
11472
x-amz-id-2
xBEbiDmsGGltI8Yg/6KV5ma/tLJEH/HiZG5unHSXzQFkD4NszIa428e99eKOR042iS4/6NqWxw8=
expires
Sat, 09 Jul 2022 15:20:43 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
3WXP1W2RKAAGHS0W
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=494569
accept-ranges
bytes
content-length
12052
x-amz-id-2
sgl+uWYNcbsUMi1SoCANwENT1wSLHTIxpLLRzFQmQKznCCtNhGVUtDmaaQpPwMYuAP+73hgPiDY=
expires
Sat, 09 Jul 2022 00:24:30 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
AEE771784BE8E492
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=178768
accept-ranges
bytes
content-length
12440
x-amz-id-2
CQatRZwvOTmZYKmofckwfPjIQ72xI2/e6C6jrdAEi+sxTNpCJz/fBRWU8ywSln8isEeBrTgmlYg=
expires
Tue, 05 Jul 2022 08:41:09 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
3F5A70DC90317950
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=381933
accept-ranges
bytes
content-length
11372
x-amz-id-2
GhbyfZxKs0nm6bFANFLXrysx5G1RRpQV5WOMPiMoq4gBbz09i4y7YGzefvmdaW/PW2mAGUdlO4Y=
expires
Thu, 07 Jul 2022 17:07:14 GMT
lux.js
cdn.speedcurve.com/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
749017b53b677c8309df48f408a6446f0d29e8256fe34d6a8521ce804b1e370e

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
via
1.1 vegur, 1.1 varnish
age
1529
x-cache
HIT
x-cache-hits
10
content-encoding
gzip
content-length
6552
x-served-by
cache-hhn4052-HHN
last-modified
Sun, 03 Jul 2022 06:36:12 GMT
server
Apache
x-timer
S1656831701.040494,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Jul 2022 06:36:12 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e43a9be34768043331e20e47029473a5dcf74f05773f9b0a44cd3dd3679b8b20
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
ewr4 0 2 9980
last-modified
Wed, 29 Jun 2022 03:38:23 GMT
server
nginx
etag
W/"62bbc92f-879"
vary
User-Agent
content-type
application/javascript
expires
Sun, 03 Jul 2022 07:01:42 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7c40041601fa59ead6c98469927051be207daf33331a8e35104b8e30be482f63
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2945
x-rq
ewr4 0 2 9980
last-modified
Wed, 29 Jun 2022 03:38:23 GMT
server
nginx
etag
W/"62bbc92f-1d61"
vary
User-Agent
content-type
application/javascript
expires
Sun, 03 Jul 2022 07:01:50 GMT
cache-control
max-age=9
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1440
x-rq
ewr4 0 2 9980
last-modified
Thu, 09 Jun 2022 04:13:50 GMT
server
nginx
etag
W/"62a1737e-2884"
vary
User-Agent
content-type
text/css
expires
Sun, 03 Jul 2022 07:01:42 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
sin2 0 2 9980
last-modified
Wed, 08 Jun 2022 04:22:47 GMT
server
nginx
etag
W/"62a02417-7b68"
vary
User-Agent
content-type
text/css
expires
Sun, 03 Jul 2022 07:01:46 GMT
cache-control
max-age=5
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
sin2 0 2 9980
last-modified
Wed, 08 Jun 2022 04:22:47 GMT
server
nginx
etag
W/"62a02417-b62"
vary
User-Agent
content-type
text/css
expires
Sun, 03 Jul 2022 07:01:41 GMT
cache-control
max-age=0
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		226 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5512db3bd3c5b732fe3da927f20d0664e214df0a274297456d780ff6bf12a79a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
4M2yyDZTFSnS1NA6WrbvpQ_kWs8YN49s
content-encoding
gzip
etag
"2b1178a78cfbd9ff66c1a3baa6a02946"
age
0
x-cache
HIT
content-length
34435
x-amz-id-2
OC9KQUUob/XLVARiXLmQPqOHeY1Rst1DLb6YF8reRsZhgvIgxGl+kZ5/jTSLNF5q+F2mq4bsyiA=
x-served-by
cache-hhn4024-HHN
last-modified
Thu, 30 Jun 2022 12:21:56 GMT
server
AmazonS3
x-timer
S1656831701.039152,VS0,VE103
date
Sun, 03 Jul 2022 07:01:41 GMT
vary
Accept-Encoding
x-amz-request-id
SP6K74JP8T8E5NW9
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
49
x-cache-hits
1
1778f733
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/1778f733
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4104e4ff34495ddbbb18aafe107f21ce692b68acc078862ddc9720848b9c3b6d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
etag
"b90e9e341081e0d436759827a658d46004cd328b0b77cfc617b46cdb0cf05135"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
8764
pragma
no-cache
x-bpath
OLD
blaizehappened
true
date
Sun, 03 Jul 2022 07:01:42 GMT
vary
User-Agent, Accept-Encoding
content-type
application/javascript
expires
Sun, 03 Jul 2022 07:01:42 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f1778f733&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=1778f733&session=43fea6deba2873d6b12a28a65bc6abef
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3055
x-rq
ewr4 0 2 9980
last-modified
Mon, 20 Jun 2022 07:46:30 GMT
server
nginx
etag
W/"62b025d6-1f69"
vary
User-Agent
content-type
image/svg+xml
expires
Sun, 24 Jul 2022 06:08:43 GMT
cache-control
max-age=1811222
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
dffa72a98b0b8aea6d168b4cb1c18b95
content.api.news/v3/images/bin/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/dffa72a98b0b8aea6d168b4cb1c18b95?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
929d79ca49de2da8d7ffa6bf6dba0efeacf4128dd41d82d5b6bd02ee9d958be3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
dffa72a98b0b8aea6d168b4cb1c18b95
date
Sun, 03 Jul 2022 07:01:41 GMT
last-modified
Sun, 03 Jul 2022 05:37:08 GMT
server
Akamai Image Manager
etag
a7fa1e7d42eec3c6c07896a6ff3052f9-dffa72a98b0b8aea6d168b4cb1c18b95-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5178982
access-control-allow-headers
x-newsapi-api-key
content-length
53936
expires
Thu, 01 Sep 2022 05:38:03 GMT
74c5e883d913c79c24f8ded17c9f6c0b
content.api.news/v3/images/bin/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/74c5e883d913c79c24f8ded17c9f6c0b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
10ca87f96c30a6db4b46cb0d6d1a960f3712b7841c33cafe08cffd37c11d28e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
74c5e883d913c79c24f8ded17c9f6c0b
date
Sun, 03 Jul 2022 07:01:41 GMT
last-modified
Sun, 03 Jul 2022 05:36:10 GMT
server
Akamai Image Manager
etag
a8fc889c3d8623ff60ba38840fe93628-74c5e883d913c79c24f8ded17c9f6c0b-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5178866
access-control-allow-headers
x-newsapi-api-key
content-length
2871
expires
Thu, 01 Sep 2022 05:36:07 GMT
ee370a6dd52c9b83d231c384f2f98ff8
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ee370a6dd52c9b83d231c384f2f98ff8?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2481125362e7835edf4fe6befb0e5963de4bf0deb329b010db9acff86fdf6d4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
ee370a6dd52c9b83d231c384f2f98ff8
date
Sun, 03 Jul 2022 07:01:42 GMT
last-modified
Sun, 03 Jul 2022 06:52:05 GMT
server
Akamai Image Manager
etag
451f8f39d24d90b1ab232d86b7de7f31-ee370a6dd52c9b83d231c384f2f98ff8-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183418
access-control-allow-headers
x-newsapi-api-key
content-length
3904
expires
Thu, 01 Sep 2022 06:52:00 GMT
027e71e7e22b243b01c50df4441ff007
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/027e71e7e22b243b01c50df4441ff007?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
716f66f3505d6a18222fd28a0e45b807dc0bf1a6747e4cc1788fe9c6bf8c3408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
027e71e7e22b243b01c50df4441ff007
date
Sun, 03 Jul 2022 07:01:41 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
36baba9a736e87e825abde4bf8246a1e-027e71e7e22b243b01c50df4441ff007-150
x-serial
2031
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5171131
last-modified
Sun, 03 Jul 2022 03:28:21 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
5409
expires
Thu, 01 Sep 2022 03:27:12 GMT
e192aa43f9527d4bbfc32761bfad95cb
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e192aa43f9527d4bbfc32761bfad95cb?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dabd3a568622874eaf44f568bc385d5d70b47caea7a5b2011200ca8230449999

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
e192aa43f9527d4bbfc32761bfad95cb
date
Sun, 03 Jul 2022 07:01:41 GMT
last-modified
Sun, 03 Jul 2022 00:14:14 GMT
server
Akamai Image Manager
etag
548e78c8e9c2edb36dd70c1078c10cac-e192aa43f9527d4bbfc32761bfad95cb-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5159501
access-control-allow-headers
x-newsapi-api-key
content-length
3371
expires
Thu, 01 Sep 2022 00:13:22 GMT
bbaf3bb055dba7d2a454d24f85375f72
content.api.news/v3/images/bin/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/bbaf3bb055dba7d2a454d24f85375f72?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e610bdc7162c11ac9c5ff569e94418df5f92e8eb042ba013e3a08f353d6e2b49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
bbaf3bb055dba7d2a454d24f85375f72
date
Sun, 03 Jul 2022 07:01:42 GMT
last-modified
Sun, 03 Jul 2022 04:04:15 GMT
server
Akamai Image Manager
etag
1e7f75720c0891bdd4a3edfd16e4967e-bbaf3bb055dba7d2a454d24f85375f72-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5173441
access-control-allow-headers
x-newsapi-api-key
content-length
48570
expires
Thu, 01 Sep 2022 04:05:43 GMT
a5ab8946f3e2e3730e98cd50b3bebeb1
content.api.news/v3/images/bin/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a5ab8946f3e2e3730e98cd50b3bebeb1?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fa47a8fd2392896d53c3a5422cac552753cadf89504fac94dc0beddab3a8868f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
a5ab8946f3e2e3730e98cd50b3bebeb1
date
Sun, 03 Jul 2022 07:01:41 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
ea3b908c78953be50d07a9f837465116-a5ab8946f3e2e3730e98cd50b3bebeb1-650
x-serial
1518
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5173305
last-modified
Sun, 03 Jul 2022 04:04:32 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
28443
expires
Thu, 01 Sep 2022 04:03:26 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
92EFC4E0BE55F80E
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=392453
accept-ranges
bytes
content-length
16112
x-amz-id-2
N7ERn0RKwPhA8Zi7U8MQ8VTcyYasxbjcb3W3BBArlCiKt/WLLPLpVxJoOrR6NfrBjc/po+spMTY=
expires
Thu, 07 Jul 2022 20:02:34 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
4KKNKYW64AW6JK5G
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=406789
accept-ranges
bytes
content-length
15948
x-amz-id-2
Noabl2bapUAq3DzRGk1mCb2aLzPocT6E+u+FHGtQQnObh4IOuUzKUVPdjA5WABchbG3sEhbC5CU=
expires
Fri, 08 Jul 2022 00:01:30 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
504D77E5FA85043F
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=406104
accept-ranges
bytes
content-length
540
x-amz-id-2
SfyGNr0xC3gGNdMzZjgt+eJgd3ukJ7Nv6Yl3GvRYVxj6veZ66vLb81mWlvXXQcNgDWF4xt8O4Iw=
expires
Thu, 07 Jul 2022 23:50:05 GMT
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
date
Sun, 03 Jul 2022 07:01:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"d36af67b319b3cd4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 03 Jul 2022 07:01:41 GMT
BOB_Image_350x197_GENERIC-2.png
origin.go.heraldsun.com.au/wp-content/uploads/2022/05/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.go.heraldsun.com.au/wp-content/uploads/2022/05/BOB_Image_350x197_GENERIC-2.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5ebed5fe3bc3042af0036684e962947b7be2953599864d6481cb2a05475618d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
x-rq
hhn2 109 88 443
last-modified
Tue, 24 May 2022 06:24:14 GMT
server
nginx
etag
"35a1fcd7b37ba96c"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30798
expires
Wed, 24 May 2023 06:24:14 GMT
rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.58 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 07:01:43 GMT
Last-Modified
Thu, 09 Sep 2021 21:17:00 GMT
Server
AmazonS3
x-amz-request-id
9DA3Z1MCA2GZVVYC
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
bKt7O2tQdlOBsR75b/VdsAd3r6K158nB7Tx8Qm3jtSfenNrcQBxu7cBB1fTuCT/CIQsuZ21aT3M=
games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.54 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 07:01:43 GMT
