urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
184.30.20.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM...
Effective URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-sto...
Submission: On April 22 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 8 countries across 65 domains to perform 302 HTTP transactions. The main IP is 184.30.20.111, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2021. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.254 209242 (CLOUDFLAR...)
3 15 184.30.20.111 16625 (AKAMAI-AS)
1 8 184.30.20.190 16625 (AKAMAI-AS)
1 151.101.114.217 54113 (FASTLY)
1 17 151.101.13.44 54113 (FASTLY)
8 184.30.24.190 16625 (AKAMAI-AS)
2 199.232.137.181 54113 (FASTLY)
1 3 13.224.102.122 16509 (AMAZON-02)
2 23.111.9.35 33438 (HIGHWINDS2)
15 199.232.137.44 54113 (FASTLY)
2 11 141.226.228.48 200478 (TABOOLA-AS)
6 104.111.230.77 16625 (AKAMAI-AS)
5 104.109.77.38 16625 (AKAMAI-AS)
1 151.101.1.195 54113 (FASTLY)
1 142.250.185.102 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
17 142.250.185.226 15169 (GOOGLE)
1 2 2600:9000:206... 16509 (AMAZON-02)
5 2600:9000:219... 16509 (AMAZON-02)
1 99.86.2.86 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.111.247.190 16625 (AKAMAI-AS)
1 2600:9000:219... 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
1 13.224.102.91 16509 (AMAZON-02)
2 3.232.164.179 14618 (AMAZON-AES)
2 35.181.18.61 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
13 34.249.30.33 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
3 52.214.68.15 16509 (AMAZON-02)
3 4 63.35.128.189 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 18.197.47.23 16509 (AMAZON-02)
3 4 185.94.180.126 35220 (SPOTX-AMS)
3 4 3.120.242.149 16509 (AMAZON-02)
2 13 34.243.47.58 16509 (AMAZON-02)
1 1 34.255.166.243 16509 (AMAZON-02)
1 82.199.68.72 15830 (EQUINIX-C...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.224.100.124 16509 (AMAZON-02)
1 199.232.136.157 54113 (FASTLY)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 184.30.24.185 16625 (AKAMAI-AS)
1 2 216.58.212.134 15169 (GOOGLE)
1 35.227.202.26 15169 (GOOGLE)
5 9 185.33.221.14 29990 (ASN-APPNEX)
19 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 2620:119:50e4... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 104.244.42.133 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
12 34.249.39.204 16509 (AMAZON-02)
2 3.248.66.228 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2001:678:cb4:... 56396 (TURN)
3 69.173.144.165 26667 (RUBICONPR...)
2 52.50.64.214 16509 (AMAZON-02)
1 104.244.42.3 13414 (TWITTER)
2 4 142.250.185.98 15169 (GOOGLE)
36 34.205.96.170 14618 (AMAZON-AES)
2 2 3.121.49.210 16509 (AMAZON-02)
1 3 35.244.159.8 15169 (GOOGLE)
1 2 198.148.27.139 19189 (PULSEPOINT)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 216.52.2.39 30282 (AS-INAPCD...)
1 185.86.137.131 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 1 172.105.221.29 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 35.205.207.25 15169 (GOOGLE)
1 184.30.24.198 16625 (AKAMAI-AS)
2 3 184.30.24.241 16625 (AKAMAI-AS)
1 1 199.127.207.191 26120 (RHYTHMONE)
1 1 3.127.178.105 16509 (AMAZON-02)
1 1 3.223.81.219 14618 (AMAZON-AES)
1 52.31.77.198 16509 (AMAZON-02)
1 1 23.45.110.176 16625 (AKAMAI-AS)
10 10 151.101.114.49 54113 (FASTLY)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2a03:2880:f13... 32934 (FACEBOOK)
3 3 213.19.147.45 3356 (LEVEL3)
1 104.17.208.240 13335 (CLOUDFLAR...)
302 83
2    199.60.103.254 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
15    184.30.20.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-111.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
content.api.news
8    184.30.20.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
tags.news.com.au
1    151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
17    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
8    184.30.24.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
resourcesssl.newscdn.com.au
2    199.232.137.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
3    13.224.102.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-122.zrh50.r.cloudfront.net
sb.scorecardresearch.com
2    23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
15    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
15.taboola.com
cdn.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
match.taboola.com
11    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
6    104.111.230.77 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
login.newscorpaustralia.com
5    104.109.77.38 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-77-38.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
1    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
ad.doubleclick.net
1    2600:9000:2190:ae00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
17    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googleadservices.com
2    2600:9000:206f:ec00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
5    2600:9000:2190:4600:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
1    99.86.2.86 (United States)

ASN16509 (AMAZON-02, US)
au.tags.newscgp.com
3    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    104.111.247.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-190.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
1    2600:9000:2190:6600:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
seccdn-gl.imrworldwide.com
1    2600:9000:211e:3400:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.vidora.com
1    13.224.102.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-91.zrh50.r.cloudfront.net
cdn.adsafeprotected.com
2    3.232.164.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-164-179.compute-1.amazonaws.com
ping.chartbeat.net
2    35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
metrics.heraldsun.com.au
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    34.249.30.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pixel.adsafeprotected.com
4    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
3    52.214.68.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-68-15.eu-west-1.compute.amazonaws.com
dpm.demdex.net
4    63.35.128.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-128-189.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    2600:1f18:612b:4264:7659:1bf:d736:fba9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
1    18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
4    185.94.180.126 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    3.120.242.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-242-149.eu-central-1.compute.amazonaws.com
x.bidswitch.net
13    34.243.47.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
newscorpau.demdex.net
dpm.demdex.net
1    34.255.166.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-243.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    82.199.68.72 (Zwolle, Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)
bs.serving-sys.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c435ce09fb9281cc6d5090d0e86ec874.safeframe.googlesyndication.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    13.224.100.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-100-124.zrh50.r.cloudfront.net
js.adsrvr.org
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:7100:1b2::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    184.30.24.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-185.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    216.58.212.134 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net
8228261.fls.doubleclick.net
1    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
au-gmtdmp.mookie1.com
9    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
ib.adnxs.com
19    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2620:119:50e4:101::6cae:b55 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
12    34.249.39.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
2    3.248.66.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-66-228.eu-west-1.compute.amazonaws.com
secure-dcr.imrworldwide.com
1    2600:9000:211e:6a00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
nwt2au9hcz6hxvpkrq8tvgere9cqq1619090302.nuid.imrworldwide.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    52.50.64.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-64-214.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
36    34.205.96.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-96-170.compute-1.amazonaws.com
dt.adsafeprotected.com
2    3.121.49.210 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    172.105.221.29 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    35.205.207.25 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
ads.avads.net
1    184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-198.deploy.static.akamaitechnologies.com
image5.pubmatic.com
3    184.30.24.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
1    199.127.207.191 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
1    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
1    3.223.81.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-81-219.compute-1.amazonaws.com
usermatch.krxd.net
1    52.31.77.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-77-198.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    23.45.110.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-110-176.deploy.static.akamaitechnologies.com
tags.bluekai.com
10    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    2a03:2880:f13d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com
Apex Domain
Subdomains		 Transfer
62 adsafeprotected.com
cdn.adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
571 KB
43 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
vidstat.taboola.com
trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
match.taboola.com
366 KB
28 googlesyndication.com
pagead2.googlesyndication.com
c435ce09fb9281cc6d5090d0e86ec874.safeframe.googlesyndication.com
tpc.googlesyndication.com
97 KB
25 doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
8228261.fls.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
160 KB
16 demdex.net
dpm.demdex.net Failed
newscorpau.demdex.net
20 KB
16 heraldsun.com.au
www.heraldsun.com.au
metrics.heraldsun.com.au
211 KB
11 everesttech.net
cm.everesttech.net
sync-tm.everesttech.net
2 KB
11 imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
nwt2au9hcz6hxvpkrq8tvgere9cqq1619090302.nuid.imrworldwide.com
77 KB
10 adnxs.com
acdn.adnxs.com
secure.adnxs.com
ib.adnxs.com
11 KB
8 adsrvr.org
match.adsrvr.org
js.adsrvr.org
insight.adsrvr.org
7 KB
8 newscdn.com.au
resourcesssl.newscdn.com.au
58 KB
8 news.com.au
tags.news.com.au
217 KB
7 googletagservices.com
www.googletagservices.com
244 KB
6 google.com
adservice.google.com
www.google.com
444 B
6 newscorpaustralia.com
login.newscorpaustralia.com
12 KB
5 tiqcdn.com
tags.tiqcdn.com
23 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
3 KB
4 bidswitch.net
x.bidswitch.net
1 KB
4 spotxchange.com
sync.search.spotxchange.com
3 KB
3 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
3 KB
3 pubmatic.com
simage2.pubmatic.com
image5.pubmatic.com
image2.pubmatic.com
2 KB
3 openx.net
u.openx.net
us-u.openx.net
471 B
3 rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
692 B
3 google.de
adservice.google.de
www.google.de
337 B
3 serving-sys.com
secure-ds.serving-sys.com
bs.serving-sys.com
21 KB
3 crazyegg.com
script.crazyegg.com
24 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
2 1rx.io
sync.1rx.io
900 B
2 krxd.net
usermatch.krxd.net
beacon.krxd.net
526 B
2 avads.net
ads.avads.net
486 B
2 lijit.com
ce.lijit.com
1018 B
2 contextweb.com
bh.contextweb.com
828 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 googleadservices.com
www.googleadservices.com
30 KB
2 chartbeat.net
ping.chartbeat.net
336 B
2 fontawesome.com
use.fontawesome.com
91 KB
2 perfectmarket.com
widget.perfectmarket.com
32 KB
2 silobreaker.com
info.silobreaker.com
4 KB
1 qualtrics.com
zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com
18 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
475 B
1 facebook.com
www.facebook.com
242 B
1 bluekai.com
tags.bluekai.com
836 B
1 eyeota.net
ps.eyeota.net
418 B
1 scanscout.com
dt.scanscout.com
692 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
362 B
1 criteo.com
dis.criteo.com
503 B
1 emxdgt.com
e1.emxdgt.com
45 B
1 smartadserver.com
rtb-csync.smartadserver.com
697 B
1 twitter.com
analytics.twitter.com
284 B
1 turn.com
d.turn.com
402 B
1 t.co
t.co
170 B
1 mookie1.com
au-gmtdmp.mookie1.com
608 B
1 googletagmanager.com
www.googletagmanager.com
33 KB
1 licdn.com
snap.licdn.com
2 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 advertising.com
pixel.advertising.com
124 B
1 tremorhub.com
taboola-supply-partners.tremorhub.com
182 B
1 vidora.com
assets.vidora.com
4 KB
1 newscgp.com
au.tags.newscgp.com
48 KB
1 chartbeat.com
static.chartbeat.com
24 KB
1 web.app
ts2020-indies-client.web.app
3 KB
1 api.news
content.api.news
91 KB
1 speedcurve.com
cdn.speedcurve.com
7 KB
0 exelator.com Failed
loadus.exelator.com Failed
302 65
Domain Requested by
36 dt.adsafeprotected.com www.heraldsun.com.au
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
15 dpm.demdex.net www.heraldsun.com.au
tags.news.com.au
15 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
info.silobreaker.com
www.googletagservices.com
14 www.heraldsun.com.au 3 redirects info.silobreaker.com
www.heraldsun.com.au
tags.tiqcdn.com
13 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
12 static.adsafeprotected.com pixel.adsafeprotected.com
www.heraldsun.com.au
11 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
10 sync-tm.everesttech.net 10 redirects
10 images.taboola.com www.heraldsun.com.au
8 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
8 tags.news.com.au 1 redirects tags.tiqcdn.com
au.tags.newscgp.com
7 www.googletagservices.com securepubads.g.doubleclick.net
7 trc.taboola.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
ad.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
6 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
5 sync.taboola.com 2 redirects www.heraldsun.com.au
5 ib.adnxs.com 3 redirects www.heraldsun.com.au
5 cdn-gl.imrworldwide.com www.heraldsun.com.au
seccdn-gl.imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
5 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
4 cm.g.doubleclick.net 2 redirects www.heraldsun.com.au
4 www.google.com securepubads.g.doubleclick.net
www.heraldsun.com.au
4 secure.adnxs.com 2 redirects www.heraldsun.com.au
4 x.bidswitch.net 3 redirects imprammp.taboola.com
4 sync.search.spotxchange.com 3 redirects www.heraldsun.com.au
4 match.adsrvr.org 3 redirects imprammp.taboola.com
3 sync-t1.taboola.com imprammp.taboola.com
www.heraldsun.com.au
3 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
2 sync.1rx.io 2 redirects
2 ssum.casalemedia.com 2 redirects
2 ads.avads.net 2 redirects
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 bh.contextweb.com 1 redirects www.heraldsun.com.au
2 pixel.rubiconproject.com www.heraldsun.com.au
2 u.openx.net 1 redirects www.heraldsun.com.au
2 rtb.mfadsrvr.com 2 redirects
2 insight.adsrvr.org js.adsrvr.org
2 secure-dcr.imrworldwide.com www.heraldsun.com.au
2 www.google.de www.heraldsun.com.au
2 px.ads.linkedin.com 2 redirects
2 googleads.g.doubleclick.net www.googleadservices.com
2 www.googleadservices.com secure-ds.serving-sys.com
www.googletagmanager.com
2 8228261.fls.doubleclick.net 1 redirects info.silobreaker.com
2 js.adsrvr.org secure-ds.serving-sys.com
2 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
2 metrics.heraldsun.com.au tags.news.com.au
www.heraldsun.com.au
2 ping.chartbeat.net www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 secure-gl.imrworldwide.com 1 redirects www.heraldsun.com.au
2 trc-events.taboola.com www.heraldsun.com.au
2 use.fontawesome.com cdn.taboola.com
use.fontawesome.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 info.silobreaker.com 1 redirects
1 zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com tags.tiqcdn.com
1 sync.targeting.unrulymedia.com 1 redirects
1 www.facebook.com www.heraldsun.com.au
1 image2.pubmatic.com www.heraldsun.com.au
1 us-u.openx.net www.heraldsun.com.au
1 dsum-sec.casalemedia.com www.heraldsun.com.au
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 ps.eyeota.net 1 redirects
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com www.heraldsun.com.au
1 bttrack.com www.heraldsun.com.au
1 s.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com www.heraldsun.com.au
1 rtb-csync.smartadserver.com www.heraldsun.com.au
1 simage2.pubmatic.com www.heraldsun.com.au
1 match.taboola.com www.heraldsun.com.au
1 analytics.twitter.com static.ads-twitter.com
1 token.rubiconproject.com www.heraldsun.com.au
1 d.turn.com 1 redirects
1 nwt2au9hcz6hxvpkrq8tvgere9cqq1619090302.nuid.imrworldwide.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 px4.ads.linkedin.com www.heraldsun.com.au
1 www.linkedin.com 1 redirects
1 au-gmtdmp.mookie1.com www.heraldsun.com.au
1 acdn.adnxs.com info.silobreaker.com
1 www.googletagmanager.com secure-ds.serving-sys.com
1 snap.licdn.com info.silobreaker.com
1 static.ads-twitter.com info.silobreaker.com
1 c435ce09fb9281cc6d5090d0e86ec874.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 bs.serving-sys.com secure-ds.serving-sys.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 pixel.advertising.com imprammp.taboola.com
1 taboola-supply-partners.tremorhub.com imprammp.taboola.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 am-vid-events.taboola.com www.heraldsun.com.au
1 imprammp.taboola.com vidstat.taboola.com
1 cdn.adsafeprotected.com tags.news.com.au
1 assets.vidora.com www.heraldsun.com.au
1 seccdn-gl.imrworldwide.com tags.news.com.au
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 vidstat.taboola.com cdn.taboola.com
1 15.taboola.com cdn.taboola.com
1 content.api.news www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 loadus.exelator.com Failed www.heraldsun.com.au
302 107
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
news.com.au
DigiCert SHA2 Secure Server CA		 2021-02-25 -
2022-02-28		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2020		 2020-12-09 -
2022-01-10		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2021-04-19 -
2022-04-27		 a year crt.sh
web.app
GTS CA 1D4		 2021-03-17 -
2021-06-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-02-01		 a year crt.sh
au.tags.newscgp.com
Amazon		 2021-01-25 -
2022-02-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-09 -
2021-06-09		 a year crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA		 2021-03-17 -
2022-03-22		 a year crt.sh
*.vidora.com
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.adsafeprotected.com
Amazon		 2020-08-19 -
2021-09-18		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
metrics.heraldsun.com.au
DigiCert SHA2 High Assurance Server CA		 2020-04-13 -
2021-07-15		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2020-09-09 -
2021-10-09		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
bs.serving-sys.com
Go Daddy Secure Certificate Authority - G2		 2020-01-07 -
2022-03-08		 2 years crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2020-06-26 -
2021-07-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2020-10-26 -
2021-11-26		 a year crt.sh

This page contains 40 frames:

Primary Page: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
Frame ID: FE8B24FD918DDAF71CBF12872FDC0CC6
Requests: 157 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=uPJ84jF4fBmFptgRo9ROZUnUKUgV95bm&nonce=Q9sFY17t6KuMT87LCQVFO99Eae39Hpkf&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: 20ED9DA8F639B62893D6A375F0923593
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=1e.smvZsQM9lDy9oC_z0C.xognUbTtiQ&nonce=icrgOPk_gcdlw4YMfD2Uzs5o5QUat89U&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: B994C1DE35ACE489AF21E6616F24DF27
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=GGM6h12qkFYj9.SYAwP5zeRr~moP-qZK&nonce=0kkUAcgltHCyK~EiUaUtEj-jF-0hMr7k&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: 24BBE670200B77A65367D9B68191825C
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oC~GkSNXfsELlzcfgtLcKSIZYtTZ2SAz&nonce=00UQ1Rv1Sy9ZJ.ejZFnr0IdMthZ-NShN&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: 89E1C0B7A130071F0893C32679822FC3
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7vKwCFgPoL7TmNGz-QQToL7TmNGz-QQUAAAAGBvQHHDNjjhiTyWaxoOw2w8VwNVjMlpPhcDNZLYfAMTPmiDGZbBYLym4zXAxHy8ViORqtdpPRcgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIt0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA735qXy-u0-9yiv1vier41g7Xa7tYcXqe70-sW-T0vz1tm-bvdktfn83S4NaeH6eUWXF5up8vyl7t8n7fm9Lc8_6rFyDHzzVwri2_iWOwWK4fJMbMNdjOPy2Ibjlx2AAAAAHgAmBK8h_gBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAAEDQGdMAgOJgONfd-rIbHa7Py-4PAICHAhAAAAEMEoCCveISgI2R_hMAAAAAAAAAAJb_____mAH6lhoZgJCzhB6ABx-AB6KCxCJGAAAAAJBMbR5HkzqhsqgCACBItwK4AgAIwMtvCtMNAwAAIBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkRmZmlBLAAAar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxCT2WCz2i2Ho9kBAAAA3P3____rgZhr5BnMVpaZxeabWEaWwcayMVkcDpPJYXLNnCPv9XnCwC7dGuL1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTvsVmOfHY1hLHbuQWzTYmt3Kz2LgVvsnEsByZhgvfbi16fUy_3cJlmJm8KBhguRfBRTqRu3yfj99yeLjeCtfJLXRZHmaT53W3iCWak0U6kV32NdfIM5itLDOLzTexjCyDjWVjsjgcJpPD5Jo5R_6Gb7FZTjy2tcSxG7lFs43JrdwsNm6FbzIxLEem4cK3W4teH9Nvt3AZZiZ_Y7ZYDpaDzWCxb8wWy8FysBks9h06w3f1ORs9Q53IY1MspI_jUGY-KFwGi_cnMS2m3dnB8_sdnTb1S1nUGYWX79FrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0IjLMFpPBbDHYDCY2l2e42GwGI8vCZhoMBrOZazURS5Smi3Sil1heDq_T7nPLXb7PX-eyvB1251vzcnmddp9b9HdLXM-3ZrBW292aw-t0d3rdIr_n5XnLLH-3W_L6fJ4Ot-b0ML3cgsvL7XRZ_nKX7_PWnP6W51-1GDlmvplrZfFNHIvdYuUwOWa2wW7mcVlsw5HLov5jQ4xGc91srhgs55rBKgEAAAAAAAAALGHOvAkAAADAaTCr5Wa2Wi5ARD6g7k9yczPRz09ycePHGO7yfT5-y-HheitcJ7fQZXmYTZ7X3coAEfeszJs9E8RarZY1AACAADYAAEAAt27eAsIsOQ!&cmcv=&pix=undefined&cb=1619090301838&uv=2957&tms=1619090301838&abt=aat1_vA!adh5c-1_vA!id5mc_vA!insc_vA!spa2_vA!sre_vA!t45!ufm!ul89551-722_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F9D12231A273818501692883259&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 9C4AFCD95ED5CDE1283264847BFA1E85
Requests: 6 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 63CCE326DBE8C3DB83AFAA25AD8B80F3
Requests: 22 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: B9874159DECAB3E3DB7BEDE9803FAF9B
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 2FB6524835DDBE5F397DC5BE8FB1B45C
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: A2548E4EB8037926C41B4FE8BB45A7ED
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 127F4FEE97840F3AA36C87068B485C8D
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: EF15357A5B9E0A968F82F401CF1822FA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: AABA229160F1807E4BB2BD6738EDC03B
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKTK0LLdkfACFSjauwgdmcUKEw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881.07898
Frame ID: FA2774F080402B6F22C4EA87FFEE0E7B
Requests: 2 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 340D4A747CF75990388807A5397438E4
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: EE9509945C3E1FEBA8375E37137F3365
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: EA94C3CEF4940355CDD1F56321809632
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumnnQClsbi0EtzE4yNBs6q-XBdYSLiAtTFeEQ8ACn4ozjQPRwwRwiebn3z_SCjBiMBSngz_hxsusNQ-pVlP2UvG_U82PfVnjQVcgnCvAYoiWQsb7_rLVPSU2EhnUJzy11Saq8055RBnFoMaua3Dt_dEnI8ayiEB8Pl7kwNCZA3lRNZVx8PHUD1ZOmOYjsBpl8PN7f2CBK3MGCcd_mQwk4k3W-ww93SX7tG1svSEBniqCfa7Qxa1ykBgSFJg56jfRUugs0N1SI1LM1-cTmyGCOUpOoqX6AEIprnNUl9qp4LLiVVcXLMEPpJwtm03gnY4AI&sai=AMfl-YQfg1aTSOYsju5y9sx6nxRtNpGKwygKoIczAPAc7L5BEr1SPJEXbJXIdC5kPfeAL_NT_DC4RJ4Myxcc&sig=Cg0ArKJSzMPG8soc8LakEAE&adurl=
Frame ID: F55D45B5A4CDFE9FA3B8625092338C1C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstwSSKbP9928NsB4OLwq9eQNKL7v0bt9nDWKJjzfO9ydZTYcPKomLhPpsaGOgW--lVZoLw8bTaZgBsHN9Jad15Zs81OQqcRLD6QeQXSlIIpeWr4VtTyikZ2I3bA8CZ1itWMLSwE1ZiwMMz9WpN52vAtXoIgm33wjaVqMkN5YPyYTRLvKsrkZWXHb5xNVF1ttxpTH2YPsqcdyRDELXpPNUPJPA55066fiIyOVAI8WLrcdBgIaq5rfdUnMXuUXSeayWwB8l69ViDiyXsNS5I_mljPXskObaVfTUFpu1Nzo_J-YrG8OFviqYc3kcN7Wo5Bog&sai=AMfl-YR37fL5IZ3CeTc2hlA2ReBowNZWe0uxmdfPZNW5cDNnaQVMBI036C1EdKHMpWwfjXvyk-sxSEROOvJg&sig=Cg0ArKJSzDLeLTZgiPDhEAE&adurl=
Frame ID: C1A23CE7D93F7BDD608724F82CE35B32
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqKQR1izMZjid5JcBKia4k19PLjjGXeCqxDAcPTOns1yq7slerMEqouStIoZ3MISzdcgW9LvIwuYSRowf-Q0sWO-bhDpZkQfrq_zwsWHknsX9zNc5EqyY-Wt4ncFthXHrOl2WY2HO8XOPrJwYbPD52VmdUxjL9-04BremIs2HRYL-O3hj1XwDe3m2zfLdP73qnls-Ab7SLXIQjYJBv6DP_NyZ6fM6oqFrYhO1vs6Uk5hZp9vcG_L4IjLCNgRRD5trQHyE3LR34TplD1TTtAw3QP8PgMvT9t6f_5aXzE1XoLtLhKPsvgcbmAMsi5C6EmY8&sai=AMfl-YSVP0gqcD93bi9QdzxVSeZX6Ao55OZU5GhSr-5wbAvIUFexlUgVB9VOauCk4G-Y728TywFbq4nPpxg5&sig=Cg0ArKJSzLHSGh4l_wBiEAE&adurl=
Frame ID: F6D908D78282EAE49B19971F1B308C98
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlsm0AOb-uxLyszLTDX3f0u-XEzNvK1I3Jmx3-C9okSYT4TI4Ku1SpSNlsUZHhhLSU4hjseueI9B4jNbAw56T7nfc5F_EhQkONYsMKqLoy84nbLnbg_qhXBUKmzh-i18rWbeQrAtv2AW5_znNvKqOMg5-osiiSTYeJXSZwcekF6CdpeEBN9FspqwJl9wyrwC5Gqi8S3m8tfB22qoAK3sgIgp9gx_zSVrPb6WzJUQqvQ-QfaG-EXUe9O5u58sNsmeu2-HO8XvqoDoCk0UI0b6JYGqmnyzo6fFmodkdsIN_3PGXunr9OfYlgXWZdPRD3lZ4&sai=AMfl-YT9-c_kakqOH-cMkuK4eNiU48DRbj7uD7oQigjbju4vYSOP5aH0DVLxYrteW5jT1MpAfKkHPcn3oPFu&sig=Cg0ArKJSzJsJz-W94aZ8EAE&adurl=
Frame ID: 68B26B323352382BDC18532C8348A524
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmLQPHV3RJlVzWE8FRfMR9UojJgmODYk5cmo-tYck9FvdlVGCOO2m2rJPx2oUyqCX-ztRly3qZq-FoakVnQF3hgvun10bvJRi6cZtKAwNN3kR-7L_kgvMUPkjIJAEQT1T3t9TwZT0QKtfdvS2-GvUxHidgQu4eJ7XpF2bd2FTvHkfJh2yBvCUPImPbXRSZF8Xqngcf4Av27ZEW9wsB07rKTObokd-5LQ96UQYWMgYQPkBzx1eORSLk3jXzy-ZUvT6GAtKmbtzWmN5NV1vbh3K53djOXKyv7oqkDZ9AvemCJJN2JS79UchS2cZgzWfpaoo&sai=AMfl-YRWzdL7c5SQUhl_GKshAwojDLyefu3vgOcR8cOv5Fxfw1Quj50Iw2sztGExA0OdlJYF7w0e-NGxo7Bu&sig=Cg0ArKJSzLUwpY5fvgvQEAE&adurl=
Frame ID: 81D079A34D869FCE89699B6EB759E94C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQPRIXQ97If280uJ8nodhrSs1Z2FDKSLO3bXBuKCeVYYhI2YGJkUEP8Jd8C7YxyybJPU1kmLWWW5hyiEjmgM-xevf-vRWMcuxTQUllXk5ZuFkZDSeo_W7UnkSkl063gvtZ7g3kkEnLoQ2FjaRFleF5yqe7A_BNc3FHJJA3_-YorU-f5K9Txu2KbbeDXjqmagysxwOyDvDKFSrcq4ZDzPsTDAE7FDRmAM2GioWBRvepIVr-DPb0mlSWUqN_ywQ5uAgUOiYDR594_OV-1q7aqU9MPtceEjYWO873uhaRZS9aMprVAY0B4-4JEh2SfOrEpCw&sai=AMfl-YSN0IMOBBfatgSNFiXaszxWCnBG89_sdO_AleucZYmuSJvEf4LLe0Q2Fd48jIP-yJ5QsUYe9EXf9Ecz&sig=Cg0ArKJSzJbf1p6T0SpsEAE&adurl=
Frame ID: C71FF566F45D939AF6CA6A7D531BCD39
Requests: 8 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 65EA2C602373D7D08A5E9675D22C182F
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=2136639323&custom=story&custom3=168400391&adsafe_par&impId=72acd536-a35c-11eb-9f5d-0ae27972a930
Frame ID: 3F3B5723F106AD34F87E7A324CC1E24A
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=275573333&custom=story&custom3=168400391&adsafe_par&impId=72acd537-a35c-11eb-9f5d-0ae27972a930
Frame ID: 5FFBB659B3049088524A9A6B20B827FC
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1586281605&custom=story&custom3=168400391&adsafe_par&impId=72acd538-a35c-11eb-9f5d-0ae27972a930
Frame ID: BA100C3D7D96A94EC084EF81836AF68F
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1772958183&custom=story&custom3=168400391&adsafe_par&impId=72acd539-a35c-11eb-9f5d-0ae27972a930
Frame ID: 40E2DE9FD9F136DF2ED7E15BE2EC29B4
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1582644768&custom=story&custom3=168400391&adsafe_par&impId=72acd53a-a35c-11eb-9f5d-0ae27972a930
Frame ID: 60FB1C7DCFA5690373E4F132E5C8A71A
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=778180840&custom=story&custom3=168400391&adsafe_par&impId=72acd53b-a35c-11eb-9f5d-0ae27972a930
Frame ID: 479C1B629C90394E961D595A3F9C86F6
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: E989028B644424E13D6E12C72E0C9CC7
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&upid=trk7f24&upv=1.1.0
Frame ID: 8B78ACBF646823B1D2800ED61056BEFE
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&upid=ekg5qxt&upv=1.1.0
Frame ID: 0C688B0D483FD49B8D112D4A7AD6587A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 533731699E64EBFC1AC61313BB0206A3
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 748332976EFC5430025B3E13A7C3065B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 1680939EEA0AB667887947FC41BFCB1E
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=76503a2e-1c1a-4980-8c34-1f9083bc1417&tbid=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff&query=taboola_hm%3D76503a2e-1c1a-4980-8c34-1f9083bc1417&isDirect=0
Frame ID: 485B67784C2464DBA7D038362B90750B
Requests: 18 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 30FAFE00D8F68CC0B0758B1166358394
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: E3D8614A26A766A8452CDA64A1E59139
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 40B2E65763A5B9301A0A6F5DEFA6A4FE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_r... HTTP 307
    https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-st... HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbre... HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-st... HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews... HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-st... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • script /serving-sys\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