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
9DAETGV88V7355V3
ETag
"2fa79b1c302fa407df95b287a47e01bc"
Content-Type
image/svg+xml
x-amz-version-id
mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges
bytes
Content-Length
4533
x-amz-id-2
R7NoHVzaiZ0FdJwLIE4sPLxg98rUB6Hnat04YNJJFpE4UqNZfC3RQfA3hZopA/V+9QBCyRKR9p0=
horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.54 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 07:01:43 GMT
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
9DA2TV8RCWEJFVYD
ETag
"e9dc4230a2305a0cb7743e2ade763349"
Content-Type
image/svg+xml
x-amz-version-id
NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Accept-Ranges
bytes
Content-Length
9223
x-amz-id-2
bNAWZfWj0OCIvNSm2sl5sy8z4B/XqbJBcsx04osK/Iehr69khphbYB9HgdZ2AlmxM1UevarAIEg=
braingains.svg
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/braingains.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.58 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 07:01:43 GMT
Last-Modified
Wed, 15 Dec 2021 03:04:45 GMT
Server
AmazonS3
x-amz-request-id
9DAE1S52XJHFNE5C
ETag
"a5e3e51d1e5816755ebf71f5ea933857"
Content-Type
image/svg+xml
x-amz-version-id
BSPbSueNKMvcQ7CCwOmuub6mQNodfiBJ
Accept-Ranges
bytes
Content-Length
17305
x-amz-id-2
/4Fmnlil5sBMRRqvSFmQglWfQTHYHNNgpb7s84+URxQzHNbopyZkH7DWOrNPGhVAho9PYmU3Xd8=
get_image.aspx
edition.pagesuite.com/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edition.pagesuite.com/get_image.aspx?pbid=38d72c05-d55e-479e-a6ea-985d57be1901&h=400
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ee00:1f:1414:da40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
75288f63bb35d4236a4e63643603c165e1b9c90ecfa07a5f7c24c6fc4132184c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
last-modified
Sat, 02 Jul 2022 17:19:49 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA56-P4
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
private
x-amz-cf-id
zAwn3WzVfWZl3B9c71tfodesnWG4h9-lQ8SVcUlByBd6qNVZONYWsQ==
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2891
x-rq
ewr4 0 2 9980
last-modified
Mon, 13 Jun 2022 23:56:07 GMT
server
nginx
etag
W/"62a7ce97-1e5e"
vary
User-Agent
content-type
image/svg+xml
expires
Mon, 18 Jul 2022 13:42:48 GMT
cache-control
max-age=1320067
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
/
www.heraldsun.com.au/_static/ 		98 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZqbGlsYWpqVkWAK+tIis=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
100749
x-rq
sin2 0 2 9980
last-modified
Mon, 30 May 2022 19:22:36 GMT
server
nginx
vary
User-Agent
content-type
application/javascript
cache-control
max-age=6
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Sun, 03 Jul 2022 07:01:47 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
cache-control
max-age=16400
server
AkamaiNetStorage
content-type
application/x-javascript
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
7980CE79243196B5
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=406106
accept-ranges
bytes
content-length
535
x-amz-id-2
rKrGs4EAQoTEcjzEqvvzWct0qX1GQTXzeknYL5aOnpLO3GvgvzwnTV5gVH06OFBc1onIVCov9h4=
expires
Thu, 07 Jul 2022 23:50:07 GMT
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
etag
"1a868d280f9424f5d82876d6cf0c46b9"
age
110
x-cache
HIT, MISS
content-length
1123
x-amz-id-2
yxa33w5YlDaJ0YNoKZSDZ3WpgUpX7mDiO0dD0XOqoe4oN2IuKvfSbyoF3YEJyI8/4Gq2lJBKx7U=
x-served-by
cache-sna10742-LGB, cache-hhn4058-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1656831702.935263,VS0,VE299
date
Sun, 03 Jul 2022 07:01:42 GMT
vary
Accept-Encoding,,
x-amz-request-id
KTJKHJEYMXS90HY5
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 0
impl.20220630-7-RELEASE.js
cdn.taboola.com/libtrc/ 		671 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220630-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a40e81f82a033e6fd178164e4db47d404144036cb805b56968f184036614b488

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
YkJDfpaKLZRbY6ZWoP8Fe14vyP6Wi4Td
content-encoding
br
etag
"32bcd6ce214cbd01d46ba2964a1cb1ab"
age
20222
x-cache
HIT
content-length
141741
x-amz-id-2
OQDf2inIEroR9Jq4p4Z+wQPKgQM54Ylsr1YKxPgOE2w4mtN9Kuf+/u7E2vN8HVUNxoj8IPqnpgw=
x-served-by
cache-hhn4024-HHN
last-modified
Thu, 30 Jun 2022 09:24:39 GMT
server
AmazonS3-br
x-timer
S1656831701.432265,VS0,VE0
date
Sun, 03 Jul 2022 07:01:41 GMT
vary
Accept-Encoding
x-amz-request-id
GEPWTF67G6HMSSFW
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
96
x-cache-hits
5211
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 14:25:27 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
59774
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
EWroTef7_AVoxVxQz7FR1Ux6OQ7yxoGgca_Hz-fqxsV2DKNNUk4OKQ==
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=19
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Wed, 08 Jun 2022 04:22:48 GMT
server
nginx
etag
"62a02418-37"
vary
User-Agent
content-type
text/css
expires
Sun, 03 Jul 2022 07:01:43 GMT
cache-control
max-age=2
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.heraldsun.com.au/remote/identity/rampart/v1/latest/ 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/v1/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d5d5b74eccbf33379fe86a09ee091aaf3611f618712b8d1c752fdf9dfe17b5c9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
vary
User-Agent, Accept-Encoding
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
AkamaiNetStorage
etag
"d621d3114838a04e1312bf169fc27093:1648635204.357197"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=1363
date
Sun, 03 Jul 2022 07:01:41 GMT
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Sun, 03 Jul 2022 07:24:24 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=19
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e7668c040cf017099cf12b7948b9b7d45a1d5e3aacc3f278d17737ea4191f564
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
22557
x-rq
ewr4 0 2 9980
last-modified
Wed, 29 Jun 2022 03:38:23 GMT
server
nginx
etag
W/"62bbc92f-130a2"
vary
User-Agent
content-type
application/javascript
expires
Sun, 03 Jul 2022 07:02:17 GMT
cache-control
max-age=36
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=19
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
80453c080c52c7722fddf1e4b063987abbed4852da6caacf5266d4acdb7e247b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:41 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2098
x-rq
bom2 0 2 9980
last-modified
Wed, 29 Jun 2022 03:38:23 GMT
server
nginx
etag
W/"62bbc92f-18f7"
vary
User-Agent
content-type
application/javascript
expires
Sun, 03 Jul 2022 07:01:42 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
comments-count
mhr.talk.news.com.au/api/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=be2d3244dacd9b90b347110ef5d572d9,12d5da31d617d8ad25b02d3762acabd5,b1ee2e09b4ab652c5c35d77c1c412861,857038db0f86c06a722d7697c4883a55,9e0eb84968bc97e5bf1e7e5a08ab24fc,e1e2702cc15fd86ad8e99f59d589e103,bd491d64b2b6d7afe96d3af6a24f74aa,77f497031cef499c83e56db3f539bb56,9deefdcd16ee9585ec4b4867ffb17345,324655acc6cbe968b6e338eef0fa9950,9b3c8f93aee4bb513254caf981ae501d,000f718b3ee7ce33148339d17e425507,5f9fc1b045cc620814ff389d8ed1744f,61121f10377096ecbfe274fd7c7d2116,b3b38aa2cf2a1b1071ae166b73f1bd79,48648fd3a430218bc705ba8955f5fb53,3f78fe593d993a0624156e5c765f6b26,d6c65cf1d521ac6bfbe981abaed80898,35bb84382f80f289b104700d552fdde1,3bd1c4409051338f62295ef3d07d4395,86ab3c3127fc951b159937522f7a0ea0,e14e6e6f9755278451fdc400f5334e88,d2718f7f8dc05b3e4b6e48c206c05eaf,d776702aae3cf32219229536454606cd,936f3575087024bcc542f0a2e6027580,3daf646845b2b24973ecffac480f7aed,9072c53a25e226ccde84f7d8b31eee96,cac0ab0cf6915e5bcd456c1f202a05f1,9141b663144a704b1dfc9e9378f0fe1c,592a67b4bd820079c1130afb02031b4d,dfbfc557a1077a8bf23ec617da2f0179,35802032d19fc4f8f5a6f31e390f743c,2102d030082df385f596640261e36f04,7d9a7ab6a41ea14b682994eb68d59b8f,361fc874f457d8e974108d36ee17451e,61dbd39c00ca8e9059fbf86fe6e9634b,c5445a906f7d3e834ebf1acb1beece61
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
f2c7d9bcd8708fd81d9bda31e61698035a1057973700406c3afb7b6e50403551
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.20.1
etag
W/"575-xykpYh5swUpYqmMat6qNpGCsd2I"
x-download-options
noopen
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
access-control-allow-origin
*
date
Sun, 03 Jul 2022 07:01:43 GMT
x-talk-trace-id
fea46980-fa9d-11ec-9027-07202f000354
vary
Accept-Encoding
content-length
805
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c52b2c3b413d3bf3f6dfcc76384b086aa702597fa5d4c79dcdab8499017eb996
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
vary
User-Agent
content-length
1718
x-rq
ewr4 0 2 9980
server
nginx
date
Sun, 03 Jul 2022 07:01:42 GMT
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=12
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Sun, 03 Jul 2022 07:01:54 GMT
579644d0b061a761624d222d3caf1af7
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/579644d0b061a761624d222d3caf1af7?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f46ef2481c8cd86b1d6ae91e358b5f27101a662e318eb95ab745a49abb146781

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
579644d0b061a761624d222d3caf1af7
date
Sun, 03 Jul 2022 07:01:41 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
e18910f4e12d4f33bec94308bd6663bf-579644d0b061a761624d222d3caf1af7-150
x-serial
619
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4639732
last-modified
Sun, 26 Jun 2022 23:54:04 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
5168
expires
Thu, 25 Aug 2022 23:50:33 GMT
43092f10f576d419cb28957afb67dc5b
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/43092f10f576d419cb28957afb67dc5b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
66c34cfa97de54ea81b3df6ab7574fbc448dc6b9b39f6d1ae87f94626bb79ed5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
43092f10f576d419cb28957afb67dc5b
date
Sun, 03 Jul 2022 07:01:41 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
305000ccdb03bdb863fdfae0ad236884-43092f10f576d419cb28957afb67dc5b-150
x-serial
295
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5061295
last-modified
Fri, 01 Jul 2022 20:56:28 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
5958
expires
Tue, 30 Aug 2022 20:56:36 GMT
3f853b794eeda18843bfe1a3646c97f5
content.api.news/v3/images/bin/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3f853b794eeda18843bfe1a3646c97f5?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
90d0b9ccd41b243c0949630ff36751b0bbfa6aa76e2948a5beb32feeee6efe09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
3f853b794eeda18843bfe1a3646c97f5
date
Sun, 03 Jul 2022 07:01:41 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
f387d85cf3ae242fb5dc9234827d888c-3f853b794eeda18843bfe1a3646c97f5-150
x-serial
1862
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4639881
last-modified
Sun, 26 Jun 2022 23:51:05 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
6544
expires
Thu, 25 Aug 2022 23:53:02 GMT
authorize
login.newscorpaustralia.com/ Frame 4DDA 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=gighEZkSpmMT33ru0aXUglX2Lcejs5KI&nonce=8wzXfVe8UngukJYIXqcJl01VUlm2FxN4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/v1/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-50.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
0b5bdfe13e0f53884e78a3fa7220d6014c7cb833be5c3c595f736b449afef966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
724dc05a4c939274-FRA
content-encoding
gzip
content-length
802
content-type
text/html;charset=UTF-8
date
Sun, 03 Jul 2022 07:01:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 03 Jul 2022 07:01:43 GMT
ot-baggage-auth0-request-id
724dc05a4c939274
ot-tracer-sampled
true
ot-tracer-spanid
68dcafa736d1a87e
ot-tracer-traceid
25ea72296070db9e
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-68dcafa736d1a87e-000000000000000025ea72296070db9e-01
tracestate
auth0-request-id=724dc05a4c939274
vary
Accept-Encoding
x-akamai-transformed
9 536 0 pmb=mTOE,3
x-auth0-requestid
62ca873b1ee76191152c
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1656831704
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a7c585e3ee25b6dfa7b706dbdb384917fa5923bb64a1cf44ad713f2aa01f8d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 02:23:55 GMT
server
AkamaiNetStorage
etag
"52aba415d37269ed31081a044dfdf3ab:1656555835.94552"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1552
expires
Sun, 03 Jul 2022 07:06:42 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d56b55bcde39a2cb644a5973b5ad653b0b5aedd4ff9cc86c49e78076bfa61dfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 02:23:55 GMT
server
AkamaiNetStorage
etag
"640ece35c9c77e1d9a141878fe66634e:1656555835.676769"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
19430
expires
Sun, 03 Jul 2022 07:06:42 GMT
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		189 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=19
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8512d2df6c8d3389874380560cf38dc40c12c576a61048e810bf8dfc6bfeb723
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
45310
x-rq
ewr4 0 2 9980
last-modified
Wed, 29 Jun 2022 03:38:23 GMT
server
nginx
etag
W/"62bbc92f-2f32a"
vary
User-Agent
content-type
application/javascript
expires
Sun, 03 Jul 2022 07:02:31 GMT
cache-control
max-age=49
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=19
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
932b11c6dc1f3c043c0d3dedec40345f03231fdbfb7df81fd76a9d5f3bf17e8b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3348
x-rq
ewr4 0 2 9980
last-modified
Wed, 29 Jun 2022 03:38:23 GMT
server
nginx
etag
W/"62bbc92f-2098"
vary
User-Agent
content-type
application/javascript
expires
Sun, 03 Jul 2022 07:01:43 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6115190
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZCCNTV1P9RDJJPEK
x-amz-id-2
/qnVKXLkvIqRmTlVyOAJ9fsWXFh/v7ysDawvXZO9q2za/F89CVYCZDQkZGAt3xmU5kwfepEdAOw=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTcTnwHb1HyxBW8S4UU8NpPafSQJiUc9xNZvRcUjS54h%2FZQUGLTL7xgz3SiLgYsYH%2BEXH3x3NOivRcwClRW6Itwtgpu0LuGgE0lvg8Pe%2BwAs4xlvbAibTOtmIU0YHIwwxyNHjj1LSknoVEHEY0WaCKzq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
724dc05a1cf39974-FRA
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=07%3A01%3A42.096&lti=deflated&data=%7B%22id%22%3A130%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1656591698843%2C%22vi%22%3A1656831702044%2C%22cv%22%3A%2220220630-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A10894%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A978.78125%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220630-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
04ec3cc9645a4da4385f538757048df38119a7219594812632c21675c6cd3cc9

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
82
date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
server
nginx
x-timer
S1656831702.116004,VS0,VE82
x-served-by
cache-hhn4024-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1656831702198&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
8wAW3lgmPGPoweb6GC5A6b2o8Evu5itvHo6G46Y7d1AVXToFOK0t7w==
x-cache
Miss from cloudfront
debug
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=07%3A01%3A42.303&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-midrail-native&llvl=2&id=9281&cv=20220630-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
26363
mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 		366 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
373561
x-rq
ewr4 0 2 9980
last-modified
Mon, 20 Jun 2022 07:46:30 GMT
server
nginx
etag
W/"62b025d6-5b713"
vary
User-Agent
content-type
image/png
expires
Sun, 03 Jul 2022 16:42:12 GMT
cache-control
max-age=34830
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
etag
"b7fcedf037c57085d364b689ca46f32e"
age
4658552
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
fHqUel8M3lRqxCy1IcLEC6JqXs69KSr1tA8D2yI/vgoUdiwl8sUYVbNRH1QeylrFcbnGP7NQpsk=
x-served-by
cache-sna10739-LGB, cache-hhn4058-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1656831702.355641,VS0,VE1
date
Sun, 03 Jul 2022 07:01:42 GMT
vary
Accept-Encoding,,
x-amz-request-id
GVHWMRVDACBDSJJJ
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6600:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
age
42452
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
date
Sat, 02 Jul 2022 19:14:11 GMT
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
dsl6nmNprXNJojt2Vn9TURXnABPO8d9mSSO90z4xQnG9OtfwWx43rg==
235caba0f615015993cbb9f773c0d508
content.api.news/v3/images/bin/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/235caba0f615015993cbb9f773c0d508?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
77ee3c4f2142ac1e1d4b3a6611ece75231754bce7d0bfcc40a1fae1f1b619b49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
235caba0f615015993cbb9f773c0d508
date
Sun, 03 Jul 2022 07:01:42 GMT
last-modified
Sat, 02 Jul 2022 22:36:41 GMT
server
Akamai Image Manager
etag
841f1073620f8dc6e93d93ccf76b9e9f-235caba0f615015993cbb9f773c0d508-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5153680
access-control-allow-headers
x-newsapi-api-key
content-length
9678
expires
Wed, 31 Aug 2022 22:36:22 GMT
3a4467f047956a7fd8145238940bc7f2
content.api.news/v3/images/bin/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3a4467f047956a7fd8145238940bc7f2?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
cc3d554a21ba9dafa6e8a6e1616de227b9cdd9f47dd775624148a9832e42ad3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
3a4467f047956a7fd8145238940bc7f2
date
Sun, 03 Jul 2022 07:01:42 GMT
last-modified
Sat, 02 Jul 2022 20:08:00 GMT
server
Akamai Image Manager
etag
17d62b01fdb8cd149592d12422be032b-3a4467f047956a7fd8145238940bc7f2-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5144808
access-control-allow-headers
x-newsapi-api-key
content-length
11368
expires
Wed, 31 Aug 2022 20:08:30 GMT
a450b3894f25d4c298c99682683a6a45
content.api.news/v3/images/bin/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a450b3894f25d4c298c99682683a6a45?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
16e3e3f618883c524abac39b0b9bd35a152047da98b0737cdd9c66d1faa59e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
a450b3894f25d4c298c99682683a6a45
date
Sun, 03 Jul 2022 07:01:42 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
ed639e04d71b93bef0b07e07a3a3f4b2-a450b3894f25d4c298c99682683a6a45-320
x-serial
1407
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5179722
last-modified
Sun, 03 Jul 2022 05:51:44 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
10523
expires
Thu, 01 Sep 2022 05:50:24 GMT
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16568317024010.5322954835262674
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=0, no-cache, no-store
content-type
application/x-javascript
content-length
831
expires
Sun, 03 Jul 2022 07:01:42 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
cache-control
max-age=16504
server
AkamaiNetStorage
content-type
application/x-javascript
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=559897798769.255
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=559897798769.255?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
7ff4c2ad039f3a93138f80392f3465702745230434f5ffd0fdc674d74dd92947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12027
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f270f24bc218342b7704aa359f208608552a3bcdddecb3d2acad634d93dbd46a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 05:30:59 GMT
content-encoding
gzip
last-modified
Fri, 24 Jun 2022 01:29:17 GMT
server
nginx
age
5443
etag
W/"62b5136d-116df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
kmd1oYxTyI5rXzD9Yhd8R762uxcok4DPdt-Rf6MK-TTmi-r58W4FPg==
expires
Sun, 03 Jul 2022 07:30:59 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		181 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3f01548ae1aa6683708b74839689f414c8333f47f59f8be71fa457091597913d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"0c01f731f4197a9f543320dcbf2e15f3:1652147636.970982"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=30172
content-type
application/x-javascript
tad.js
tags.news.com.au/prod/tad/ 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1597066a684ef37804add99ba893b7ca7612599871e890d2f53ddeb40550e653

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"295867b83189e463afe569725a4272e4:1653884530.429227"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=16934
content-type
application/x-javascript
content-length
27674
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
07a27ccac84d3870b401baa4ac741492c8ab071b0bd9ee2a7aef0a224b47afa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28045
x-xss-protection
0
server
sffe
etag
"1262 / 764 of 1000 / last-modified: 1656713226"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 03 Jul 2022 07:01:42 GMT
prebid.js
tags.news.com.au/prod/prebid/ 		362 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
42ffbcd5fae6a0eda00246031330f0c87d21ec4c9451787199c02d49746a3d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"38085f66de7dcd7c22d408e9044e03b1:1655686301.436641"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=29889
content-type
application/x-javascript
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 02:27:45 GMT
content-encoding
br
age
16438
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via
1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA56-P6
content-type
application/x-javascript
x-amz-cf-id
n96zA__NdFRtCJ00nYPKzB9-xIhwyIdhu9W-kl_TuVEWt1y2EdrheA==
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=37772
content-type
application/x-javascript
content-length
9840
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-67.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 06:34:11 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
Age
1657
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA60-P3
X-Amz-Cf-Id
seO6bZLpwho5sDzpvzZykmgMOlsXnSP0Ekomoa7ZpPlTU6D1S7UQmw==
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b36a080525305e2e85dd48ed208aafd3fb63171013c7817de8b49a48fc868b73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
a6E5TTYFc3_.083rLS_NchvWbwT0tpo7
content-encoding
gzip
etag
"1e3d17a390032582e99db0f099d7c8b4"
age
513876
via
1.1 varnish
x-cache
HIT
content-length
666
x-amz-id-2
YiGdHyrlTrrxe88Ax21kyIFLrw9+HrwmrEgrWkysE8zeaSSeHrcBFZ7u6ZAc7P+Azb063/CRxNQ=
x-served-by
cache-hhn4050-HHN
last-modified
Tue, 21 Jun 2022 02:34:15 GMT
server
AmazonS3
x-timer
S1656831703.581398,VS0,VE0
date
Sun, 03 Jul 2022 07:01:42 GMT
vary
Accept-Encoding
x-amz-request-id
HB3GHYHTJS1QDDRT
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3075
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Mon, 18 Jul 2022 07:01:42 GMT
social
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=fd0f092b12c03e49384aa495227cb7f8&sd=v2_e6ff761ff1322a9da9bcd9a6e64be4dd_03c91e06-1266-45d0-9a27-898468aff63c-tuct9bac456_1656831702_1656831702_CIi3jgYQgPNHGJzo9ZacMCABKAEwODib4wlAiIoQSMWG2ANQouwQWABgAGjsyrjT39zS1ipwAA&ui=03c91e06-1266-45d0-9a27-898468aff63c-tuct9bac456&pi=/&wi=873729681997272865&pt=home&vi=1656831702044&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=07%3A01%3A42.487&id=4205&llvl=2&cv=20220630-7-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Jul 2022 07:01:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
38340c81a6abf327da0789e6e28c7d7692d0790d94a60108199264a0b9363237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
last-modified