302
Requests

97 %
HTTPS

29 %
IPv6

65
Domains

107
Subdomains

83
IPs

8
Countries

2501 kB
Transfer

7506 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1?_ud=a81244d8-cc9b-4cbc-a3d2-5e5e90ceeb71&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2fnews-story%2f51d1f7f5eb7b1171ead1f607fceb68de%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2fnews-story%2f51d1f7f5eb7b1171ead1f607fceb68de%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&16190902971476602539 HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1619090301098&ns_c=UTF-8&cv=3.5&c8=Germany%20seeking%20to%20buy%2030%20mn%20Sputnik%20doses%20from%20Russia%3A%20state%20premier%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619090301098&ns_c=UTF-8&cv=3.5&c8=Germany%20seeking%20to%20buy%2030%20mn%20Sputnik%20doses%20from%20Russia%3A%20state%20premier%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&c9=
Request Chain 66
  • https://secure-gl.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 84
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619090301866 HTTP 0
  • http://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619090301866
Request Chain 97
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=72a9ccfb-a35c-11eb-bbae-1d34abdd0206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=72a9ccb5-a35c-11eb-bbae-1d34abdd0206&orig=video&us_privacy=1---
Request Chain 104
  • https://cm.everesttech.net/cm/dd?d_uuid=43064906755279672506849208158330175690 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIFbfgAAACDCgSkN
Request Chain 120
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881.07898 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CKTK0LLdkfACFSjauwgdmcUKEw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881.07898
Request Chain 123
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Request Chain 124
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Request Chain 161
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619090302486&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1619090302486%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619090302486&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619090302486&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIis4PXFJ5gqAAAAXj5TWi2x4zm95hJ9PVXcpgxi8M0Q3uxmxO_5X5RJv8rxFtTkeSaNL6o
Request Chain 187
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=8227207831494261988 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=8227207831494261988
Request Chain 205
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3146524792727287686 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=470&dpuuid=3146524792727287686
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDMwNjQ5MDY3NTUyNzk2NzI1MDY4NDkyMDgxNTgzMzAxNzU2OTA= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFTzZz8kEDzi_1-zFZ-PKYU&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 222
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=76503a2e-1c1a-4980-8c34-1f9083bc1417 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=76503a2e-1c1a-4980-8c34-1f9083bc1417&tbid=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff&query=taboola_hm%3D76503a2e-1c1a-4980-8c34-1f9083bc1417&isDirect=0
Request Chain 223
  • https://u.openx.net/w/1.0/sd?id=543998486&val=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&gdpr=0&gdpr_consent=
Request Chain 225
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9MDmkyRTYt2x&ev=1&orig=trc&pid=562107
Request Chain 226
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=8227207831494261988&orig=trc
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO36c-c6JTg6QuC2Yh-rypw&google_cver=1
Request Chain 229
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff
Request Chain 230
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a15e70da-69a0-4b0d-9623-e3f65a8c1ba2
Request Chain 231
  • https://ce.lijit.com/merge?pid=42&3pid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 235
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=cd36028c-7a96-4892-9485-8132d28ac7e6
Request Chain 236
  • https://id5-sync.com/s/464/9.gif?puid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOXSlSqVkSia9ZN9lrbtpKoWqnlYjQu88OzQPD9A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOXSlSqVkSia9ZN9lrbtpKoWqnlYjQu88OzQPD9A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=7e998a3f-a37f-4a17-8316-c808a3e80546&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/5/3.gif?puid=e_3c6cf5b9-28ea-4631-93a0-ae4de436b900&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESECVwhyJjPzx6HPSspHIuDMc&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESECVwhyJjPzx6HPSspHIuDMc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8227207831494261988&opid=apx&ops=&utidl=tech:goo:CAESECVwhyJjPzx6HPSspHIuDMc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17061556163&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/3/5.gif?puid=8cb75370ae05c4f217e05287cf5ab84f&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/2/6.gif?puid=a0baf130-4200-428e-b527-dd2c4550d8ab&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
Request Chain 237
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=WnTZ0Qx2CvmP5fuYgFuBYA
Request Chain 239
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=40e245bb-324e-4146-9081-e1e8d0d2c753&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=40e245bb-324e-4146-9081-e1e8d0d2c753&gdpr=0&av_tc=True HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=d4fdfc70-598b-4958-8c43-8eff5f86f69f&expires=2&ssp=taboola&bsw_param=40e245bb-324e-4146-9081-e1e8d0d2c753 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=40e245bb-324e-4146-9081-e1e8d0d2c753
Request Chain 245
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=a15e70da-69a0-4b0d-9623-e3f65a8c1ba2
Request Chain 259
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIFbf8zIyq3U685H.fFlqgAA%261177
Request Chain 262
  • https://dt.scanscout.com/ssframework/uid?UIAA=43064906755279672506849208158330175690&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-cbb85367852dcc3219d38964cc864572
Request Chain 263
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=43064906755279672506849208158330175690&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 264
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=43064906755279672506849208158330175690 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=43064906755279672506849208158330175690
Request Chain 266
  • https://tags.bluekai.com/site/43981?id=43064906755279672506849208158330175690&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=K1rGBy9999OBX%2FaQ
Request Chain 267
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=YIFbgAAAXorW6gBg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlGYmdBQUFYb3JXNmdCZw==&_test=YIFbgAAAXorW6gBg
Request Chain 272
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=YIFbgAAAXnP5fQAC HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIFbgAAAXnP5fQAC&expires=90&_test=YIFbgAAAXnP5fQAC
Request Chain 278
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIFbgAAAXnP5fQAC
Request Chain 279
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YIFbgAAAXnP5fQAC
Request Chain 282
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YIFbgAAAXnP5fQAC
Request Chain 285
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIFbgAAAXnP5fQAC
Request Chain 286
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIFbgAAAXnP5fQAC&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIFbgAAAXnP5fQAC&img=1&__user_check__=1&sync_id=74716b4a-a35c-11eb-b5f8-129210fe0506
Request Chain 287
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIFbgAAAXnP5fQAC&t=2592000&o=0
Request Chain 289
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff
Request Chain 290
  • https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1619090305407 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-dee99091-8dcc-4335-9a0a-5f5e08808441-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-dee99091-8dcc-4335-9a0a-5f5e08808441-003 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-dee99091-8dcc-4335-9a0a-5f5e08808441-003

302 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2...
info.silobreaker.com/e2t/tc/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d986b0611e24260cb38265fbebd61719b013f2acdfe34a9fadab7c923cc9b8

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:16 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d2083c0d82a43464c34cf3af21e4f08b11619090296; expires=Sat, 22-May-21 11:18:16 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=c75dc48042a31ea7cdb2d9254f9a63a3aa6baf6c-1619090296; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
643e7352cbaf2b95-FRA
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
099ae667b900002b95fd132000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
9aea4578-40dc-4317-bf1f-0951504966ae
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Eu4%2FjoU6mRqMqUh0%2FKAnUoqiY2K8Gmd6DaW44yptjZQnHQrqjp6PS61Vyv37r%2FDkkbxi047Gz2ZDVgpkR7pia%2FIGJU257ZIJzgXFNwgSbyELH8RQXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
Primary Request 51d1f7f5eb7b1171ead1f607fceb68de
www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-f...
  • https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUp...
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2fnews-sto...
  • https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUp...
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2fnews-s...
  • https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUp...
217 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
eefa532420e445f8e2e9627bdad975d0f5c4228f60fd31de699171fef5ce71fd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.heraldsun.com.au
:scheme
https
:path
/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
n_regis=123456789
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1

Response headers

server
nginx
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; Expires=Thu, 29 Apr 2021 11:18:17 GMT; Path=/ nk=3cbc7ad141fd17bb5e0c1222bb81034f; expires=Sun, 21 Apr 2024 11:18:19 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; Expires=Thu, 29 Apr 2021 11:18:17 GMT; Path=/; SameSite=None; Secure
x-powered-by
WordPress VIP <https://wpvip.com>
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
vary
User-Agent Accept-Encoding
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2fnews-story%2f51d1f7f5eb7b1171ead1f607fceb68de%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY%26nk%3d3cbc7ad141fd17bb5e0c1222bb81034f-1619090297&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=51d1f7f5eb7b1171ead1f607fceb68de&session=3cbc7ad141fd17bb5e0c1222bb81034f
x-arrrg5
BlaizeHappened
x-rq
ewr4 116 215 3221
x-xss-protection
1
x-content-type-options
nosniff
host-header
a9130478a60e5f9135f765b23f26593b
content-encoding
gzip
cache-control
max-age=56
expires
Thu, 22 Apr 2021 11:19:16 GMT
date
Thu, 22 Apr 2021 11:18:20 GMT

Redirect headers

server
AkamaiGHost
content-length
154
content-type
text/html
location
https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
set-cookie
nk=3cbc7ad141fd17bb5e0c1222bb81034f; expires=Sun, 21 Apr 2024 11:18:17 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary
Accept-Encoding
etag
"05563c72b22b39afb384f19701c03047:1600838589.100191"
expires
Thu, 22 Apr 2021 11:18:17 GMT
cache-control
max-age=0, no-cache
pragma
no-cache
date
Thu, 22 Apr 2021 11:18:17 GMT
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
pragma
no-cache
cookie
n_regis=123456789; AWSALB=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; nk=3cbc7ad141fd17bb5e0c1222bb81034f; AWSALBCORS=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:20 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
74
x-rq
ewr4 114 24 3161
last-modified
Wed, 10 Mar 2021 01:11:17 GMT
server
nginx
etag
"60481cb5-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 22 Apr 2021 11:18:21 GMT
lux.js
cdn.speedcurve.com/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
8e0cf75c2cfcb35edbce8e01875f1690dc3ffbfbb3eff4f3e02f69da5a5d6846

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:20 GMT
via
1.1 vegur, 1.1 varnish
age
2472
x-cache
HIT
x-cache-hits
9
content-encoding
gzip
content-length
6820
x-served-by
cache-hhn4020-HHN
last-modified
Thu, 22 Apr 2021 10:37:08 GMT
server
Apache
x-timer
S1619090301.888878,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Apr 2021 10:37:08 GMT
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		256 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdd0ec69f2e3415a4c3a1644b473a8610cc15fff6308887aca5f561725ce3012

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
TG5MlNwQ1UjUpIHl2KthaybbM2W5BH.i
content-encoding
gzip
etag
"bd0cd183c28a3b341b46d3bd36939b20"
age
2
x-cache
HIT
content-length
35587
x-amz-id-2
ZkIJmGL+Co39ry3CCUVLurmM87yDc6F596P0gAE0K+pAut9fFsXttd6TVjTHoYFPU+fUSNFUNn0=
x-served-by
cache-fra19180-FRA
last-modified
Wed, 21 Apr 2021 13:17:41 GMT
server
AmazonS3
x-timer
S1619090301.879932,VS0,VE1
date
Thu, 22 Apr 2021 11:18:20 GMT
vary
Accept-Encoding
x-amz-request-id
FKJ44ER3VNJGKAY2
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
77
x-cache-hits
1
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		37 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
pragma
no-cache
cookie
n_regis=123456789; AWSALB=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; nk=3cbc7ad141fd17bb5e0c1222bb81034f; AWSALBCORS=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:20 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
14385
x-rq
ewr4 114 120 3167
last-modified
Mon, 12 Apr 2021 00:05:02 GMT
server
nginx
etag
W/"60738eae-948d"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1693491
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 12 May 2021 01:43:11 GMT
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
pragma
no-cache
cookie
n_regis=123456789; AWSALB=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; nk=3cbc7ad141fd17bb5e0c1222bb81034f; AWSALBCORS=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:20 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
2891
x-rq
ewr4 114 120 3131
last-modified
Fri, 06 Nov 2020 23:25:38 GMT
server
nginx
etag
W/"5fa5db72-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1324582
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 07 May 2021 19:14:42 GMT
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
174b9a58c7e4e80c420d329af6a87671f2a602c1878580298a832034adfe155a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
pragma
no-cache
cookie
n_regis=123456789; AWSALB=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; nk=3cbc7ad141fd17bb5e0c1222bb81034f; AWSALBCORS=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
1907
x-rq
ewr4 114 120 3167
last-modified
Tue, 13 Apr 2021 23:57:26 GMT
server
nginx
etag
W/"60762fe6-1246"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=42
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 22 Apr 2021 11:19:03 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:20 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
80805FC298EFFCF4
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=213226
accept-ranges
bytes
content-length
540
x-amz-id-2
A7Clz7HCePx1Ek5slYSVMJdtjiy61jm8cPQilsKeafI3hQRtTyE80fian+knWnPUDJ+OpyNGk5s=
expires
Sat, 24 Apr 2021 22:32:06 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:20 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
E7FC71DCC76626B8
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=213868
accept-ranges
bytes
content-length
535
x-amz-id-2
cwPOFVoesdR8zziFLGKQvvlh/NrinqD0Royvn8X9ixprzFVnM6iJPyh3TlqFvT/UKPHaRfChR3Y=
expires
Sat, 24 Apr 2021 22:42:48 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:20 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
EFC0AD8EBCCD7129
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=121633
accept-ranges
bytes
content-length
16112
x-amz-id-2
KUKW+av4QFyzO1K/NgsGJU+kIOu+X9RuH2COg0hb48VfE4XQSsj5P4nijBPJqVMpSpao69k4s9o=
expires
Fri, 23 Apr 2021 21:05:33 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:20 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
F71F13E443C6B2FE
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=102203
accept-ranges
bytes
content-length
15948
x-amz-id-2
Nlq1wgWYh3e+AC0TUoNBE9CTiNyyErOIlUApQuxB9Tpjk0xBPWMUGKncr3MAUeAFT97YCQMu7Vk=
expires
Fri, 23 Apr 2021 15:41:43 GMT
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:20 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
34037D7C97259F11
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=219810
accept-ranges
bytes
content-length
11472
x-amz-id-2
8hpECIsS0O7dE/rOrT22b+WguT2pGbsJRr3icYp9VHDHuJZLFxHG23j6pozDBbA9W1Eo5ca1pXY=
expires
Sun, 25 Apr 2021 00:21:50 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&nk=3cbc7ad141fd17bb5e0c1222bb81034f-1619090297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:20 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
232BAC8F1E7A26D0
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=219036
accept-ranges
bytes
content-length
11372
x-amz-id-2
4ragS4nm2P2YO+wuj4WOaEwarsG8MPOvjg0Yww06PbhqcauOnbqvN1NBoN1h+SY8F0xcMAH9O4s=
expires
Sun, 25 Apr 2021 00:08:56 GMT
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
etag
"1a868d280f9424f5d82876d6cf0c46b9"
age
0
x-cache
HIT, MISS
content-length
1123
x-amz-id-2
GnQxULqkX8ClGIyfbJ3Uw/xTQl9OPBMhlTxQYSaBbMoNRAkJLQksJS7MY5YyR6eMKUXM3PcruWE=
x-served-by
cache-sna10742-LGB, cache-hhn11544-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1619090301.086484,VS0,VE145
date
Thu, 22 Apr 2021 11:18:21 GMT
vary
Accept-Encoding,,
x-amz-request-id
GNME6THPAQSTEEV0
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 0
impl.20210421-2-RELEASE.js
cdn.taboola.com/libtrc/ 		480 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210421-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e343f317675f7d684ebed15a8521fa9dbe2a8e26e3760abd78bfe0de8083fe14