Mon, 06 Jun 2022 09:49:46 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"c3f5cc14f2d6d25cdb126fd97705e667"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
21256
x-amz-cf-id
uG15SWCHELePGSzyzp28oLeixxdfgoZs9w_KqQ14sR_dZI353rlHbQ==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202206300223&cb=1656831702508
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:42 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Sun, 03 Jul 2022 07:11:42 GMT
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
599958310afffef2fc84673f0bf17d5043760727c31e47fcb1a7f45444c9b86f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
H3istEyo4nj6S2fwN.JWPPiUUZci5rTO
content-encoding
gzip
etag
W/"9f873a09f6ce97a203c23db772b8565c"
last-modified
Sat, 02 Jul 2022 17:19:05 GMT
server
AmazonS3
age
504
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Sun, 03 Jul 2022 06:55:57 GMT
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
NZntMVNDPcP44WbYEsEccmrBLeUGzfkSt7J-PSkRUgG52aaRBj2udw==
0f419bed6559e55644c900835748ea78
content.api.news/v3/images/bin/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0f419bed6559e55644c900835748ea78?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
62eb9f600c5af8a1a7c6438521f08b88059eecb3bcc061e4677d5a8dcdc6e1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

edge-cache-tag
0f419bed6559e55644c900835748ea78
date
Sun, 03 Jul 2022 07:01:42 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
76344f5b3991cc37ae8b32f6a3c9e306-0f419bed6559e55644c900835748ea78-320
x-serial
1361
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5144292
last-modified
Sat, 02 Jul 2022 20:01:50 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
11383
expires
Wed, 31 Aug 2022 19:59:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=559897798769.255?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 06:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Jul 2022 06:47:17 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWSd-JuYPIdUPOCm5ZBNJdGOFCgamivgn1BeXr-EGKJiiHBnpmf8siyxRZSF7CSflJ_-BCuubkao2llpSWId1CIETrY_8mc9ke1XVxpF93_9WUJm6WRsmSxa1cqoMS84RAo12w97b9mca-t9Q0lig&sig=Cg0ArKJSzIo9rcYR0hJmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20220629.17859&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=559897798769.255?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jul 2022 07:01:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-98.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 05:09:53 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
265910
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P3
X-Amz-Cf-Id
bD3Fo6_3dDbqzdzI1MJsPgY4OWj3ajiB6zo4dkDpxlKwm5m8uEmdMQ==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1656831702638
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1656831702638
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1656831702638
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
04dd0bbf29a9f210c064b8453720c310c53955e491738911b0ce5f8363c63d2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v036-0459dd4f0.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
sa0YTVViRHw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1546
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v036-0d2bb26fc.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.heraldsun.com.au
X-TID
Ws+8IQJCSoQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1656831702638
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=B6DQTcCLpcbJBGTzy&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11529&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=5214&t=kodHWDNVYL8ByGtmCvPSlKCk5w09&V=135&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=0&_acct=anon&sn=1&sv=qZms5CEBmLkZj6LMDNK86ABRyQBl&sd=1&im=06030402&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.113.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-113-55.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:43 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
pubads_impl_2022062801.js
securepubads.g.doubleclick.net/gpt/ 		374 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
d7c2249c4f39bc0dbaceafeb7a4ab9f599441c6265927ad20920991fa22bf362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 13:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130514
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 08:35:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jul 2023 13:43:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		144 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jul 2022 07:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Sun, 03 Jul 2022 07:01:42 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding
gzip
etag
W/"81a9e2a298d0019660cb2966f0c24748"
age
2797
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
date
Sun, 03 Jul 2022 06:15:06 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
Ut_AnjH-xeiw6AndA9exRuTKBznkasp6Esbp4rj0xZJn2Oz0izvSPA==
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-40.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
RsG6.LpITzUTzFuV1LBF93sEo0IM25eO
content-encoding
gzip
last-modified
Tue, 31 May 2022 11:04:00 GMT
server
ATS/7.1.0
x-amz-request-id
EHQST65W5EHSG8BS
etag
"189bff3ecbc5fc21ff53bd3b46f8ee8b"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=409
date
Sun, 03 Jul 2022 07:01:42 GMT
accept-ranges
bytes
content-length
1284
x-amz-id-2
I+CYBA6Lajt1vfemqTvVmFeE9/8JNl+1AQul6WMUQXozh4pNhkqp6Lz83biNEP/1KQefIdsVZ5M=
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		63 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:43 GMT
server
AkamaiGHost
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
63
mime-version
1.0
expires
Sun, 03 Jul 2022 07:01:43 GMT
pixel_1778f733
www.heraldsun.com.au/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_1778f733
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/1778f733
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath
OLD
vary
User-Agent
blaizehappened
true
date
Sun, 03 Jul 2022 07:01:44 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_1778f733&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_1778f733&session=43fea6deba2873d6b12a28a65bc6abef
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
0
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame BDDE 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3363
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 03 Jul 2022 06:05:40 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-id
Fv_SYp7UFZAx9fFXYipm0v7l01nW7Mca3W5HO3fu-Nu-VCviIepjFA==
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache
Hit from cloudfront
pub
pixel.adsafeprotected.com/services/ 		677 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=7d67a4ef-82ce-9d32-255c-d6b0699592ff&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.95.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-95-155.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6d27fb01e263e2d9d1804cdf814f9b022246e091a6d0994f7edba0e9cc53d0ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:43 GMT
x-server-name
app01.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame BDDE 		44 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=v7wnkrcqnn0fxfphbouru4pbwbq9u1656831702&c16=sdkv,bj.6.0.0&uoo=&fp_id=6kbaujvnbiokpyknreyanvo9u7upk1656831702&fp_cr_tm=1656831702887&fp_acc_tm=1656831702887&fp_emm_tm=1656831702887&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.214.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-214-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:43 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
v7wnkrcqnn0fxfphbouru4pbwbq9u1656831702.nuid.imrworldwide.com/ Frame BDDE 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v7wnkrcqnn0fxfphbouru4pbwbq9u1656831702.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5800:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 03:52:10 GMT
via
1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
12741
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
35
x-amz-cf-id
TqtuguIlsl-of6iTRQ7m9ozeTkTeZrUXafmBdUX7CFhx7Xj7D9i34g==
Serving
bs.serving-sys.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=7344020963156583163&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D1412261541942864427$$&ns=0&rnd=8009342010497948&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.187.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-187-215.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54bcf8864c0c8f9910645700b47fe1b84d1127a9ef7d6be62df5a10961096eed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
2468
expires
Sun, 05-Jun-2005 22:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 71EC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.85.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-85-149.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 00:31:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
23388
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
1w_zRLPPeAtnjv6VnwWo1TMMdwZPvI0J_jLLaN2yAdKo56TVfz4qeQ==
uwt.js
static.ads-twitter.com/ Frame 169B 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 16:20:35 GMT
etag
"f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15166
x-served-by
cache-iad-kiad7000108-IAD, cache-hhn11582-HHN
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame FCA6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 07:01:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=14511
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
js
www.googletagmanager.com/gtag/ Frame BB5B 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f502a04c2fd8795b6ab8fbf8bc50a73503b3c06c409eb7ba89561b625fc22af9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43939
x-xss-protection
0
last-modified
Sun, 03 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 03 Jul 2022 07:01:43 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 2E34 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.85.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-85-149.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 00:31:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
23388
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
DEEQ3DkcxvkbdYlHruiGdrZmloKqv3f6F8PTLver7jGb2sf_lrNCWQ==
pixie.js
acdn.adnxs.com/dmp/up/ Frame B4A3 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 07:01:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.13.10
ETag
"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
3340
Expires
Mon, 04 Jul 2022 07:01:45 GMT
activityi;dc_pre=CIiX_YiT3PgCFeBDHQkd5ggBxQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6325342907729.552
8228261.fls.doubleclick.net/ Frame 72AF
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6325342907729.552?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIiX_YiT3PgCFeBDHQkd5ggBxQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=632534290772...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIiX_YiT3PgCFeBDHQkd5ggBxQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6325342907729.552?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
330
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Jul 2022 07:01:43 GMT
expires
Sun, 03 Jul 2022 07:01:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Jul 2022 07:01:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIiX_YiT3PgCFeBDHQkd5ggBxQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6325342907729.552?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CKiV_YiT3PgCFRbkGwodFAIDow;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9204100755291.344
8228261.fls.doubleclick.net/ Frame 1284
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9204100755291.344?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CKiV_YiT3PgCFRbkGwodFAIDow;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=920410075529...
402 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKiV_YiT3PgCFRbkGwodFAIDow;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9204100755291.344?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
329
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Jul 2022 07:01:43 GMT
expires
Sun, 03 Jul 2022 07:01:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Jul 2022 07:01:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKiV_YiT3PgCFRbkGwodFAIDow;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9204100755291.344?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 1B00 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf9d3956a1e8724e094e4ea85eeb9029af79a7c138837458bc70ef9c8a3932a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43935
x-xss-protection
0
last-modified
Sun, 03 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 03 Jul 2022 07:01:43 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 279D 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
7969c427a8f0695bc83c6d5d26aa6a1bc7d78111fe39d90d696a9aa05a9b62b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17003
x-xss-protection
0
server
cafe
etag
3151637731994422235
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Jul 2022 07:01:43 GMT
/
insight.adsrvr.org/track/pxl/ Frame C4BB 		0
0
activity
au-gmtdmp.mookie1.com/t/v2/ Frame 528F 		0
0
bounce
secure.adnxs.com/ Frame 27F4
Redirect Chain
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
0
0
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
0
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Jul 2022 07:01:43 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a45d08c7-69ec-4ce8-9546-e299ad7101c2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 03 Jul 2022 07:01:43 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d135d96a-cd7c-4a25-9add-0ffa29f75dfd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
0
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Jul 2022 07:01:43 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7f2b30e4-adfd-422b-93cd-093e882bc129
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 03 Jul 2022 07:01:43 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
936e106e-b6f6-4225-89ad-cafbdf50a2e8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		215 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3654162959103155&correlator=3444307857309823&hxva=1&scor=888402337771177&eid=31068294%2C31064018&output=ldjh&gdfp_req=1&vrg=2022062801&ptt=17&impl=fifs&npa=1&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ifi=1&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&sfv=1-0-38&ecs=20220703&ists=1&fsapi=false&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dfe74f615-fa9d-11ec-bc46-06d8cca89c2a%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dfe74f616-fa9d-11ec-bc46-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26vw05%3D40%2C50%26grm%3D40%2C50%2C60%26vw10%3D40%26pub%3D40%2C50%2C60%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dfe74f617-fa9d-11ec-bc46-06d8cca89c2a%7Cpos%3D1%26refreshed%3Dfalse%26id%3Dfe74f618-fa9d-11ec-bc46-06d8cca89c2a%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dfe74f619-fa9d-11ec-bc46-06d8cca89c2a%7Cpos%3D1%26id%3Dfe74f61a-fa9d-11ec-bc46-06d8cca89c2a&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3D43fea6deba2873d6b12a28a65bc6abef%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26snol%3Dd%252Ce%252Cg%252Ca%26abtest%3Da%26pvid%3D43fea6deba2873d6b12a28a65bc6abef-00000000000000000000000000000000-1656831702489-650136%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&sc=1&cookie_enabled=1&abxe=1&dt=1656831703220&lmt=1656831703&dlt=1656831700915&idt=1982&biw=1600&bih=1200&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=48%2C467%2C9666%2C10841%2C3599%2C11529&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x134%7C300x276%7C300x250%7C1600x688%7C1248x0%7C1600x11529&msz=728x93%7C300x276%7C300x250%7C1600x0%7C1248x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1554791612.1656831703&ga_sid=1656831703&ga_hid=2142053132&ga_fc=false&btvi=0%7C0%7C1%7C2%7C3%7C4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
575185b167ec7b634ded25a9a44727ffa22505cd8efaf65c101e943752e38fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22309
x-xss-protection
0
google-lineitem-id
4682990628,4682990628,4682990628,4682990628,4682990628,4682990628
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234025560,138234025557,138234092456,138234082178,138234025461,138386464268
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e61c7690020ca5005d3a32fecc92150f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3408 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://e61c7690020ca5005d3a32fecc92150f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Jul 2022 07:01:43 GMT
expires
Mon, 03 Jul 2023 07:01:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
a59703c
login.newscorpaustralia.com/akam/13/ Frame 4DDA 		26 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/akam/13/a59703c
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=gighEZkSpmMT33ru0aXUglX2Lcejs5KI&nonce=8wzXfVe8UngukJYIXqcJl01VUlm2FxN4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=gighEZkSpmMT33ru0aXUglX2Lcejs5KI&nonce=8wzXfVe8UngukJYIXqcJl01VUlm2FxN4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 15:09:23 GMT
etag
"35dbed9cea7fc7c2077d90f5043ac205e7a9b6dbdc2659449769dbf47b75c059"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
8767
expires
Sun, 03 Jul 2022 07:01:43 GMT
Y3o
login.newscorpaustralia.com/5OO5i0Aho/wIhRsdc/pA/caOLhrwm1QaG/XCItclc/LFk0Jn1k/ Frame 4DDA 		84 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/5OO5i0Aho/wIhRsdc/pA/caOLhrwm1QaG/XCItclc/LFk0Jn1k/Y3o
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=gighEZkSpmMT33ru0aXUglX2Lcejs5KI&nonce=8wzXfVe8UngukJYIXqcJl01VUlm2FxN4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=gighEZkSpmMT33ru0aXUglX2Lcejs5KI&nonce=8wzXfVe8UngukJYIXqcJl01VUlm2FxN4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 19:29:24 GMT
etag
"a7a61709860c0c57ec0c92584ae4f1bc214dfc71043ea43843572e55d14841f6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-length
20456
adsct
t.co/i/ Frame 169B 		0
0
adsct
analytics.twitter.com/i/ Frame 169B 		0
0
collect
px.ads.linkedin.com/ Frame FCA6 		0
0
indies-loader.js
ts2020-indies-client.web.app/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
375eb1402faeaba7978d6f984b0e89473fa190562c591b7097c2b782645123e6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Wed, 29 Jun 2022 04:00:25 GMT
x-timer
S1656831703.401060,VS0,VE0
etag
"5ba2861ce9ae9d8b6d1e23b21ee04a45a7bb0716b2c6e39acabd1aa379b57322-br"
x-served-by
cache-muc13957-MUC
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Sun, 03 Jul 2022 07:01:43 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2326
x-cache-hits
18
extended-access.js
subscriptions.heraldsun.com.au/google-loader/v1/ 		256 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/v1/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8abf4227c684198b4707da50c7189a3cd62069f15a8b7aaf65aeb14211ce3c68
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 04:33:43 GMT
x-amz-cf-pop
EWR50-C1
etag
"a03080faabc1cd86437119712ab2ac7c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=984
strict-transport-security
max-age=600
accept-ranges
bytes
content-length
65976
x-amz-cf-id
eXYCWIUT8UxIYWYN-Cz3es2SGfxoGEG6GYtBbyoEjbpd2bAh-Px79g==
pixie
ib.adnxs.com/ Frame B4A3 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 279D 		0
0
conversion_async.js
www.googleadservices.com/pagead/ Frame BB5B 		0
0
conversion_async.js
www.googleadservices.com/pagead/ Frame 1B00 		0
0
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220630-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Sun, 03 Jul 2022 07:01:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1656831703.360801,VS0,VE9
x-served-by
cache-hhn4024-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
dc_pre=CKiV_YiT3PgCFRbkGwodFAIDow;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9204100755291.344
adservice.google.com/ddm/fls/z/ Frame 1284 		0
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoqzj4mKuNUR0-CikIkNynKH9RKSS-StXVd-Pi5lftLJ0xVgbzrEUJz7xTR77pl8QYnykqGXOyp10hJ6b_i4Axl6YRFZlYJhYsQz-_rso9GWqqY168Mq_pH9T_N59M0bH7C5QBUBprSo_YdjyRJKX7851luDNRxVnWzzHJhX_uvjWqtTr0MhKUH0chnqWqczCrd9OSNTTpwpHjuvFzjPhNDv8hfOR3YwUNyPsDAH7wvCiMDr-uD_QQWvrJkvos5SkAG_0zfAisaT0-fa_BvE7izvrcwxSO4RJlNndsjpuXdab-ZwGEaccwa43MfkdA7bhM&sig=Cg0ArKJSzGzcoGpYkGysEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jul 2022 07:01:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 06:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1903
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Jul 2022 06:30:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 03 Jul 2022 07:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 03 Jul 2022 07:01:43 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrKUtDLtDA1pT6zKvgws9YY79dPK-57GE7ChYWYty9fM2uRgMel-ST1pkPqTDLsmIDRFk4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
7114969398400660195
tpc.googlesyndication.com/simgad/ 		68 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 16:18:22 GMT
x-content-type-options
nosniff
age
312201
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Jun 2023 16:18:22 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuD-BqceZAJysd2tiU3fkJs16CqqNiFGmiEiNKTJvc0ShVi2rUR4_RpSK2YjCaqoFQa_zeG162-cLL4cUce1eunfFGcinJbg3rvHD_lKrUQjrp3yF8JcR-tTTBs1ex_JtpDvvx6dj6Z2sm2cl6pj7Fpl6snjol9v4j62Ck3jcA6bScq9Di--lSWnQ5cR1W7YmbzajXs2luagRf8FuEOu77lrWsw5LsrfBOFswOpvRn9SqvQDWekyMo7-rtPHj68wsK9q14nIYKfcCQyU7aqp_LZHM9KTJy7oINpMPCkw7nS8AbRGCigVSIgQBgb0gHWC9_F&sig=Cg0ArKJSzDmy9zTSDcyQEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jul 2022 07:01:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVo4IJ_K7wUDg_JQQMO6aBKjvSlhR6MdG2D1vue7K__hvEaGnNePmZdiaWtdMoFTScpaHS
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
13756812283639570429
tpc.googlesyndication.com/simgad/ 		68 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 20:27:42 GMT
x-content-type-options
nosniff
age
297241
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Jun 2023 20:27:42 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucOauyuW36gxOtj7KWzN6LCqcGG87J1JDh1zESmRXjfd5t6BZNrDOEj6u_sf4DgRIMDN_LedK6ZYJP2YHglwK1EyTxFasx4o1sHPJAP_Dzde74NG4ZhS7meSTs3o66bNX0onMhmKxNoczaI9oyEIPYqoG3qTr-Uz3yB--dhQ4bTNaMyNR252rQr4EhKN2vcoevSROg3C6rm0bTsDTwJZ9MVpqRh7Hxp6zn0-8PriiT99mprYuEPq8C5RZ84z2Sns6VN_jKrVLKxBGWG6eoTjwgZ3pw4fwjLmncVQSIzl8BgAbtapJG4_0QA7nDRJdqz9VV&sig=Cg0ArKJSzAd8a1YSHm-4EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jul 2022 07:01:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyzMtrI2Yj9DjJhDv5e-etgbULDuEgjdB_0wNWliRlECkCTUBSLaZnxdYm3lk-G1Zew0-_
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPmDJhx1BHvtrDu722dzmva0lVk4JBOi024Ki_b1cL1_njG715lTNrKqQupwQL3Pz_1c6BlKqXz0VJDMJeAv6S0d1XApFE9BR99bBBm7eX0BlhPDG-Nc5mNBeqFoB14ji03DMLvGA60RByjwm3TIYxLcPoLll-nVd_3yE6IGYP0dMfvr8hLqVTQJhan4Q5Y-hRRCNYiZDstP-Inx0WFYAlQBf-CQ9uz8Qm97aKSL6lfpe_sy3LNgqRxUgnvegyuDoPYODt2knO45iiHun6-k4Vd2AXP2xu05Lqd1KDZoOmAhPo1mXMOqD7yP3bLdjR71G1&sig=Cg0ArKJSzH7FqJPRcaJlEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jul 2022 07:01:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQl2XeOotqw56QkGFosWZrKDXd_BAjC7qcsIGJVoTDLEc2HBLrO95J1kI96f8E00KWkak9q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
13503232906761715217
tpc.googlesyndication.com/simgad/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13503232906761715217
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 20:57:14 GMT
x-content-type-options
nosniff
age
295469
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3270
x-xss-protection
0
last-modified
Wed, 23 May 2018 04:43:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Jun 2023 20:57:14 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSYdmE0vsqr5V5iKlEbC9My-_g1dg5diIeHCrupKVt0OKZ7FA6w_U6eoMaw3QZ0Bge95eaOQK56yjW8VxsxAUPY0AUmIIz5JqSH7sEFGaD5xHwGObiDfvII6Hj0vMSdTzSbezzZoGh0Oq_IKwhbBj0F7SkogPdplWbh9PbKKiz26ZwcdkfpODAiwH_jNBQkjznKiiVin06wSCLvJkxslHAV5dd7waNK4Pqd9Twi6dKlZICWWet1_F1gDSAzwnmvCdLfEQAKoHlbq5E1zYt00qxAofNAlktefJlIGMVH5kPehOMOOXxmCyOCVx2PYaP5VIe&sig=Cg0ArKJSzC5OO6_P47XcEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=43fea6deba2873d6b12a28a65bc6abef-1656831698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jul 2022 07:01:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWaKoI2HcgkPBeQ78ssWgtThxDcqyuCddHQ-2xO9_SNo2i-mwyevV0n368mHpOyYkiTRtd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
truncated
/ 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1b43e61437f9ce0b44ad0976b600ef6996297e6c56766187136c88afdc6609b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
13503232906761715217
tpc.googlesyndication.com/simgad/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13503232906761715217
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 20:57:14 GMT
x-content-type-options
nosniff
age
295469
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3270
x-xss-protection
0
last-modified
Wed, 23 May 2018 04:43:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Jun 2023 20:57:14 GMT
/
marketingplatform.google.com/about/enterprise/
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-8eOSTgY21t2_4Yae76V8k9cMTWCgVDibzdn3qS6BJ4HkwLcZS24ys3sYR8ij8cmwxB2J-_FrqYxKtqkZxVCTDt2S4Q082sz6TJkxvvBDd16O0avVHTHd7AwmRoy8kRN8a_FUBm_L_...