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_6Wiwrf8fpqG8q74ZgCo8zGlPNZRTkp
content-encoding
br
etag
"3a18b805406e89401c3ffbae1e598cd3"
age
27591
x-cache
HIT
content-length
112603
x-amz-id-2
PIghdS+t086HqruTtOVWDGaPadkQL81zFsDoLDACZU5TLVD94lBZH/FYmpKBlrEepBYkmDRB0us=
x-served-by
cache-fra19180-FRA
last-modified
Wed, 21 Apr 2021 11:37:59 GMT
server
AmazonS3-br
x-timer
S1619090301.087114,VS0,VE0
date
Thu, 22 Apr 2021 11:18:21 GMT
vary
Accept-Encoding
x-amz-request-id
5P4AC5T3PNA7WNTF
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
30
x-cache-hits
115477
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-122.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 10:50:46 GMT
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
CPaT6bwB33WHBtmXQN9CQfxRh88WpjW2KSM45CmzyqSQaQo3zKDUAQ==
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		267 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f3ee7f733586379df35b59416987e636427861079c0780e08be2feff3c2af0a1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/remote/identity/rampart/latest/rampart.js
pragma
no-cache
cookie
n_regis=123456789; AWSALB=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; nk=3cbc7ad141fd17bb5e0c1222bb81034f; AWSALBCORS=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; lux_uid=161909030106315761
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
AkamaiNetStorage
etag
"c9af8698c6758bd5b432f7c4daa8bddc:1617077678.533746"
vary
User-Agent Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=770
date
Thu, 22 Apr 2021 11:18:21 GMT
is-https
true
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 22 Apr 2021 11:31:11 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
919a09d45286a3828a624e7dae7c7ee6b964ba70339274d8e333c5aaaf9c9ec9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
pragma
no-cache
cookie
n_regis=123456789; AWSALB=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; nk=3cbc7ad141fd17bb5e0c1222bb81034f; AWSALBCORS=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; lux_uid=161909030106315761
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
14341
x-rq
ewr4 114 88 3279
last-modified
Mon, 19 Apr 2021 23:52:30 GMT
server
nginx
etag
W/"607e17be-bbb6"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=3
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 22 Apr 2021 11:18:24 GMT
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d90199995b493e006d03ef62d624e59120a272ed586ff1496bd7a5c38ccb3fe
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js
pragma
no-cache
cookie
n_regis=123456789; AWSALB=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; nk=3cbc7ad141fd17bb5e0c1222bb81034f; AWSALBCORS=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; lux_uid=161909030106315761
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
1987
x-rq
ewr4 119 71 3093
last-modified
Tue, 13 Apr 2021 00:42:15 GMT
server
nginx
etag
W/"6074e8e7-182d"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=33
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 22 Apr 2021 11:18:54 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1619090301098&ns_c=UTF-8&cv=3.5&c8=Germany%20seeking%20to%20buy%2030%20mn%20Sputnik%20doses%20from%20Russia%3A%20state%20premier%20%7C...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619090301098&ns_c=UTF-8&cv=3.5&c8=Germany%20seeking%20to%20buy%2030%20mn%20Sputnik%20doses%20from%20Russia%3A%20state%20premier%20%7...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619090301098&ns_c=UTF-8&cv=3.5&c8=Germany%20seeking%20to%20buy%2030%20mn%20Sputnik%20doses%20from%20Russia%3A%20state%20premier%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-122.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
wirKMKSNNfXoYBSV3uY6uc9CL-u-tEmW2mChq6Ftb_hiWq5eq37nQg==

Redirect headers

date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619090301098&ns_c=UTF-8&cv=3.5&c8=Germany%20seeking%20to%20buy%2030%20mn%20Sputnik%20doses%20from%20Russia%3A%20state%20premier%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&c9=
content-length
571
x-amz-cf-id
wisNbx7fU_kmnO4IEyAzoNpGJb-G6cvsuC9ViRZXeptgO2TtAK0hUg==
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
last-modified
Thu, 20 Dec 2018 17:45:13 GMT
server
NetDNA-cache/2.2
etag
W/"dc93d584e41f8417f6b7163320d34329"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=13%3A18%3A21.127&lti=deflated&data=%7B%22id%22%3A672%2C%22ii%22%3A%22%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1619011048804%2C%22vi%22%3A1619090301126%2C%22cv%22%3A%2220210421-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2106%2C%22qs%22%3A%22%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-bc-desktop-article-02-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Below%20Article%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Below%20Article%20Native%22%2C%22cd%22%3A934%2C%22mw%22%3A705.296875%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A934%2C%22mw%22%3A705.296875%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210421-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d36de9c147ee1d0e7fcb880dfe530494ee6b3c4fab4310718243677d3b8603b7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
207
date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
server
nginx
x-timer
S1619090301.132779,VS0,VE207
x-served-by
cache-fra19180-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
etag
"b7fcedf037c57085d364b689ca46f32e"
age
1890713
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
CJwikwwZxQyH18OUOXiJXbj2eJMHVh0cLtSyhrNU23WheEY5kZ4IZiaT3pkyXUxrvuw1K4chqIQ=
x-served-by
cache-lax10649-LGB, cache-hhn11544-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1619090301.240351,VS0,VE1
date
Thu, 22 Apr 2021 11:18:21 GMT
vary
Accept-Encoding,,
x-amz-request-id
S3DM0CK1FSSZD79G
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
8252bc87d8e18e5c94f07dd61821fe8d
content.api.news/v3/images/bin/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8252bc87d8e18e5c94f07dd61821fe8d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
98b3f09045cdc206eb82fed87074e93160df6e3ba901216c26542f49c276e99e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
8252bc87d8e18e5c94f07dd61821fe8d
date
Thu, 22 Apr 2021 11:18:21 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
2616db9432f696ef7776d8a661509815-8252bc87d8e18e5c94f07dd61821fe8d-0
x-serial
1473
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5181672
last-modified
Thu, 22 Apr 2021 10:39:53 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
92455
expires
Mon, 21 Jun 2021 10:39:33 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210421-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1173ff74d3bff944e1165a5bc72d7a122b3e80a12a67d9c7e21ee724a589c252

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GLkvXXhkWrEA88PAu1lov9o2qFv0mrM9
content-encoding
gzip
etag
"b25b2d5dc58b4c31319963912a53dac6"
age
20100
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5161
x-amz-id-2
CaZXbEzRzPQ0B8UOgV7GR0epVB2mWqful1IeiJ5BOpgv48cT13qOroZzGsfVih961926ITRYl14=
x-served-by
cache-fra19180-FRA
last-modified
Tue, 20 Apr 2021 13:43:17 GMT
server
AmazonS3
x-timer
S1619090301.353822,VS0,VE0
date
Thu, 22 Apr 2021 11:18:21 GMT
vary
Accept-Encoding
x-amz-request-id
PFNFF3KYPY4JVJCA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
30
x-cache-hits
180462
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210421-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
16169
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
UmOOaCltTJva9V4gBfdf27Oy7jykaqbYXsCDo0A/soIFodQTYZAaWWoYstK76SsHg3hRgjqb/Fo=
x-served-by
cache-fra19180-FRA
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1619090301.353921,VS0,VE0
date
Thu, 22 Apr 2021 11:18:21 GMT
vary
Accept-Encoding
x-amz-request-id
CR41745BE06MC588
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
30
x-cache-hits
110403
tfa-eid.20210421-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210421-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fb5b5e121f1c4ef29618e84c1cd6081bf3ad7c3847d8893839936b50ceb0ebc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mqU8McvDeQApBdaEgrYS1Ey3dFM2cVGk
content-encoding
gzip
etag
"30702ee7a9fbb57ff28aceee22022269"
age
11781
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
zxTbR2LHysF0wkTAkBeIfzNQqt+R8UuuBCfHpkheo/Sx/3zS0fY0EK8pEgq78at4Br3WrVK6DsI=
x-served-by
cache-fra19180-FRA
last-modified
Thu, 22 Apr 2021 08:01:57 GMT
server
AmazonS3
x-timer
S1619090301.365415,VS0,VE0
date
Thu, 22 Apr 2021 11:18:21 GMT
vary
Accept-Encoding
x-amz-request-id
GAJ2CGSTHWKARH4M
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
30
x-cache-hits
62299
sha256.20210421-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210421-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc0b06aec3c945ddd18ae31bcb30cfeadf02050e367261fc8c78ca3fe8f621b0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
c_VSL2lknZMP.jjW6l4lSphCYn.fJxyN
content-encoding
gzip
etag
"457c17fc37e3ad13b7bcda82967e7c1a"
age
11772
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2595
x-amz-id-2
sXkw1M/Et/1gX0qA3bzfETySZwEKYTGXvnxSPzvoL3FofwI9tB8YLjQfDOck8vhV575HC+/3mSQ=
x-served-by
cache-fra19180-FRA
last-modified
Thu, 22 Apr 2021 08:02:06 GMT
server
AmazonS3
x-timer
S1619090301.365551,VS0,VE0
date
Thu, 22 Apr 2021 11:18:21 GMT
vary
Accept-Encoding
x-amz-request-id
FBCWVXY7KJTVMZMK
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
30
x-cache-hits
59592
tb
15.taboola.com/ 		37 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=newscorpau-aud-heraldsun&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de&encoded=1&uid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&variant=-100|1260357984&callback=TRC.videoTagCallbacks.videoCallback1&cb=1619090301358&tagid=&cntry=DE&platform=1&sesid=f5d306e2fbf7b2d20c2cdbaaddad5f9d&itemid=/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de&viewid=1619090301126&geolat=&geoing=&deviceifa=&appid=&sd=v2_f5d306e2fbf7b2d20c2cdbaaddad5f9d_a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd_1619090301_1619090301_CNawjgYQgPNHGMbBtcqPLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B&ri=d0612061030bfe381330d2af40006f55&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1177984&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1177516&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210421-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b9ac34f490f2b47dc94a224635cb2a1f2a5f9ba3f8d1df0547e992be3782248

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
access-control-allow-origin
https://www.heraldsun.com.au
machineid
1417
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn11525-HHN
pragma
no-cache
server
nginx
x-timer
S1619090301.365075,VS0,VE21
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20210421-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210421-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d4d85fed5127caa93ae2067a50d79dd31996a5442c7b8ecad7736df9e3c7d6d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
oxscLAJ1vA2tcI.yVBNyBi3fsmI0WoV0
content-encoding
gzip
etag
"843bf7f6cd0a0c23d299e0cbaaf88d0f"
age
11756
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1269
x-amz-id-2
6PrCYWeR4bbLKHjqipfRQskFZgJArDf/tsvo04XMhU/LTDqTXfJTsPWe2zthvnvLQJSuYIrAia8=
x-served-by
cache-fra19180-FRA
last-modified
Thu, 22 Apr 2021 08:02:23 GMT
server
AmazonS3
x-timer
S1619090301.374862,VS0,VE0
date
Thu, 22 Apr 2021 11:18:21 GMT
vary
Accept-Encoding
x-amz-request-id
7KB3RTK4XB89EFWN
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
30
x-cache-hits
38110
distance-from-article.20210421-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20210421-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2469fd005fedf00fb6052876b6651fbdc4d71eb17a7a315fc25b6338ff01c8e6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8LrkJBfOhX9S1epZOSARyDAvpr8Q_yKW
content-encoding
gzip
etag
"ba95441316bee54c328faa61ed9ba3bc"
age
11749
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1012
x-amz-id-2
MrUgFlKZXz/zjiJWIjk2iHChkr48BVDOvAjGXewzwELpn1vlVWqbWGzaer3zjEF0QE2FPFsalBc=
x-served-by
cache-fra19180-FRA
last-modified
Thu, 22 Apr 2021 08:02:30 GMT
server
AmazonS3
x-timer
S1619090301.387988,VS0,VE0
date
Thu, 22 Apr 2021 11:18:21 GMT
vary
Accept-Encoding
x-amz-request-id
7ASNC9ETM7CQZWNM
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
30
x-cache-hits
7286
article-detection.20210421-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20210421-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38e3937f91b95dd27692e21d69fc01a55c173f4295331ec45ef5d087dae0978d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
41z5R2mreh_es0a9fU2MNL.BOFAaqjJR
content-encoding
gzip
etag
"0c34c8e8aa1de33281fcb4b57ce40c39"
age
11739
x-cache
HIT
x-amz-replication-status
PENDING
content-length
864
x-amz-id-2
F/SpRICJElba7vprrF8Sktbhf+VXjtqusecXibjixHhG7CJeGKWP0vd5NB4rtSRO0mXkE4ZFNU4=
x-served-by
cache-fra19180-FRA
last-modified
Thu, 22 Apr 2021 08:02:40 GMT
server
AmazonS3
x-timer
S1619090301.388132,VS0,VE0
date
Thu, 22 Apr 2021 11:18:21 GMT
vary
Accept-Encoding
x-amz-request-id
9G2BYF9G8GWT11RN
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
30
x-cache-hits
7071
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
70
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
HsOVFRBc7yqvnDGTetpmWuIIIj1XMWyZlX/wvUSIsYqmXoAAgDFy3Uis6/LxAcd1WtZ9Mlo/358=
x-served-by
cache-fra19180-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1619090301.399377,VS0,VE0
date
Thu, 22 Apr 2021 11:18:21 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
QYSGS653SYGET5WK
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
30
x-cache-hits
97
74529a0b-e967-4975-b8c8-e0c0c4f966b0.woff2
cdn.taboola.com/static/74/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/static/74/74529a0b-e967-4975-b8c8-e0c0c4f966b0.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
lTPw_HQcAdyouGxJIVR7UXSSSYo5BGPI
via
1.1 varnish
etag
"587de8ec039052f50e69c9654439b991"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
15332
x-amz-id-2
9cn0vCnaaVADVqdPbb35mqeUwm4OTHh+6a62s6cG65RHNbMQeaVLtiDyIeVf8TM4oL2mrzQ0fIE=
x-served-by
cache-hhn11549-HHN
last-modified
Wed, 16 Jan 2019 04:43:39 GMT
server
AmazonS3
x-timer
S1619090301.416758,VS0,VE193
date
Thu, 22 Apr 2021 11:18:21 GMT
access-control-allow-methods
GET
x-amz-request-id
H9KNFX6CD1M55RDN
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
access-control-allow-headers
*
abp
30
x-cache-hits
1
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
last-modified
Thu, 20 Dec 2018 17:45:39 GMT
server
NetDNA-cache/2.2
etag
"5dc01cfcd5336f696cb85da7ce53fa9b"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
79100
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.4.1/ 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.4.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210421-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9635d0c2ad301f4b79011b25ef35cc869b3dc344a04beabfd886d7f1fb02ed4a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront), 1.1 varnish
age
440038
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
28063
x-served-by
cache-hhn11525-HHN
last-modified
Sat, 17 Apr 2021 09:03:25 GMT
server
AmazonS3
x-timer
S1619090301.427783,VS0,VE0
etag
"e5fdc6c780f546f64ec48fe3656d6dcf"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
NVGOFmxCQ6h7QZgiMT62DgGGHCk_EtbMU6CMpmoBktHqHA7tYnQUzQ==
x-cache-hits
163177
social
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=d8234b268569bebcb1a7e2c022589204&sd=v2_f5d306e2fbf7b2d20c2cdbaaddad5f9d_a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd_1619090301_1619090301_CNawjgYQgPNHGMbBtcqPLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B&ui=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&pi=/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de&wi=-2183305402612222768&pt=text&vi=1619090301126&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Germany%20seeking%20to%20buy%2030%20mn%20Sputnik%20doses%20from%20Russia%3A%20state%20premier%22%2C%22sec%22%3A%22news%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=13%3A18%3A21.426&id=176&llvl=1&cv=20210421-2-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:21 GMT
server
nginx
x-fastly-to-nlb-rtt
13684
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.14.95:10213
1281479823__ArKmUN2u.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1281479823__ArKmUN2u.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45587dd8d590b1ea2ad27ea69b28a07085c15414b06ec93a3ecff73cffb3a791