  • https://m.doubleclick.net/
  • https://marketingplatform.google.com/about/enterprise/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketingplatform.google.com/about/enterprise/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date
Sun, 03 Jul 2022 06:37:22 GMT
x-content-type-options
nosniff
server
sffe
age
1461
content-type
text/html; charset=UTF-8
location
https://marketingplatform.google.com/about/enterprise/
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
251
x-xss-protection
0
expires
Sun, 03 Jul 2022 07:07:22 GMT
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.90.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-90-159.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.90.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-90-159.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
campaigns
resourcesssl.newscdn.com.au/indies/ 		896 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
e87455ae95f61cfbc0f7cb6fddf160a4359d212caca78f512ce2fe37dded02e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"380-buHeOXtmZuLHUq6FLZ+ztTi2ZXY"
x-powered-by
Express
date
Sun, 03 Jul 2022 07:01:43 GMT
x-cache-hits
0
content-length
503
x-served-by
cache-hhn4050-HHN
server
Google Frontend
x-timer
S1656829953.782559,VS0,VE240
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
234ff199be99fd0ae25c50eaf5ee3362
cache-control
private, max-age=138
function-execution-id
d1w14fh8e0mi
accept-ranges
bytes
x-orig-accept-language
en-au
x-country-code
DE
expires
Sun, 03 Jul 2022 07:04:01 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1800
content-type
text/html
date
Sun, 03 Jul 2022 07:01:43 GMT
expires
Sun, 03 Jul 2022 07:31:43 GMT
function-execution-id
ja4bccv3nimm
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
6da818aa377bd3ba729e9165cf5b896b
x-country-code
DE
x-i
true
x-powered-by
Express
x-served-by
cache-hhn4028-HHN
x-timer
S1656831703.486810,VS0,VE136
dest5.html
newscorpau.demdex.net/ Frame CBAD 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.108.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-108-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v036-038f795ef.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
880Kow8DQig=
content-encoding
gzip
date
Sun, 3 Jul 2022 07:01:44 GMT
last-modified
Thu, 30 Jun 2022 15:43:28 GMT
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=58617272199314862403737144333873532560&ts=1656831703937
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
30bf6482f1d93caa706cb426a8662216e2c6dfec652a5a7e215cefd6a5ec9f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 03 Jul 2022 07:01:44 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-vp9qb
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YsE_2AAAAIKOyQN6
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=58596104037949955143735047307868381066
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YsE_2AAAAIKOyQN6
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YsE_2AAAAIKOyQN6
Protocol
HTTP/1.1
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v036-0a56358a7.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jzBJrqBTTWs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YsE_2AAAAIKOyQN6
Date
Sun, 03 Jul 2022 07:01:44 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=58617272199314862403737144333873532560&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%0143fea6deba2873d6b12a28a65bc6abef%011&ts=1656831704484
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a2ff061413d03b568fd33eb41894c2da9de9d331dc6d10aff724e09f92cb8719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v036-08ac6ae5f.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
vDLDwR6dQb0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1546
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ibs:dpid=358&dpuuid=244323150248434036
dpm.demdex.net/ Frame CBAD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=244323150248434036
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=244323150248434036
Protocol
HTTP/1.1
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v036-04124fd71.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0B3Lgr3qQzI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Sun, 03 Jul 2022 07:01:44 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1c759b5f-6bd0-4165-926d-cbc97a53685c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=244323150248434036
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=470&dpuuid=3538227364592229619
dpm.demdex.net/ Frame CBAD
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3538227364592229619
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3538227364592229619
Protocol
HTTP/1.1
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v036-0bbb11b84.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
+DKjB2fISGE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3538227364592229619
pragma
no-cache
date
Sun, 03 Jul 2022 07:01:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
token
token.rubiconproject.com/ Frame CBAD 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=58596104037949955143735047307868381066&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=771&dpuuid=CAESEI9qXuPiC_tn8xmxc-nvNqo&google_cver=1
dpm.demdex.net/ Frame CBAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTg1OTYxMDQwMzc5NDk5NTUxNDM3MzUwNDczMDc4NjgzODEwNjY=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI9qXuPiC_tn8xmxc-nvNqo&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI9qXuPiC_tn8xmxc-nvNqo&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v036-0a30736eb.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
zTW77srfTM0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI9qXuPiC_tn8xmxc-nvNqo&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=6kbaujvnbiokpyknreyanvo9u7upk1656831702&fp_cr_tm=1656831702887&fp_acc_tm=1656831702887&fp_emm_tm=1656831702887&ve_id=&sessionId=v7wnkrcqnn0fxfphbouru4pbwbq9u1656831702&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,zrabzzf2z5zihwzx1yj0sspr11uc21656831702&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16568317028834148&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1656831702511&c3=st,c&c64=starttm,1656831704&adid=1656831702511&c58=isLive,false&c59=sesid,&c61=createtm,1656831703&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1656831703&rnd=900456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.214.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-214-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:44 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame CBAD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ibs:dpid=19566&dpuuid=%s
dpm.demdex.net/ Frame CBAD
Redirect Chain
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Protocol
HTTP/1.1
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v036-0b9ed301b.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
0i5RYdhGTTY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:45 GMT
server
nginx
etag
"615e720b-cde"
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
expires
Sun, 03 Jul 2022 07:01:45 GMT
ibs:dpid=23728&dpuuid=YsE.2c8M8kRBqiIK9PGwoAAA%262182
dpm.demdex.net/ Frame CBAD
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YsE.2c8M8kRBqiIK9PGwoAAA%262182
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YsE.2c8M8kRBqiIK9PGwoAAA%262182
Protocol
HTTP/1.1
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v036-023a167f8.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fGheG5qyQps=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocKoii1C0cY7xQgu9yiljHZIS2RGVsRcyBS%2F0NIr%2FG7wx1yx6%2FyPoFK3d984Dt6AYFzw6LyoqdGO2C6RDyv8HtHFeSHMonm5%2Bt7G0prOZ233ZedKH4qOkR2fLB64BeEOnsLLdRrV"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YsE.2c8M8kRBqiIK9PGwoAAA%262182
cache-control
no-cache
cf-ray
724dc06def8f69a3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ibs:dpid=30432&dpuuid=CI-6150b8c5dd239d41560acd975e100be6
dpm.demdex.net/ Frame CBAD
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=58596104037949955143735047307868381066&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-6150b8c5dd239d41560acd975e100be6
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-6150b8c5dd239d41560acd975e100be6
Protocol
HTTP/1.1
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v036-023d0e280.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
a9OjfIPXQ5k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-6150b8c5dd239d41560acd975e100be6
Date
Sun, 03 Jul 2022 07:01:45 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
s03976928559029
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 		43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s03976928559029?AQB=1&ndh=1&pf=1&t=3%2F6%2F2022%207%3A1%3A45%200%200&cid.&newsnkidcookie.&id=43fea6deba2873d6b12a28a65bc6abef&as=1&.newsnkidcookie&.cid&vid=43fea6deba2873d6b12a28a65bc6abef&mid=58617272199314862403737144333873532560&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D51&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=5%3A01%20PM%7CSunday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=51&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=de%7Che%7Cfrankfurt%7C50.12%7C8.68%7Cgmt%2B1%7Cunknown&v79=de&v80=43fea6deba2873d6b12a28a65bc6abef-00000000000000000000000000000000-1656831702489-650136&v110=2022-07-03%2007%3A01%3A38&v111=0&v161=34.30000019073486&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:45 GMT
x-content-type-options
nosniff
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 04 Jul 2022 07:01:45 GMT
server
jag
xserver
anedge-69c8d8cc76-dh6qj
etag
3558018995098222592-4619748717454816048
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sat, 02 Jul 2022 07:01:45 GMT
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame CBAD
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=58596104037949955143735047307868381066&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Protocol
HTTP/1.1
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v036-06af5e8dd.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
0hi3y1yyQMA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Sun, 03 Jul 2022 07:01:45 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame CBAD
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=58596104037949955143735047307868381066
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=58596104037949955143735047307868381066
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=58596104037949955143735047307868381066
Protocol
H2
Server
34.248.96.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-96-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=53 t=1656831705
x-served-by
beacon-n001-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=58596104037949955143735047307868381066
date
Sun, 03 Jul 2022 07:01:45 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a012-ash-prod.krxd.net
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame CBAD
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=58596104037949955143735047307868381066&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Protocol
HTTP/1.1
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v036-01aa6312c.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