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 varnish, 1.1 varnish
age
1828628
edge-cache-tag
358502939805420355621555112727835082142,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1281479823__ArKmUN2u.jpg
content-length
20748
x-request-id
3119e5b1a5eb41c7933a0cdece261ffc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 01 Apr 2021 07:16:07 GMT
server
nginx
x-timer
S1619090301.433490,VS0,VE0
etag
"ff1c05ec410faaef29fa8ac37820d413"
x-served-by
cache-wdc5573-WDC, cache-dca17750-DCA, cache-hhn11577-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 7
fd55410888c000a4326410482631fecc.jpg
images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd55410888c000a4326410482631fecc.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e5f132b714c70bfa32e7e5f4bbe41db3be0395f8c5c505df53f143bac12f1c44

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 varnish, 1.1 varnish
age
1299949
edge-cache-tag
532928972401059285837018604789701179863,471115072028091915499869778252433648281,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd55410888c000a4326410482631fecc.jpg
content-length
9464
x-request-id
0b521350eeed413c960c1aefa92f3e0c
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Sun, 04 Apr 2021 12:34:58 GMT
server
nginx
x-timer
S1619090301.433459,VS0,VE0
etag
"099da514490a5b5aa6200d161f187137"
x-served-by
cache-wdc5533-WDC, cache-dca17734-DCA, cache-hhn11577-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 29
debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=13%3A18%3A21.433&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-bc-desktop-article-02-native&id=2024&cv=20210421-2-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:21 GMT
server
nginx
x-fastly-to-nlb-rtt
13684
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.10.199:10213
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=13%3A18%3A21.435&route=AM:AM:V&lti=deflated&data=%7B%22id%22%3A760%2C%22ii%22%3A%22%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_f5d306e2fbf7b2d20c2cdbaaddad5f9d_a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd_1619090301_1619090301_CNawjgYQgPNHGMbBtcqPLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B%22%2C%22ui%22%3A%22a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd%22%2C%22uifp%22%3A%22a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd%22%2C%22lbt%22%3A1619011048804%2C%22vi%22%3A1619090301126%2C%22cv%22%3A%2220210421-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22lspb%22%3A%22CwsIQhDm3moMCwjDARDm3moMCwiJARDm3moMCwiRARDm3moMCwggEObeagwLCKEBEObeagwLCKIBEObeagwLCCQQ5t5qDAsIJxDm3moMCwirARDm3moMCwitARDm3moMCwiuARDm3moMCwiwARDm3moMCwiyARDm3moMCwi1ARDm3moMCwi2ARDm3moMCwg7EObeagwLCD8QpshqDAwTFA%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2692%2C%22qs%22%3A%22%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A934%2C%22mw%22%3A705.296875%2C%22fi%22%3A3%2C%22fb%22%3A2%2C%22fti%22%3A%22newscorpau-aud-heraldsun-newscorpau-aud-newscomau-mobile-feed-action-bucket-1557203444418-2%22%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210421-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
72b5e10cf8de535f8ac52fa339d8330a41b3ea7ee75610c80654433fcfaf4c32

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
136
date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
server
nginx
x-timer
S1619090301.439550,VS0,VE136
x-served-by
cache-fra19180-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
37241a1b4e2e7e6f4f1acb80cc176628.jpg
images.taboola.com/taboola/image/fetch/h_156,w_280,c_fill,g_xy_center,x_560,y_298/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_156,w_280,c_fill,g_xy_center,x_560,y_298/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37241a1b4e2e7e6f4f1acb80cc176628.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
29fab09f5b5fd35ed037211b06ebf370fae3d972c356854fed237426314aa1d0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 varnish, 1.1 varnish
age
1816406
edge-cache-tag
457599247616795845653194656586471452284,381486147370908636194467317397939814754,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/h_156,w_280,c_fill,g_xy_center,x_560,y_298/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37241a1b4e2e7e6f4f1acb80cc176628.jpg
content-length
13772
x-request-id
24303b82250d07f889d2e61484820ce7
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 01 Apr 2021 07:57:00 GMT
server
nginx
x-timer
S1619090301.441797,VS0,VE1
etag
"4d773b29de104542e91f38be5e587d29"
x-served-by
cache-wdc5557-WDC, cache-dca17728-DCA, cache-hhn11577-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
d0b2a9a8bcb6c1dd4eb2fe4719cacfc0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d0b2a9a8bcb6c1dd4eb2fe4719cacfc0.jpeg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bb1c0b880df1d5247bcab5a7d2bfbb91d4bad4da0c6a86d95262a78f76f2d6c9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 varnish, 1.1 varnish
age
1128817
edge-cache-tag
343351420035001960431087952642471355329,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d0b2a9a8bcb6c1dd4eb2fe4719cacfc0.jpeg
content-length
18960
x-request-id
6882dcb4d82ac9cd09ee90ef85cf1594
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Sat, 13 Mar 2021 11:18:27 GMT
server
nginx
x-timer
S1619090301.442318,VS0,VE1
etag
"c190126664a6db960977bd96212fe008"
x-served-by
cache-wdc5552-WDC, cache-dca17753-DCA, cache-hhn11577-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
a643b072c3cb1a98dc07a19c365c8f01.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a643b072c3cb1a98dc07a19c365c8f01.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3bf97f5daed942759e5fdc1a616aefcf2e9a8abe72d54ec94aadd0df9ff3e81

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 varnish, 1.1 varnish
age
1112080
edge-cache-tag
493117324804218555961063354206641653862,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a643b072c3cb1a98dc07a19c365c8f01.jpg
content-length
12092
x-request-id
7213157e23e50dd1277e687856c29959
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Thu, 08 Apr 2021 07:27:32 GMT
server
nginx
x-timer
S1619090301.442299,VS0,VE0
etag
"8310babc583d3d4a40f15c187cd4c680"
x-served-by
cache-wdc5576-WDC, cache-dca17777-DCA, cache-hhn11577-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 81
authorize
login.newscorpaustralia.com/ Frame 20ED 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=uPJ84jF4fBmFptgRo9ROZUnUKUgV95bm&nonce=Q9sFY17t6KuMT87LCQVFO99Eae39Hpkf&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188945163ead1035348d6c68f98d2244ba1e0d43fae82b6dd0a280e1d411fb18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=uPJ84jF4fBmFptgRo9ROZUnUKUgV95bm&nonce=Q9sFY17t6KuMT87LCQVFO99Eae39Hpkf&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
643e7370def46244-OTP
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
099ae67a89000062447f034000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
643e7370def46244
ot-tracer-sampled
true
ot-tracer-spanid
113ec7861a98bc34
ot-tracer-traceid
3d98a66011246eb5
x-auth0-requestid
071eb2a4952762303696
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1619090303
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 537 0 pmb=mTOE,3
expires
Thu, 22 Apr 2021 11:18:22 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
content-length
844
vary
Accept-Encoding
set-cookie
__cfduid=d78fff51154d135909ad1bbf1da9836181619090301; expires=Sat, 22-May-21 11:18:21 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A73099a60-a35c-11eb-aeec-63a0fea5176f.BugREy8M8AuAWY221RYPe%2F0tbjJukFZQEpmZBuMBo3E; Max-Age=31557600; Path=/; Expires=Fri, 22 Apr 2022 17:18:22 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A73099a60-a35c-11eb-aeec-63a0fea5176f.BugREy8M8AuAWY221RYPe%2F0tbjJukFZQEpmZBuMBo3E; Max-Age=31557600; Path=/; Expires=Fri, 22 Apr 2022 17:18:22 GMT; HttpOnly; Secure ak_bmsc=C42AB0053B3818B6DFC0845E5AA353330210BB8CEC0200007E5B8160CC3E841C~plNYDm2OgT9l+azDCW4HGN47sVaB3sv+Th5TaOEo2HNCbbpBK9FN+7jFDwQfK5smuLx9Bco8YzDRL3Hfe33C4iReldAv/Eym30UnLQf5uKyd159RI1LSYZOY1a30u9BWLPwNKV+v/El+wW7dg5eTSaCq1ELnfpLxoLsHb0bd33HZI+hUbnlrs+SxVA+lXRLdM65v/iYGGx1l4AIQCFvvDsu+GpC7Pkq6a0BROCFAw0ISTrnj7eXHrIZqOG30aJ02Kz; expires=Thu, 22 Apr 2021 13:18:22 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=DDBE42CA915E7702DC3F310B7A7F2D11~pQ3X4FsUvwBvDBWDjGYbmbZzXRvzxarqFxEh1rv0OnL9YdJiUaRFArda87lVptkcWddzl8IVeIZN50k/rebdbwkNjxCRKr15opmtJWyokzrdqvD1SrMJKAQAehnBAai6xr4Z8VRxcah9FsFiCo4RrAYly6D308sm5JhDGVJGU5biWyc3rq5bY1iIxj90adhaaa+cKegXxmqI3az89o7pRmb5QkRbRU+x6oNcfWKaAd6Tw2xDREKKjPstGDoDdkPA; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=EEB0C07AB3E28BECA1D321EB5396C5EA~YAAQjLsQAu1O1Np4AQAA2mdN+Qv2wMRxQzCcCpYevY8OpyS1BwrBGQVXTjUtXsHPsP4Xz/uuGuM/Pv1wIjceF6cD23XmUNE5oja7GhNQzsB6SmTGRhntcpOLma6A/nY6GXdW5OFPS+BiZ0w81oJtq8rNKeYI2n43EK0p4zW8PD85KiOmBUG1AG7H3AdIchup6CyEy7Urkmx7qHM=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 22 Apr 2021 15:18:21 GMT; Max-Age=14399; HttpOnly _abck=F822440BA07435A7BADC566076FF643A~-1~YAAQjLsQAu5O1Np4AQAA2mdN+QVA8aXATfkYHiwgTczAsM4sda9Qu5j2KiEOa+naA4tU+hB66oYM7ac+Nyo4YXz+haGwaVkFncR8zayT6Mw1DFLV4xLi6c3rxoL3jwUeAqz9YY/5J1vWpGSGhi+83o45KWBnz2U3ztnjzteLKcueXwKjIl1Ox2K8rqx1vAyYxDrVTSUxrdwBhpf8sYSQMkZekcbj6tTeQ9mqNFXGfpUbax2SCybuSCXe1KGFNsIs5/ektnQ6yBO8ggEwxOKxWv6Ad/1femWWg0IjG5LoPy/AFzC7yTzH1PJYZuSs0zNn2vQ7w2+iAeD4T8Kjo3yPE9G5ty51IxSsGw6MUZHZifTe+AusyHvoXfP2j0ur9yHCZC9rOoOswQ==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 22 Apr 2022 11:18:22 GMT; Max-Age=31536000; Secure
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4379b5695f319d7ad15e6c86346e9117f0b4f4a8d4bcbab18aa840fd9e6d900a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 03:49:38 GMT
server
AkamaiNetStorage
etag
"cd574ccc8294fe1328dbeab462c8cb3f:1618372178.026573"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1234
expires
Thu, 22 Apr 2021 11:23:21 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
aeff34d9a1c253a230b7436d1f8798f9d4d096c0dd88ac2983997dce9ef88508

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 03:49:39 GMT
server
AkamaiNetStorage
etag
"baf18b342a54172ca520ae382752ce1c:1618372179.176935"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
19094
expires
Thu, 22 Apr 2021 11:23:21 GMT
indies-loader.js
ts2020-indies-client.web.app/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 22 Apr 2021 01:47:05 GMT
x-timer
S1619090302.549509,VS0,VE1
etag
"5c2c9c77edcfefaf1619408144b41c5b44f64c00ae68f3981ff348f0dc03807f-br"
x-served-by
cache-fra19137-FRA
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Thu, 22 Apr 2021 11:18:21 GMT
accept-ranges
bytes
content-length
2347
x-cache-hits
1
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		155 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ecc18d5c60efc39097843e3f258303635aef5e6c15df6f8c577e2736eed82556
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js
pragma
no-cache
cookie
n_regis=123456789; AWSALB=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; nk=3cbc7ad141fd17bb5e0c1222bb81034f; AWSALBCORS=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; lux_uid=161909030106315761; _tb_sess_r=; _tb_t_ppg=https%3A//www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY; trc_cookie_storage=newscorpau-aud-heraldsun%253Asession-data%3Dv2_f5d306e2fbf7b2d20c2cdbaaddad5f9d_a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd_1619090301_1619090301_CNawjgYQgPNHGMbBtcqPLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQhDm3moMCwjDARDm3moMCwiJARDm3moMCwiRARDm3moMCwggEObeagwLCKEBEObeagwLCKIBEObeagwLCCQQ5t5qDAsIJxDm3moMCwirARDm3moMCwitARDm3moMCwiuARDm3moMCwiwARDm3moMCwiyARDm3moMCwi1ARDm3moMCwi2ARDm3moMCwg7EObeagwLCD8QpshqDAwTFA%7Ctaboola%2520global%253Auser-id%3Da7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd; com.auth0.auth.uPJ84jF4fBmFptgRo9ROZUnUKUgV95bm={%22nonce%22:%22Q9sFY17t6KuMT87LCQVFO99Eae39Hpkf%22%2C%22state%22:%22uPJ84jF4fBmFptgRo9ROZUnUKUgV95bm%22}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
36432
x-rq
ewr4 113 245 3266
last-modified
Tue, 20 Apr 2021 23:59:38 GMT
server
nginx
etag
W/"607f6aea-26a64"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=33
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 22 Apr 2021 11:18:54 GMT
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a97178289ab863f2a651270e3ab1e833c4eee79e09b494e70be273047956a67e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
pragma
no-cache
cookie
n_regis=123456789; AWSALB=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; nk=3cbc7ad141fd17bb5e0c1222bb81034f; AWSALBCORS=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; lux_uid=161909030106315761; _tb_sess_r=; _tb_t_ppg=https%3A//www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY; trc_cookie_storage=newscorpau-aud-heraldsun%253Asession-data%3Dv2_f5d306e2fbf7b2d20c2cdbaaddad5f9d_a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd_1619090301_1619090301_CNawjgYQgPNHGMbBtcqPLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQhDm3moMCwjDARDm3moMCwiJARDm3moMCwiRARDm3moMCwggEObeagwLCKEBEObeagwLCKIBEObeagwLCCQQ5t5qDAsIJxDm3moMCwirARDm3moMCwitARDm3moMCwiuARDm3moMCwiwARDm3moMCwiyARDm3moMCwi1ARDm3moMCwi2ARDm3moMCwg7EObeagwLCD8QpshqDAwTFA%7Ctaboola%2520global%253Auser-id%3Da7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd; com.auth0.auth.uPJ84jF4fBmFptgRo9ROZUnUKUgV95bm={%22nonce%22:%22Q9sFY17t6KuMT87LCQVFO99Eae39Hpkf%22%2C%22state%22:%22uPJ84jF4fBmFptgRo9ROZUnUKUgV95bm%22}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
2941
x-rq
ewr4 114 88 3279
last-modified
Tue, 20 Apr 2021 23:59:51 GMT
server
nginx
etag
W/"607f6af7-1a3b"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 22 Apr 2021 11:18:22 GMT
authorize
login.newscorpaustralia.com/ Frame B994 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=1e.smvZsQM9lDy9oC_z0C.xognUbTtiQ&nonce=icrgOPk_gcdlw4YMfD2Uzs5o5QUat89U&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04fa8b95805236ab0bba06939eb6da8f12329ca1b6608d007a92390c91a4c2ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=1e.smvZsQM9lDy9oC_z0C.xognUbTtiQ&nonce=icrgOPk_gcdlw4YMfD2Uzs5o5QUat89U&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
643e7370fe7cfd05-OTP
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
099ae67a9e0000fd0512012000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
643e7370fe7cfd05
ot-tracer-sampled
true
ot-tracer-spanid
7a954a3854fde97d
ot-tracer-traceid
757f6cef14ac9ed6
x-auth0-requestid
358f32ccc34c4b9bb55c
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1619090302
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 573 0 pmb=mTOE,3
expires
Thu, 22 Apr 2021 11:18:21 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Thu, 22 Apr 2021 11:18:21 GMT
content-length
839
vary
Accept-Encoding
set-cookie
__cfduid=db0748c33568112a605a3662f3f40daec1619090301; expires=Sat, 22-May-21 11:18:21 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A727aeef0-a35c-11eb-8eab-035f66633b57.SpOh3JCnsFcJU8RiCjALz4cef%2FVOrVk9jQ504voITHA; Max-Age=31557600; Path=/; Expires=Fri, 22 Apr 2022 17:18:21 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A727aeef0-a35c-11eb-8eab-035f66633b57.SpOh3JCnsFcJU8RiCjALz4cef%2FVOrVk9jQ504voITHA; Max-Age=31557600; Path=/; Expires=Fri, 22 Apr 2022 17:18:21 GMT; HttpOnly; Secure ak_bmsc=9E8DEE53479203B3990DA4B0C1C64FD40210BB8CEC0200007D5B81600BFB3B69~plruHtbcwvXAjbMpzVAkVsrT4BTUPoooIeKJ7+EiNMxSNNEaurHycrABJ7cfkh5g68eWMBPh7N1U26DJIRsj+NpPO5ZFQXpvL7w7xwcfpJsfSfdzNl+miPYi+CyjKniqno6mp0CsyXHaR4Ivpj4jI/RuGg47cI5IkyHfU7KrWIeLnfpGxQRqLCUtb8ITSR7MSTTMlGIHKJ4tr2331Tv9Yp3Irlm9Qw1jrAd1rCu0tZjW5eyiRp1On2uh+i0pnmxhXk; expires=Thu, 22 Apr 2021 13:18:21 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=6DE800A3361DBF777E4900313A239EBC~pQ3X4FsUvwBvDBWDjGYbmQmw7+YG41/7oU6XTC3QTmunnnyBgvcMT8ngsNoz7cyicUe5K55/Ys5zk968z7V3KgOWLa40tt0/xCZj6VYAe3+4Gh2H1cuEzRrfOtDRXGwK2c2ylszcUjqSC9XxARwU2h831l/zlZoK83lU+C0ItsRjzj89udTUoDzx3mCjDh8/8PFka4+2dB6jOm0dAF5JWoIB33618joe+CRD7Vpd2X8VDKMHCd2hKH2i9cwj1KZz; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=0AE13231CBA78789D82025828A9DDE7E~YAAQjLsQAuNO1Np4AQAADWRN+QswaHUdoBLogqHQ6QGvMb2IQBba3/OxBNPXCBqZBC6DqNlBDxhPYwoZix7tiLjaSVCHMwYF+ufSx/9md/sP066Dd70UkaZzRA0V3Idwwf3qX9GpokyySHfjBp3UvzKleEFu+tsfHUoEpoaTNKOqIJy3edPUYm2rx8UOlD3tYmSxv4UUe8r5wR0=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 22 Apr 2021 15:18:21 GMT; Max-Age=14400; HttpOnly _abck=B965612191EDF7FD428E93531BDB18EB~-1~YAAQjLsQAuRO1Np4AQAADWRN+QWMAJzpB8eHfqhoUYp/rMF9tKyMGtVRLRZAFg8Mtp4TtR6NxT52ZRFq09BBFrh/eruW7ThMj+0zZUdd6PrLJqfRScn1wg+SuR2Ob+M4lMH3XS5D9QdT4+LXMIC560rbUCjIciSUMY2Pw3ZuUAxhI6EZ52p45NY605rZ46e1uh3q1rY20UsXFoFYtgxkh4WCQplEYdaB2sWx8kobY1rHeqJj99wVLy7Axt6sVJqkPmNk4Z4vZ+cX2u+db+w38TVnDf2PhdL2hrztJNRwMEkEIrGTjBpf5VP0SLjOA4Rln2FPlzEpBVl/bOZGIqJ7JNKZNCWoKBavTGFR+qowA8p8dRWXtv1JOBkJoERKZNWiQTOGTt/ktQ==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 22 Apr 2022 11:18:21 GMT; Max-Age=31536000; Secure
authorize
login.newscorpaustralia.com/ Frame 24BB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=GGM6h12qkFYj9.SYAwP5zeRr~moP-qZK&nonce=0kkUAcgltHCyK~EiUaUtEj-jF-0hMr7k&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf40c64bfd3e8e8a25ec1983f011fbd393068b16d1ef434ff6d4cc17c2c96a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=GGM6h12qkFYj9.SYAwP5zeRr~moP-qZK&nonce=0kkUAcgltHCyK~EiUaUtEj-jF-0hMr7k&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
643e737109bb6253-OTP
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
099ae67aa400006253210b8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
643e737109bb6253
ot-tracer-sampled
true
ot-tracer-spanid
179ea38a3d8373bf
ot-tracer-traceid
2765d51e0b438eb3
x-auth0-requestid
4f6ce66fb187187bf3fa
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
998
x-ratelimit-reset
1619090303
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 539 0 pmb=mTOE,3
expires
Thu, 22 Apr 2021 11:18:22 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
content-length
845
vary
Accept-Encoding
set-cookie
__cfduid=d623b08f8d3f4068cabcbaff267bd9c691619090301; expires=Sat, 22-May-21 11:18:21 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A730fb4e0-a35c-11eb-912f-2b6c24bda331.h0t4QGfN%2BSHzmH2NfeQvAJSCqyNgY59vcPdRZOwbP%2FY; Max-Age=31557600; Path=/; Expires=Fri, 22 Apr 2022 17:18:22 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A730fb4e0-a35c-11eb-912f-2b6c24bda331.h0t4QGfN%2BSHzmH2NfeQvAJSCqyNgY59vcPdRZOwbP%2FY; Max-Age=31557600; Path=/; Expires=Fri, 22 Apr 2022 17:18:22 GMT; HttpOnly; Secure ak_bmsc=E6DF5975B8BFB668B5B1222DFF7B3CD90210BB8CEC0200007E5B816073C6040F~plxT7IajdRyMqAzRUJ7BbWmvWGyHrLB3s71k9cDyxHmA7oqGr0jbzVhzoyqsgsZMfB8Qa3AZW49CrkJUgRGxUqa89E4rZeBB/w49m4QFnh+wXgiGIYWYKKf7MluP8Yy76rzXQFtW7DDwSVw2XZSRTZZHJrUvoicoXS6VBrr+ekR3K5q0PdDCQAYmJQfq/gBo65YKO9PKL61HCfWfCaAai6aGvDI7IyGMbPuZR2f3WWYrGy8jtZ7RPikc6cImUnCktc; expires=Thu, 22 Apr 2021 13:18:22 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=BD2939AC7572A8C726ADEDE8F5BB4D7A~pQ3X4FsUvwBvDBWDjGYbmfEpTqWeW7a32BVBERuJ4vINZqOOVGOQ6LgZROAHhcQ4FTi1sJqBufadbHcVlCDEtnJsht+qD9+eLd+MQfFBQu43b4wG2pIXxDZtdaqKjX2inprvEjqWF9vULQTw/9Rhw9HdnzP+rHfXHVNApSV5ndSkhJ4X86Mnjqkt+D1CbbuyumLQY21St5FfmIZiwdCIHkRPEUB3ufs2YlLrdN9KAhVy9NwYIKRMb4lN5YhH2M7F; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=79D8B84F9F4E4F056F6716B8C6B1A533~YAAQjLsQAu9O1Np4AQAA8WdN+QuzEH9WUtWw687pCgkydDtYxc4azg92m56/pqV2uqSYij/ZSqvm4xh1jPyVUFnobIIrE3ZcBpr6+sxM0UvTZQwqTpvmTJpKOqNeejEJD8/xFgolNHiFNOGW7Wnhcl4M77f5Wp5LeHa+pCI5h/+raleQ7FPAIWguiV5J27oQxo3XOCkwGEZVdEE=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 22 Apr 2021 15:18:21 GMT; Max-Age=14399; HttpOnly _abck=78CD8483B23E87D9EA87B016814F3059~-1~YAAQjLsQAvBO1Np4AQAA8WdN+QW/PNajvL1rFNzU6QPqSwMnAbYv55hz918yt4CUkseFULhA3Dl9BFRcv/ckR2F6mFz1Y+VPAysJ/7P3iSlncSovA9KvE3Xn/aycYhfSIeTV52SU3lQec8nJIXOXjdnn/yTktEqj3YE140GVRikZV6KeK/uECN+N3OkXAVFlQyoIZEHWh9TlJpfFMfx6BSTUd8a04sc1BE7FqhocHQLcBoYH968Da0cT43sOY+A4xo1fdFuWBsRzWlp6f+zBBf5ij4v8fHwn5QUW7oIx0RL7BFGc+jL7gSP9LuDr5JZ//Hekk8+eFMZS+ES85QPGOo1rWZIme69QXQ2bufo+ovrf2OrfhQ5ifUixxPdNcFnuKQ1FCsBSjA==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 22 Apr 2022 11:18:22 GMT; Max-Age=31536000; Secure
care-picture-id916274506%3Fb%3D1%26k%3D6%26m%3D916274506%26s%3D170667a%26w%3D0%26h%3DhvcrzlvuXYqKHoCV1X6YEz-pLn8rZo_uGFZuV0h98TY%3D
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/care-picture-id916274506%3Fb%3D1%26k%3D6%26m%3D916274506%26s%3D170667a%26w%3D0%26h%3DhvcrzlvuXYqKHoCV1X6YEz-pLn8rZo_uGFZuV0h98TY%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
255dee7f449752dc74a724a1ee60e897a78c5231f4649601b7593939c1b1116a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 varnish, 1.1 varnish
age
5367
edge-cache-tag
408833285957656948667216459792740348066,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/care-picture-id916274506%3Fb%3D1%26k%3D6%26m%3D916274506%26s%3D170667a%26w%3D0%26h%3DhvcrzlvuXYqKHoCV1X6YEz-pLn8rZo_uGFZuV0h98TY%3D
content-length
16934
x-request-id
f24c66a544073d0ee8cab3e1ba4bfa33
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 20 Apr 2021 11:51:02 GMT
server
nginx
x-timer
S1619090302.613010,VS0,VE1
etag
"d81626f4cfd3d4821015c723d43e7f6e"
x-served-by
cache-wdc5579-WDC, cache-dca17769-DCA, cache-hhn11577-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
c388f67ebe8a2732ebed88b2419da7bc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c388f67ebe8a2732ebed88b2419da7bc.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc03e80c7c678f41cb0a9dd847455d9b7ab2cdb941ea547ff3602ac0a9cc1546