osMriMRDQGc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Sun, 03 Jul 2022 07:01:45 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame CBAD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXNFXzJBQUFBSUtPeVFONg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXNFXzJBQUFBSUtPeVFONg==
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1656831706.722907,VS0,VE0
x-served-by
cache-hhn4044-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXNFXzJBQUFBSUtPeVFONg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame CBAD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YsE_2AAAAIKOyQN6&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YsE_2AAAAIKOyQN6&expires=90
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1656831706.752773,VS0,VE0
x-served-by
cache-hhn4044-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YsE_2AAAAIKOyQN6&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame CBAD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YsE_2AAAAIKOyQN6
43 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YsE_2AAAAIKOyQN6
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
724dc0721f62929b-FRA
pragma
no-cache
date
Sun, 03 Jul 2022 07:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IwF0kgUDFXcKUHCd1siZ6STfFIXL1CtuARNmXNSoPL5I6YbAVPnTHGIOSjVRfJynam8sgFQ82nGnk1Zg9zJGQh6VaslUI9hXdJEMZPD7N0PcGAWOhChMVhIgLD1o85XtrjvM8%2F3Ta2SMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1656831706.853634,VS0,VE0
x-served-by
cache-hhn4044-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YsE_2AAAAIKOyQN6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
ib.adnxs.com/ Frame CBAD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YsE_2AAAAIKOyQN6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YsE_2AAAAIKOyQN6
Protocol
HTTP/1.1
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Jul 2022 07:01:45 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
60a4116e-3a58-4fdc-974b-fb9a9a993379
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1656831706.954056,VS0,VE0
x-served-by
cache-hhn4044-HHN
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YsE_2AAAAIKOyQN6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame CBAD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YsE_2AAAAIKOyQN6
43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YsE_2AAAAIKOyQN6
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:46 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1656831706.054955,VS0,VE0
x-served-by
cache-hhn4044-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YsE_2AAAAIKOyQN6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame CBAD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YsE_2AAAAIKOyQN6
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YsE_2AAAAIKOyQN6
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 07:01:46 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1656831706.155762,VS0,VE0
x-served-by
cache-hhn4044-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YsE_2AAAAIKOyQN6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame CBAD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YsE_2AAAAIKOyQN6&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YsE_2AAAAIKOyQN6&img=1&__user_check__=1&sync_id=00a05589-fa9e-11ec-b297-11482f420106
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YsE_2AAAAIKOyQN6&img=1&__user_check__=1&sync_id=00a05589-fa9e-11ec-b297-11482f420106
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 07:01:46 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
70
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sun, 03 Jul 2022 07:01:46 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YsE_2AAAAIKOyQN6&img=1&__user_check__=1&sync_id=00a05589-fa9e-11ec-b297-11482f420106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
102
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame CBAD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YsE_2AAAAIKOyQN6&t=2592000&o=0
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YsE_2AAAAIKOyQN6&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

document-policy
force-load-at-top
pragma
public
x-fb-debug
VXhZElhpV/PMwwuVfXM8eLWMgAKeSF5mfth45TNhTxeGn6mQu1//bHJFmEbR30xk4D+5HEJG+sfaegGkj7MI+w==
content-encoding
br
x-content-type-options
nosniff
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 03 Jul 2022 00:01:46 PDT
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
cache-control
public, max-age=0
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
expires
Sun, 03 Jul 2022 00:01:46 PDT

Redirect headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1656831706.357177,VS0,VE0
x-served-by
cache-hhn4044-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YsE_2AAAAIKOyQN6&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cm
trc.taboola.com/sg/adobe/1/ Frame CBAD 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Sun, 03 Jul 2022 07:01:46 GMT
via
1.1 varnish
server
nginx
x-timer
S1656831706.462117,VS0,VE8
x-served-by
cache-hhn4024-HHN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
0
sync.1rx.io/usersync/adobe/ Frame CBAD 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 07:01:46 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
insight.adsrvr.org
URL
https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
Domain
au-gmtdmp.mookie1.com
URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Domain
t.co
URL
https://t.co/i/adsct?bci=3&eci=2&event_id=49e338fe-ad12-474c-9d3b-f69865c1fccb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=eda0b53e-7b1e-4df1-bf1e-00824dd1d490&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.4.12
Domain
analytics.twitter.com
URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=49e338fe-ad12-474c-9d3b-f69865c1fccb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=eda0b53e-7b1e-4df1-bf1e-00824dd1d490&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.4.12
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1656831703276&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1656831703305&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1656831703304&et=1656831703305&if=1
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1656831703319&cv=9&fst=1656831703319&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/conversion_async.js
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/conversion_async.js
Domain
adservice.google.com
URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKiV_YiT3PgCFRbkGwodFAIDow;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9204100755291.344
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| _taboola object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| toggleShowMore object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore undefined| $ function| jQuery function| loadjs boolean| isLoadedIndiesJs object| lazySizes object| ads_api function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id string| urhehlevkedkilrobacf object| COMSCORE function| udm_ object| ns_p object| placementData object| app boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| vidora function| vidoraTrackExtraElements object| vidoraHelper object| auth object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag undefined| isAsync undefined| httpGetAsync undefined| parseResponse object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| _tealium_old_error boolean| __tealium_twc_switch object| nb undefined| rea_site_short string| site_short string| pathname string| loc object| theseAddresses object| notTheseAddresses object| nrm_sites function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| sectionData number| _sf_endpt number| gptPluginLoaded number| gcTicker string| nam object| m object| vidora_ns object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| ads_core object| ads_extra object| googletag string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| __iasPET object| kw_ignore object| mready object| metrics object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts function| pbjsChunk object| pbjs object| _pbjsGlobals object| KAMPYLE_EMBED object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| ggeac object| ats object| $jscomp function| $jscomp$lookupPolyfilledValue object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId function| omrhp object| diagPixSentCodes object| __iasAdRefreshConfig function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents undefined| google_measure_js_timing object| ads_ready undefined| oneTagObj function| ebDecode object| bsResponseObj object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal string| jscVersion object| google_casm function| su object| viewReq function| vu function| mb function| init_ssb function| accbk function| xy function| ss function| st function| ha function| ia function| ja function| ga boolean| inDapIF boolean| inGptIF function| GeaLoader boolean| isFetchedIndies function| parcelRequire object| tbopt string| s_tnt string| f0 object| s_i_newscorpau-hsweb_newscorpau-global

58 Cookies

Domain/Path Name / Value
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 43fea6deba2873d6b12a28a65bc6abef
.heraldsun.com.au/ Name: nk
Value: 43fea6deba2873d6b12a28a65bc6abef
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1656831698
www.heraldsun.com.au/ Name: lux_uid
Value: 165683170134063841
.heraldsun.com.au/ Name: bm_sv
Value: 5348DB5AD9BB7C0EAC2772BDF84D46CF~YAAQxLoQAlWWPq2BAQAAH3TdwhDFO115kJ82job1Zt5rZ6GuoTXMCsAPMvEnp1TFB8QwYDCXCTkS5PtTYUmXgNYJoL9RATHvbRCbNxhHt6twjUxF5vowNSFmSD+pzv0rpoN8VA7YyoZ/lCEApwWLV7r5Qi9ofjVfAw7vdONhfn/jnJmsHfbImJgLtMDflWSFnrj0vGJiTX5CclarPtl3nH3WB+dPf5Xy6CQ/F0N5TQNjK8odtsJqliOGxv5XB14CIGHd8uaF~1
www.heraldsun.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D03c91e06-1266-45d0-9a27-898468aff63c-tuct9bac456
.heraldsun.com.au/ Name: utag_main
Value: v_id:0181c2dd758a0034969f7663ab3403073001d06b00b08$_sn:1$_se:1$_ss:1$_st:1656833502411$ses_id:1656831702411%3Bexp-session$_pn:1%3Bexp-session
www.heraldsun.com.au/ Name: _tb_sess_r
Value:
www.heraldsun.com.au/ Name: _tb_t_ppg
Value: https%3A//www.heraldsun.com.au/
.heraldsun.com.au/ Name: nc_eu
Value: y
.heraldsun.com.au/ Name: _cb
Value: B6DQTcCLpcbJBGTzy
.heraldsun.com.au/ Name: _chartbeat2
Value: .1656831702737.1656831702737.1.qZms5CEBmLkZj6LMDNK86ABRyQBl.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: c89155a0-8259-4411-9bbd-b46e5164372f.1656831703.1.1656831703.1656831703.53495947-f4c1-48cd-8678-ed8429dd8321
.heraldsun.com.au/ Name: nol_fpid
Value: 6kbaujvnbiokpyknreyanvo9u7upk1656831702|1656831702887|1656831702887|1656831702887
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 005amuBD90_004c3mBD90_
.serving-sys.com/ Name: G4
Value: 0009fM00GQ_
.serving-sys.com/ Name: OT2
Value: 0001DC1qMn
.serving-sys.com/ Name: u2
Value: ffd7f236-0d20-4562-ba29-427f1e133e884HE060
.imrworldwide.com/ Name: IMRID
Value: feab4750-fa9d-11ec-acc2-db5d5831811b
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3Afe9d3d90-fa9d-11ec-b1b2-992980f202bd.QQJ2NLdBBbUic7IghiRvn%2FDhgMS5GaTGVYSLzmGnqso
.demdex.net/ Name: demdex
Value: 58596104037949955143735047307868381066
.adnxs.com/ Name: uuid2
Value: 244323150248434036
.doubleclick.net/ Name: IDE
Value: AHWqTUkYESqvawXhrHC-3K7BN0czNUpOK92bC94HWeha_ltnO9VUI0gUkgfTJomhXkg
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.41973030.1656831703
.heraldsun.com.au/ Name: __gads
Value: ID=4bec488820bbd6a1:T=1656831703:S=ALNI_MYPQutva9nRw-1cdEUplFQC-y7YRw