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 varnish, 1.1 varnish
age
1378319
edge-cache-tag
318270056734806123079317470781134532838,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
93
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c388f67ebe8a2732ebed88b2419da7bc.jpg
content-length
4856
x-request-id
273bcd8845b18ca154064f231a5683bc
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Thu, 25 Mar 2021 13:19:26 GMT
server
nginx
x-timer
S1619090302.613092,VS0,VE0
etag
"532e8d41ecbd1a6241a584edfa28323b"
x-served-by
cache-wdc5531-WDC, cache-dca17731-DCA, cache-hhn11577-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 56
419f3af24271d610fe97bdfef350544c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/419f3af24271d610fe97bdfef350544c.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
503c04f4a9119ba15ff9382a52a222e61734a73a59cced402b546b88adbee693

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 varnish, 1.1 varnish
age
2396292
edge-cache-tag
563537020628657109859544164565252716554,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/419f3af24271d610fe97bdfef350544c.jpg
content-length
9874
x-request-id
6cbe561b01c17a99af4b773b8c7ae701
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 23 Feb 2021 18:40:10 GMT
server
nginx
x-timer
S1619090302.613764,VS0,VE0
etag
"61a2962d4efeee6226414b8eb6bf9d29"
x-served-by
cache-wdc5527-WDC, cache-dca17737-DCA, cache-hhn11577-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 8
a36783f94b17d13347e7da38eab8d89d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a36783f94b17d13347e7da38eab8d89d.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e26654a11ebef6b38480e8373c54025938de39347e28032e1c16e7185ca2286a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 varnish, 1.1 varnish
age
2395968
edge-cache-tag
564883150794744224979635740336536192738,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a36783f94b17d13347e7da38eab8d89d.jpg
content-length
13064
x-request-id
958e80db0ae58982b13faee4c35890dd
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 14 Mar 2021 04:42:51 GMT
server
nginx
x-timer
S1619090302.614214,VS0,VE0
etag
"98ac2c88c2a455c6c35fcad128fd7a21"
x-served-by
cache-wdc5534-WDC, cache-dca17724-DCA, cache-hhn11577-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 42
7b9b2d8e0853959e622ec3af1afa4600.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b9b2d8e0853959e622ec3af1afa4600.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef2c6db2cbd62f6fc19cbd6130bf73cabbd8140c423f6407d96707ae3951757b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 varnish, 1.1 varnish
age
2430169
edge-cache-tag
485388432648731564401722140595172373413,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b9b2d8e0853959e622ec3af1afa4600.jpg
content-length
8794
x-request-id
75a846422389a10cfd42ca3365e8f1b6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 21 Mar 2021 15:16:53 GMT
server
nginx
x-timer
S1619090302.614528,VS0,VE0
etag
"74736831ca1ba04785a7a45f05fa44e5"
x-served-by
cache-wdc5546-WDC, cache-dca17743-DCA, cache-hhn11577-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 80
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16190903016430.7682658265816988
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c1dc3cfad3f3b95151a0d26208e45c2119aa8e5440a4f076f7c999f7810fb222

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=0, no-cache, no-store
content-type
application/x-javascript
content-length
836
expires
Thu, 22 Apr 2021 11:18:21 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
cache-control
max-age=84294
server
AkamaiNetStorage
content-type
application/x-javascript
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=849107178945.1321
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=849107178945.1321?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
cec3b0fbaafc108c26b3e824d89089ae4404f7d1b067750a97f343f47dce8897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7047
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:ae00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 16:49:13 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:06:15 GMT
server
nginx
age
66547
etag
W/"60665ff7-11377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 e8a7e21f51478f02a6e51b69e3450928.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
hRCUDPnD89TR8fE4CERv_TSFA-nWJRZ8vUOvbr0WZtAigXesabIu3Q==
expires
Thu, 22 Apr 2021 16:49:13 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		177 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
82ef85db9124f8188c2c8c03a4ad9a0918591f752994d8ec228331c715ecac86

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"6865f68a18babd10a2b682180ae91370:1618193209.579457"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=49151
content-type
application/x-javascript
tad.js
tags.news.com.au/prod/tad/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9a800184984f1b83249bc6652a9b8eb9e31af36324a446fd22e7ff92eba75ce3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f3febcfe63c1b4a90c2cf98e06524a15:1618463584.191948"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=63186
content-type
application/x-javascript
content-length
29527
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
b43d99222dff35d3423219626a3c8f2ea11101cc9ecc9103151dbf34dcb31909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"849 / 780 of 1000 / last-modified: 1619089759"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21098
x-xss-protection
0
expires
Thu, 22 Apr 2021 11:18:21 GMT
prebid.js
tags.news.com.au/prod/prebid/ 		382 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
efcd038fff3becbe148fefb893ed26081fd0d8e7293fcd49d470c13fcd522e02

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"fb921cb139744e2aabd21ff0559deaa9:1617770917.60892"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=11384
content-type
application/x-javascript
nielsen.js
tags.news.com.au/prod/nielsen/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9a32bed4e81651c9c81c8d7a215a2f5cfbdec52ea96a40e2866a6864842e6ee6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"13d6117aad2dff6ce86d3a0e528e266f:1617253408.513135"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=69395
content-type
application/x-javascript
content-length
8802
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-gl.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding
gzip
etag
W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified
Mon, 12 Oct 2020 13:35:53 GMT
server
AmazonS3
age
32277
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 22 Apr 2021 02:20:25 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
FyqSU-gcJJeDns5vhuI3XNV0Y1MTn_esd-Sjssx9u258kShOdcC4dw==