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YsE_2AAAAIKOyQN6
www.heraldsun.com.au/ Name: AWSALB
Value: 2om+Lt3z75gTfX7fGn1r/ef7Q9RVdC5w5PfFgItXvYW+LVLN9J8dn3gtFkeX3PRmGORtvA887x+p0PfMQsLq3yskAr83zB3xNVw2Agz6BJSqHGYgnz7mEBM9tl37
.heraldsun.com.au/ Name: ak_bmsc
Value: ED7EA8E16BEC06FD9D28020138098B9B~000000000000000000000000000000~YAAQxLoQAlaWPq2BAQAAeXzdwhDSIPUVtPkKRGoYaxj6p94LvNmGCnQ/APCNdgqUx2oTOUSPdElRIdv44Z9wjol9cUyzBLak+L2EWIW9oz6AORb4wLkoKDfdzKlRMDDPoqib/oN40G94aWXUwF3ey9ulCo4fxrFy4eYQQifdEHX2j3ew5Q+AIJ/rxBLzGbD7fQ7PyfqRSRO9jYSD8vMcVMLtRJlEQVm4TDDDpNu0mwxiwd9IuAGV7reHF8iJI6XGu4EvpyfXpS3sJI/AW5SQLtKuY2HLGnRzPJveZWm8TEhnUOB4Ng9sUV5CHeMwiMCCgNu+CX2HZHrRfRgI4fO4WrTaa9ONwvo9LaKBgc1rnkGiZ/3IrEUREm09xUKX+ybcUWxjGAE7CTGZB7V4lTUqrPV72HFJVrqv+BDlAWs3Xa9oxPKmf3VVbPqYV95UMBTT0I9C3Y0kDdYV++KAXCdxlmSP7mMWECr1fpOjuIaSYYXrG1eBhIPtuKwNFn8eyavH
www.heraldsun.com.au/ Name: AWSALBCORS
Value: 2om+Lt3z75gTfX7fGn1r/ef7Q9RVdC5w5PfFgItXvYW+LVLN9J8dn3gtFkeX3PRmGORtvA887x+p0PfMQsLq3yskAr83zB3xNVw2Agz6BJSqHGYgnz7mEBM9tl37
.dpm.demdex.net/ Name: dpm
Value: 58596104037949955143735047307868381066
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C58617272199314862403737144333873532560
.turn.com/ Name: uid
Value: 3538227364592229619
.casalemedia.com/ Name: CMID
Value: YsE.2c8M8kRBqiIK9PGwoAAA
.casalemedia.com/ Name: CMPS
Value: 2182
.casalemedia.com/ Name: CMPRO
Value: 2182
.heraldsun.com.au/ Name: s_nr
Value: 1656831705329-New
.heraldsun.com.au/ Name: s_gdslv
Value: 1656831705329
.heraldsun.com.au/ Name: s_gdslv_s
Value: First%20Visit
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: tp
Value: 1200
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C100%2C100%2C1200
.heraldsun.com.au/ Name: s_cc
Value: true
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19177%7CMCMID%7C58617272199314862403737144333873532560%7CMCAAMLH-1657436505%7C6%7CMCAAMB-1657436505%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-1109168926%7CMCOPTOUT-1656838905s%7CNONE%7CMCSYNCSOP%7C411-19184%7CMCAID%7CNONE%7CvVersion%7C5.1.1
.eyeota.net/ Name: SERVERID
Value: 21865~DM
.scanscout.com/ Name: uid
Value: CI-6150b8c5dd239d41560acd975e100be6
.scanscout.com/ Name: UIAA
Value: 58596104037949955143735047307868381066
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1656831705518"
.krxd.net/ Name: _kuid_
Value: O70ODPnZ
.casalemedia.com/ Name: CMTS
Value: 3245
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2GVUKRXph!A#FX.TOK_Dm7hk)YQ)v_#v#:/:t-KvhA!zV3m`LlK7fdNl$]kNy^dpQwj1-Mq<M=?r37s<QQyO3jzbc!!*AU*Qx0T
.spotxchange.com/ Name: audience
Value: 00a05530-fa9e-11ec-b297-11482f420106
.demdex.net/ Name: dextp
Value: 358-1-1656831704532|470-1-1656831704633|481-1-1656831704733|771-1-1656831704834|903-1-1656831704935|19566-1-1656831705036|23728-1-1656831705137|30432-1-1656831705237|30064-1-1656831705338|66757-1-1656831705439|134096-1-1656831705539|144230-1-1656831705640|144231-1-1656831705741|144232-1-1656831705842|144233-1-1656831705942|144234-1-1656831706043|144235-1-1656831706144|144236-1-1656831706245|144237-1-1656831706345|147592-1-1656831706448|461447-1-1656831706549

24 Console Messages

Source Level URL
Text
other warning URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=19
Message:
A preload for 'https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=19' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=559897798769.255?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=559897798769.255?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=559897798769.255?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
am-trc-events.taboola.com
analytics.twitter.com
assets.vidora.com
ats.rlcdn.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
beacon.krxd.net
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.speedcurve.com
cdn.taboola.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.scanscout.com
e61c7690020ca5005d3a32fecc92150f.safeframe.googlesyndication.com
edition.pagesuite.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heraldsun.com.au
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
lm.serving-sys.com
login.newscorpaustralia.com
m.doubleclick.net
marketingplatform.google.com
match.adsrvr.org
metrics.heraldsun.com.au
mhr.talk.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
resourcesssl.newscdn.com.au
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
ssum.casalemedia.com
static.ads-twitter.com
static.chartbeat.com
subscriptions.heraldsun.com.au
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
t.co
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ts2020-indies-client.web.app
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
v7wnkrcqnn0fxfphbouru4pbwbq9u1656831702.nuid.imrworldwide.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
adservice.google.com
analytics.twitter.com
au-gmtdmp.mookie1.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
px.ads.linkedin.com
secure.adnxs.com
t.co
tpc.googlesyndication.com
www.googleadservices.com
104.18.18.126
104.75.88.194
108.138.7.28
13.225.85.149
13.32.121.37
13.32.99.67
141.226.228.48
142.250.185.162
142.250.185.66
142.250.186.98
15.188.95.229
15.197.193.217
151.101.1.175
151.101.129.44
151.101.194.49
151.101.2.217
151.101.65.44
172.217.18.102
172.217.18.2
185.33.220.145
185.33.221.11
185.64.190.80
185.94.180.125
199.127.207.182
199.232.136.157
2.18.233.169
2.18.233.28
2001:678:cb4:bbbb::13
213.19.147.44
23.205.241.50
23.35.236.188
23.35.236.201
2600:9000:2190:5800:1d:667e:2a40:93a1
2600:9000:223e:ee00:1f:1414:da40:93a1
2600:9000:2240:c600:2:42d9:3100:93a1
2600:9000:2251:6600:4:77d:a0c0:93a1
2600:9000:236e:8800:18:1fcd:351:7bc1
2606:4700:3032::ac43:a9f7
2620:0:890::100
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a02:26f0:3500:16::215:149b
2a03:2880:f12d:181:face:b00c:0:25de
2a04:fa87:fffd::c000:42d0
3.120.214.218
3.65.187.215
3.74.90.159
34.241.214.203
34.248.32.199
34.248.96.95
35.244.159.8
44.195.113.55
52.213.95.155
52.215.108.43
52.222.214.98
52.51.78.176
52.95.129.58
52.95.134.54
54.166.21.101
69.173.144.138
69.192.160.219
92.123.225.40
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
04dd0bbf29a9f210c064b8453720c310c53955e491738911b0ce5f8363c63d2f
04ec3cc9645a4da4385f538757048df38119a7219594812632c21675c6cd3cc9
07a27ccac84d3870b401baa4ac741492c8ab071b0bd9ee2a7aef0a224b47afa6
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
0b5bdfe13e0f53884e78a3fa7220d6014c7cb833be5c3c595f736b449afef966
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10ca87f96c30a6db4b46cb0d6d1a960f3712b7841c33cafe08cffd37c11d28e2
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1597066a684ef37804add99ba893b7ca7612599871e890d2f53ddeb40550e653
16e3e3f618883c524abac39b0b9bd35a152047da98b0737cdd9c66d1faa59e53
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
2481125362e7835edf4fe6befb0e5963de4bf0deb329b010db9acff86fdf6d4c
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
30bf6482f1d93caa706cb426a8662216e2c6dfec652a5a7e215cefd6a5ec9f6f
375eb1402faeaba7978d6f984b0e89473fa190562c591b7097c2b782645123e6
38340c81a6abf327da0789e6e28c7d7692d0790d94a60108199264a0b9363237
3f01548ae1aa6683708b74839689f414c8333f47f59f8be71fa457091597913d
4104e4ff34495ddbbb18aafe107f21ce692b68acc078862ddc9720848b9c3b6d
42ffbcd5fae6a0eda00246031330f0c87d21ec4c9451787199c02d49746a3d12
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bcf8864c0c8f9910645700b47fe1b84d1127a9ef7d6be62df5a10961096eed
5512db3bd3c5b732fe3da927f20d0664e214df0a274297456d780ff6bf12a79a
575185b167ec7b634ded25a9a44727ffa22505cd8efaf65c101e943752e38fd2
599958310afffef2fc84673f0bf17d5043760727c31e47fcb1a7f45444c9b86f
5c01f5ce1bf402eb4e4c08a5804f401c22e375a4dc3834bd0f8e8523833b96f6
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ebed5fe3bc3042af0036684e962947b7be2953599864d6481cb2a05475618d0
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
62eb9f600c5af8a1a7c6438521f08b88059eecb3bcc061e4677d5a8dcdc6e1ce
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
66c34cfa97de54ea81b3df6ab7574fbc448dc6b9b39f6d1ae87f94626bb79ed5
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d27fb01e263e2d9d1804cdf814f9b022246e091a6d0994f7edba0e9cc53d0ea
716f66f3505d6a18222fd28a0e45b807dc0bf1a6747e4cc1788fe9c6bf8c3408
749017b53b677c8309df48f408a6446f0d29e8256fe34d6a8521ce804b1e370e
75288f63bb35d4236a4e63643603c165e1b9c90ecfa07a5f7c24c6fc4132184c
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
77ee3c4f2142ac1e1d4b3a6611ece75231754bce7d0bfcc40a1fae1f1b619b49
7969c427a8f0695bc83c6d5d26aa6a1bc7d78111fe39d90d696a9aa05a9b62b7
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c40041601fa59ead6c98469927051be207daf33331a8e35104b8e30be482f63
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
7ff4c2ad039f3a93138f80392f3465702745230434f5ffd0fdc674d74dd92947
80453c080c52c7722fddf1e4b063987abbed4852da6caacf5266d4acdb7e247b
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8512d2df6c8d3389874380560cf38dc40c12c576a61048e810bf8dfc6bfeb723
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8abf4227c684198b4707da50c7189a3cd62069f15a8b7aaf65aeb14211ce3c68
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90d0b9ccd41b243c0949630ff36751b0bbfa6aa76e2948a5beb32feeee6efe09
929d79ca49de2da8d7ffa6bf6dba0efeacf4128dd41d82d5b6bd02ee9d958be3
932b11c6dc1f3c043c0d3dedec40345f03231fdbfb7df81fd76a9d5f3bf17e8b
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a2ff061413d03b568fd33eb41894c2da9de9d331dc6d10aff724e09f92cb8719
a40e81f82a033e6fd178164e4db47d404144036cb805b56968f184036614b488
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7c585e3ee25b6dfa7b706dbdb384917fa5923bb64a1cf44ad713f2aa01f8d6b
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36a080525305e2e85dd48ed208aafd3fb63171013c7817de8b49a48fc868b73
bf9d3956a1e8724e094e4ea85eeb9029af79a7c138837458bc70ef9c8a3932a7
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c
c52b2c3b413d3bf3f6dfcc76384b086aa702597fa5d4c79dcdab8499017eb996
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
cc3d554a21ba9dafa6e8a6e1616de227b9cdd9f47dd775624148a9832e42ad3f
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1b43e61437f9ce0b44ad0976b600ef6996297e6c56766187136c88afdc6609b
d56b55bcde39a2cb644a5973b5ad653b0b5aedd4ff9cc86c49e78076bfa61dfe
d5d5b74eccbf33379fe86a09ee091aaf3611f618712b8d1c752fdf9dfe17b5c9
d7c2249c4f39bc0dbaceafeb7a4ab9f599441c6265927ad20920991fa22bf362
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dabd3a568622874eaf44f568bc385d5d70b47caea7a5b2011200ca8230449999
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43a9be34768043331e20e47029473a5dcf74f05773f9b0a44cd3dd3679b8b20
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e610bdc7162c11ac9c5ff569e94418df5f92e8eb042ba013e3a08f353d6e2b49
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e7668c040cf017099cf12b7948b9b7d45a1d5e3aacc3f278d17737ea4191f564
e87455ae95f61cfbc0f7cb6fddf160a4359d212caca78f512ce2fe37dded02e0
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f270f24bc218342b7704aa359f208608552a3bcdddecb3d2acad634d93dbd46a
f2c7d9bcd8708fd81d9bda31e61698035a1057973700406c3afb7b6e50403551
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f46ef2481c8cd86b1d6ae91e358b5f27101a662e318eb95ab745a49abb146781
f502a04c2fd8795b6ab8fbf8bc50a73503b3c06c409eb7ba89561b625fc22af9
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
fa47a8fd2392896d53c3a5422cac552753cadf89504fac94dc0beddab3a8868f