Redirect headers

date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
text/html
location
https://cdn-gl.imrworldwide.com:443/v60.js
content-length
134
x-amz-cf-id
L9NzPkWe1laJsyjAtykhS45Ej69rSrOg8Wb4fx2V4osryVu49kI9PQ==
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 11:06:35 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 16 Dec 2020 00:19:19 GMT
Server
AmazonS3
Age
711
ETag
W/"a0ed145148d17426a72696cecfa585ae"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
h1h182OosdR_c2g-ibXrm_Y0J5kiLF1__UgUl_wF3I294Gk6VrEiFg==
2988.js
script.crazyegg.com/pages/scripts/0018/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
cf-cache-status
HIT
age
15177
cf-polished
origSize=4157
ce-version
11.1.272
cf-request-id
099ae67ae500004a6dab8c5000000001
timing-allow-origin
*
last-modified
Thu, 22 Apr 2021 07:05:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
cf-ray
643e73716d754a6d-FRA
cf-bgj
minify
utag.903.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.903.js?utv=ut4.46.202009280518
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c7a8d4e8c6cad88c36def71504911446af10622eddf2c23004e9cb586fcd7db6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 05:18:23 GMT
server
AkamaiNetStorage
etag
"d32b6958018409f79ae783037f4eb748:1601270303.476185"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1032
expires
Fri, 07 May 2021 11:18:21 GMT
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
last-modified
Wed, 20 Nov 2019 04:49:47 GMT
server
AkamaiNetStorage
etag
"a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
900
expires
Fri, 07 May 2021 11:18:21 GMT
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-190.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by
ARR/3.0
etag
"84a7fce7aaabd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=127
accept-ranges
bytes
content-length
15848
ggcmb510.js
seccdn-gl.imrworldwide.com/novms/js/2/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:6600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
v8EFEAmgyOIEHPdRap_4kHFd7N20k7gR
content-encoding
gzip
etag
W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified
Mon, 15 Mar 2021 14:07:26 GMT
server
AmazonS3
age
921
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 22 Apr 2021 11:03:01 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
0WW1scsZyEvFJ4xY-OZwjqLGV3H8HLCFp-ZC0GiIUOfzwHeFMSr7Dw==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202104140349&cb=1619090301719
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 22 Apr 2021 11:28:21 GMT
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3400:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 22:36:29 GMT
content-encoding
gzip
etag
W/"0d9785869d3d057828f29bcf6b0f8119"
last-modified
Mon, 15 Mar 2021 13:51:58 GMT
server
AmazonS3
age
45713
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a7631312afe99e40229aa0da70662113.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
BsSBg1OeIhFN1KobDdOj-aKHq64hsgNpYj38JoEEsIwjPBA_r_I9Cg==
authorize
login.newscorpaustralia.com/ Frame 89E1 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oC~GkSNXfsELlzcfgtLcKSIZYtTZ2SAz&nonce=00UQ1Rv1Sy9ZJ.ejZFnr0IdMthZ-NShN&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a199bb8b08c9f7739abca0b659e0048679ba9065d879de98c33d9ba814367065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oC~GkSNXfsELlzcfgtLcKSIZYtTZ2SAz&nonce=00UQ1Rv1Sy9ZJ.ejZFnr0IdMthZ-NShN&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
643e73728bc5ad2a-OTP
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
099ae67b960000ad2a5a911000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
643e73728bc5ad2a
ot-tracer-sampled
true
ot-tracer-spanid
285f7b7c6fca9837
ot-tracer-traceid
3552378f5c63341c
x-auth0-requestid
4bb8e6ae8df61b4b21d9
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1619090304
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 536 0 pmb=mTOE,3
expires
Thu, 22 Apr 2021 11:18:23 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
content-length
846
vary
Accept-Encoding
set-cookie
__cfduid=d413cda1d51af69cc6f3e07c51038e8421619090301; expires=Sat, 22-May-21 11:18:21 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A7335b370-a35c-11eb-b509-21d4c64dcc83.NuZ8oq8kZ9c4JOG4V8h3ZWBTs6mQLl0GIfDIEy%2FhrMQ; Max-Age=31557600; Path=/; Expires=Fri, 22 Apr 2022 17:18:23 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A7335b370-a35c-11eb-b509-21d4c64dcc83.NuZ8oq8kZ9c4JOG4V8h3ZWBTs6mQLl0GIfDIEy%2FhrMQ; Max-Age=31557600; Path=/; Expires=Fri, 22 Apr 2022 17:18:23 GMT; HttpOnly; Secure ak_bmsc=F7C404D2051FDB9C976D85DE86E2B7910210BB8CEC0200007F5B81605AB76B34~pl2Qeshf05a7Jk5/NnG4emv3W9ZG8btQ/40wrjdyafsNf2GB46l5MkzpNozwHYZaGLBOochbzmGIcUTbZcJLdN8y2rrNS1JBlA8wzdZKCt7Q1CAeP7iCWyXPfvVU+97Rj8T2oQV1k0dHuWFon6vkBwfCUeBwR7wxsvwtq+IH77yFSQukNOp+fX7blXp5kdX8zsDcahDWWQStbG4YzhIphi+5CRq93ro9cON+SoqAt3zrr6srJuy2r6S5GSRswVzVI8; expires=Thu, 22 Apr 2021 13:18:23 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=771551254168091F962D0FE793DC2A42~pQ3X4FsUvwBvDBWDjGYbmTwPO3vc8ra7BBFhimD7hjqrQrXpeF25FHwmeLwoR6aj2YiA1fLVr2K8HEMFJ/3WMfX+0qNQB15QOGh8Dk9x1/AeHbrt4qpU+z2+3xQsls6NSep3BwwnwEoAulPwGgPpxp2lzW1AnEe5fN+XUKdq1sxxVC/do1gSsCN+ZB7gqhqbs+3PHT/N1s6TC1NDELKAi5bMrtXyrCzkbQKGe3Acnfdb8hWil7hQtbStPQ6vFKZl; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=7CAC527FDFA7E9887333C4856F8F1A88~YAAQjLsQAvVO1Np4AQAA4mhN+QsHDwaYTOWwCIziHnaCQjbIzoS4FX2ztXQAm8hu0vMzuqX2dcruFLb+howULb5kUdXOeJ9HS57eIaH8cQge3nHnNSYOgPS8VG80CVEGoDUbV5kymIo9TtHrb/5BWtH10I9liS7sHFAoGFUVUF7SOpUzOGJi/zeKLsz4Ym6I3q1lrms7el0JgGY=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 22 Apr 2021 15:18:21 GMT; Max-Age=14398; HttpOnly _abck=8696C383A78BB840E462F117F7A8D1DA~-1~YAAQjLsQAvZO1Np4AQAA4mhN+QVHl88aikp+za6jeuxiN7VL4gAWvxUu0Wh8u7FfK0zR8furLdbH+XPQW004hrwuBNymJoQakHoO404/hHaLtb3veFfJ55t5KrztY3ldRxsLWU1IGiH+z2kuLQ2y1kuLoGaHNUAKpO4eP2SVLPxaEu8Iyh4TEtAtcPZIBWIHf5V/HePjsC1Q5QHrA6oATCNnUZQqmheIR/hRZj+LHlsvdT/XzM8McdlbVmHN/fNXq1z4P+zBqlU7JQId+fvkr72iujnI4BUO7JsdKSXqIPP2z0GdhNpclwvxKcAcHzeWKydQQT1pLZtbFH2wPV9VsFKQfiXg2/RDP0A7+1zeIOIAJrXuHkve0JfXhpo2me7qpqomTtkwvA==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 22 Apr 2022 11:18:23 GMT; Max-Age=31536000; Secure
2988.json
script.crazyegg.com/pages/data-scripts/0018/ 		23 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/2988.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21ca1e4c12dc930ab431e7e98a88452a1c6386cb1c143c07076895c347ff1cb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
cf-cache-status
HIT
age
15177
ce-version
11.1.272
content-length
1782
cf-request-id
099ae67b4300002bcab5008000000001
timing-allow-origin
*
last-modified
Thu, 22 Apr 2021 07:05:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
643e7371ff3a2bca-FRA
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-91.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 18:47:13 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 08 Jul 2020 20:34:30 GMT
Server
AmazonS3
Age
232269
ETag
W/"a8663f72a1dbe614b19f167a59af368d"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
7QmSDhpVEbanrUalkpLVzwhVvgr_AuqKRA3aTB0-uy6kmeq0a9joSQ==
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de&u=CBxb7_pN-PKDyK6og&d=heraldsun.com.au&g=36976&g0=news%2Cbreaking-news%2Cstory%2Cno_video%2Cpc.ct.free&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3194&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4969&t=WXFQKBGFDsxDLwySdzHHoNBIw6fi&V=126&i=Germany%20seeking%20to%20buy%2030%20mn%20Sputnik%20doses%20from%20Russia%3A%20state%20premier%20%7C%20Herald%20Sun&tz=-120&_acct=anon&sn=1&sv=B-w6fdDyQcJUDD0uFzDV0uE7DLHkxC&sd=1&im=06530c52&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.164.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-164-179.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
pubads_impl_2021041901.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
012deb702d2f006f2ad08a3ecf6bb74406c49952d2719d58265d3b98db67fcf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 08:38:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107961
x-xss-protection
0
expires
Thu, 22 Apr 2021 11:18:21 GMT
undefined
www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/undefined
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:path
/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/undefined
pragma
no-cache
cookie
n_regis=123456789; AWSALB=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; nk=3cbc7ad141fd17bb5e0c1222bb81034f; AWSALBCORS=5KPTYd+NMWXNb/8QSkTMdp9v4Bzqy9vcU/pB8ST+MdWc0AJQgKrVV1LC6Gysa8qXytXqy48Rep7CaFfmHgC8VLACaAew3MI3rAw7nk4P3oSi3P4fKKYoAa9mwflq; lux_uid=161909030106315761; _tb_sess_r=; _tb_t_ppg=https%3A//www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY; trc_cookie_storage=newscorpau-aud-heraldsun%253Asession-data%3Dv2_f5d306e2fbf7b2d20c2cdbaaddad5f9d_a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd_1619090301_1619090301_CNawjgYQgPNHGMbBtcqPLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQhDm3moMCwjDARDm3moMCwiJARDm3moMCwiRARDm3moMCwggEObeagwLCKEBEObeagwLCKIBEObeagwLCCQQ5t5qDAsIJxDm3moMCwirARDm3moMCwitARDm3moMCwiuARDm3moMCwiwARDm3moMCwiyARDm3moMCwi1ARDm3moMCwi2ARDm3moMCwg7EObeagwLCD8QpshqDAwTFA%7Ctaboola%2520global%253Auser-id%3Da7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd; com.auth0.auth.uPJ84jF4fBmFptgRo9ROZUnUKUgV95bm={%22nonce%22:%22Q9sFY17t6KuMT87LCQVFO99Eae39Hpkf%22%2C%22state%22:%22uPJ84jF4fBmFptgRo9ROZUnUKUgV95bm%22}; com.auth0.auth.1e.smvZsQM9lDy9oC_z0C.xognUbTtiQ={%22nonce%22:%22icrgOPk_gcdlw4YMfD2Uzs5o5QUat89U%22%2C%22state%22:%221e.smvZsQM9lDy9oC_z0C.xognUbTtiQ%22}; com.auth0.auth.GGM6h12qkFYj9.SYAwP5zeRr~moP-qZK={%22nonce%22:%220kkUAcgltHCyK~EiUaUtEj-jF-0hMr7k%22%2C%22state%22:%22GGM6h12qkFYj9.SYAwP5zeRr~moP-qZK%22}; utag_main=v_id:0178f94d62cd0008393d7e8e1ded00072013006a00b08$_sn:1$_se:1$_ss:1$_st:1619092101646$ses_id:1619090301646%3Bexp-session$_pn:1%3Bexp-session; com.auth0.auth.oC~GkSNXfsELlzcfgtLcKSIZYtTZ2SAz={%22nonce%22:%2200UQ1Rv1Sy9ZJ.ejZFnr0IdMthZ-NShN%22%2C%22state%22:%22oC~GkSNXfsELlzcfgtLcKSIZYtTZ2SAz%22}; ad_site_view_t=2021-4-22; ad_site_view=1; _cb_ls=1; _cb=CBxb7_pN-PKDyK6og; _chartbeat2=.1619090301782.1619090301782.1.B-w6fdDyQcJUDD0uFzDV0uE7DLHkxC.1; _cb_svref=null
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
x-rq
ewr4 118 215 3273
server
nginx
date
Thu, 22 Apr 2021 11:18:25 GMT
vary
User-Agent Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
cache-control
max-age=53
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2fnews-story%2fundefined&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=undefined&session=3cbc7ad141fd17bb5e0c1222bb81034f
set-cookie
AWSALB=IesuYAg6YkMIHx2U4husLsYp6pvihNUFYf5R2UGHiuFYfKxyaZafqZVwP7c6j0rPrd8QpWuySVUFRySDCV87RwNzLhmaco/zvNVfjdT38pgkLk4xB6AvbLIureSb; Expires=Thu, 29 Apr 2021 11:18:24 GMT; Path=/ nk=3cbc7ad141fd17bb5e0c1222bb81034f; expires=Sun, 21 Apr 2024 11:18:25 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=IesuYAg6YkMIHx2U4husLsYp6pvihNUFYf5R2UGHiuFYfKxyaZafqZVwP7c6j0rPrd8QpWuySVUFRySDCV87RwNzLhmaco/zvNVfjdT38pgkLk4xB6AvbLIureSb; Expires=Thu, 29 Apr 2021 11:18:24 GMT; Path=/; SameSite=None; Secure
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 22 Apr 2021 11:19:18 GMT
st
imprammp.taboola.com/ Frame 9C4A 		973 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7vKwCFgPoL7TmNGz-QQToL7TmNGz-QQUAAAAGBvQHHDNjjhiTyWaxoOw2w8VwNVjMlpPhcDNZLYfAMTPmiDGZbBYLym4zXAxHy8ViORqtdpPRcgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIt0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA735qXy-u0-9yiv1vier41g7Xa7tYcXqe70-sW-T0vz1tm-bvdktfn83S4NaeH6eUWXF5up8vyl7t8n7fm9Lc8_6rFyDHzzVwri2_iWOwWK4fJMbMNdjOPy2Ibjlx2AAAAAHgAmBK8h_gBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAAEDQGdMAgOJgONfd-rIbHa7Py-4PAICHAhAAAAEMEoCCveISgI2R_hMAAAAAAAAAAJb_____mAH6lhoZgJCzhB6ABx-AB6KCxCJGAAAAAJBMbR5HkzqhsqgCACBItwK4AgAIwMtvCtMNAwAAIBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkRmZmlBLAAAar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxCT2WCz2i2Ho9kBAAAA3P3____rgZhr5BnMVpaZxeabWEaWwcayMVkcDpPJYXLNnCPv9XnCwC7dGuL1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTvsVmOfHY1hLHbuQWzTYmt3Kz2LgVvsnEsByZhgvfbi16fUy_3cJlmJm8KBhguRfBRTqRu3yfj99yeLjeCtfJLXRZHmaT53W3iCWak0U6kV32NdfIM5itLDOLzTexjCyDjWVjsjgcJpPD5Jo5R_6Gb7FZTjy2tcSxG7lFs43JrdwsNm6FbzIxLEem4cK3W4teH9Nvt3AZZiZ_Y7ZYDpaDzWCxb8wWy8FysBks9h06w3f1ORs9Q53IY1MspI_jUGY-KFwGi_cnMS2m3dnB8_sdnTb1S1nUGYWX79FrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0IjLMFpPBbDHYDCY2l2e42GwGI8vCZhoMBrOZazURS5Smi3Sil1heDq_T7nPLXb7PX-eyvB1251vzcnmddp9b9HdLXM-3ZrBW292aw-t0d3rdIr_n5XnLLH-3W_L6fJ4Ot-b0ML3cgsvL7XRZ_nKX7_PWnP6W51-1GDlmvplrZfFNHIvdYuUwOWa2wW7mcVlsw5HLov5jQ4xGc91srhgs55rBKgEAAAAAAAAALGHOvAkAAADAaTCr5Wa2Wi5ARD6g7k9yczPRz09ycePHGO7yfT5-y-HheitcJ7fQZXmYTZ7X3coAEfeszJs9E8RarZY1AACAADYAAEAAt27eAsIsOQ!&cmcv=&pix=undefined&cb=1619090301838&uv=2957&tms=1619090301838&abt=aat1_vA!adh5c-1_vA!id5mc_vA!insc_vA!spa2_vA!sre_vA!t45!ufm!ul89551-722_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F9D12231A273818501692883259&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7vKwCFgPoL7TmNGz-QQToL7TmNGz-QQUAAAAGBvQHHDNjjhiTyWaxoOw2w8VwNVjMlpPhcDNZLYfAMTPmiDGZbBYLym4zXAxHy8ViORqtdpPRcgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIt0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA735qXy-u0-9yiv1vier41g7Xa7tYcXqe70-sW-T0vz1tm-bvdktfn83S4NaeH6eUWXF5up8vyl7t8n7fm9Lc8_6rFyDHzzVwri2_iWOwWK4fJMbMNdjOPy2Ibjlx2AAAAAHgAmBK8h_gBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAAEDQGdMAgOJgONfd-rIbHa7Py-4PAICHAhAAAAEMEoCCveISgI2R_hMAAAAAAAAAAJb_____mAH6lhoZgJCzhB6ABx-AB6KCxCJGAAAAAJBMbR5HkzqhsqgCACBItwK4AgAIwMtvCtMNAwAAIBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkRmZmlBLAAAar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxCT2WCz2i2Ho9kBAAAA3P3____rgZhr5BnMVpaZxeabWEaWwcayMVkcDpPJYXLNnCPv9XnCwC7dGuL1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTvsVmOfHY1hLHbuQWzTYmt3Kz2LgVvsnEsByZhgvfbi16fUy_3cJlmJm8KBhguRfBRTqRu3yfj99yeLjeCtfJLXRZHmaT53W3iCWak0U6kV32NdfIM5itLDOLzTexjCyDjWVjsjgcJpPD5Jo5R_6Gb7FZTjy2tcSxG7lFs43JrdwsNm6FbzIxLEem4cK3W4teH9Nvt3AZZiZ_Y7ZYDpaDzWCxb8wWy8FysBks9h06w3f1ORs9Q53IY1MspI_jUGY-KFwGi_cnMS2m3dnB8_sdnTb1S1nUGYWX79FrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0IjLMFpPBbDHYDCY2l2e42GwGI8vCZhoMBrOZazURS5Smi3Sil1heDq_T7nPLXb7PX-eyvB1251vzcnmddp9b9HdLXM-3ZrBW292aw-t0d3rdIr_n5XnLLH-3W_L6fJ4Ot-b0ML3cgsvL7XRZ_nKX7_PWnP6W51-1GDlmvplrZfFNHIvdYuUwOWa2wW7mcVlsw5HLov5jQ4xGc91srhgs55rBKgEAAAAAAAAALGHOvAkAAADAaTCr5Wa2Wi5ARD6g7k9yczPRz09ycePHGO7yfT5-y-HheitcJ7fQZXmYTZ7X3coAEfeszJs9E8RarZY1AACAADYAAEAAt27eAsIsOQ!&cmcv=&pix=undefined&cb=1619090301838&uv=2957&tms=1619090301838&abt=aat1_vA!adh5c-1_vA!id5mc_vA!insc_vA!spa2_vA!sre_vA!t45!ufm!ul89551-722_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F9D12231A273818501692883259&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Thu, 22 Apr 2021 11:18:21 GMT
via
1.1 varnish
x-served-by
cache-hhn11525-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1619090302.844995,VS0,VE10
vary
Accept-Encoding
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7vKwCFgPoL7TmNGz-QQToL7TmNGz-QQUAAAAGBvQHHDNjjhiTyWaxoOw2w8VwNVjMlpPhcDNZLYfAMTPmiDGZbBYLym4zXAxHy8ViORqtdpPRcgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIt0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA735qXy-u0-9yiv1vier41g7Xa7tYcXqe70-sW-T0vz1tm-bvdktfn83S4NaeH6eUWXF5up8vyl7t8n7fm9Lc8_6rFyDHzzVwri2_iWOwWK4fJMbMNdjOPy2Ibjlx2AAAAAHgAmBK8h_gBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAAEDQGdMAgOJgONfd-rIbHa7Py-4PAICHAhAAAAEMEoCCveISgI2R_hMAAAAAAAAAAJb_____mAH6lhoZgJCzhB6ABx-AB6KCxCJGAAAAAJBMbR5HkzqhsqgCACBItwK4AgAIwMtvCtMNAwAAIBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkRmZmlBLAAAar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxCT2WCz2i2Ho9kBAAAA3P3____rgZhr5BnMVpaZxeabWEaWwcayMVkcDpPJYXLNnCPv9XnCwC7dGuL1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTvsVmOfHY1hLHbuQWzTYmt3Kz2LgVvsnEsByZhgvfbi16fUy_3cJlmJm8KBhguRfBRTqRu3yfj99yeLjeCtfJLXRZHmaT53W3iCWak0U6kV32NdfIM5itLDOLzTexjCyDjWVjsjgcJpPD5Jo5R_6Gb7FZTjy2tcSxG7lFs43JrdwsNm6FbzIxLEem4cK3W4teH9Nvt3AZZiZ_Y7ZYDpaDzWCxb8wWy8FysBks9h06w3f1ORs9Q53IY1MspI_jUGY-KFwGi_cnMS2m3dnB8_sdnTb1S1nUGYWX79FrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0IjLMFpPBbDHYDCY2l2e42GwGI8vCZhoMBrOZazURS5Smi3Sil1heDq_T7nPLXb7PX-eyvB1251vzcnmddp9b9HdLXM-3ZrBW292aw-t0d3rdIr_n5XnLLH-3W_L6fJ4Ot-b0ML3cgsvL7XRZ_nKX7_PWnP6W51-1GDlmvplrZfFNHIvdYuUwOWa2wW7mcVlsw5HLov5jQ4xGc91srhgs55rBKgEAAAAAAAAALGHOvAkAAADAaTCr5Wa2Wi5ARD6g7k9yczPRz09ycePHGO7yfT5-y-HheitcJ7fQZXmYTZ7X3coAEfeszJs9E8RarZY1AACAADYAAEAAt27eAsIsOQ!&cmcv=&pix=31589837&cb=1619090301838&uv=2957&tms=1619090301838&abt=aat1_vA!adh5c-1_vA!id5mc_vA!insc_vA!spa2_vA!sre_vA!t45!ufm!ul89551-722_vB&ft=0&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1619090296829.4558!ts:1619090301837&mntl=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-length
0
server
nginx
11.1.272.js
script.crazyegg.com/pages/versioned/common-scripts/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.272.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad835c4747bb13fd0aba70ccdf79f30275af189e93d6e0b3c3bd7e53237c1a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:21 GMT
content-encoding
gzip
cf-cache-status
HIT
age
82344
cf-ray
643e73728f744a6d-FRA
content-length
20482
cf-request-id
099ae67b9900004a6d68812000000001
last-modified
Fri, 09 Apr 2021 17:32:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619090301866
  • http://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619090301866
0
0
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		63 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiGHost /
Resource Hash
c7e5c94584c7a69b7da90a656c5b4f6af46beeb35d66ef255f7f0705ef6b1bf5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
server
AkamaiGHost
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag
"f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=0, no-cache
content-length
63
mime-version
1.0
expires
Thu, 22 Apr 2021 11:18:22 GMT
id
metrics.heraldsun.com.au/ 		48 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=43085981809138204246847102887396970960&ts=1619090301974
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
48d3221be8abb72faec69a02a3c4fb8489fdc2244c98fb67ddf0dec71b0937ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-5db677d464-w8fln
vary
Origin
x-c
main-1455.Icbb9a9.M0-487
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		16 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-190.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
584ebca28b361c3381c686b75b71c2cb4cdc074bc0ba6e44980c9db33c5cdf1c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wNcZVqk5y.Y6LUl0L8PK4xYsYrqrcsAQ
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 03:28:57 GMT
server
ATS/7.1.0
x-amz-request-id
SMEYB0FFYPMDF5P9
etag
"14ead9bc02aa8f3cf645cfb425ed68e2"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=600
date
Thu, 22 Apr 2021 11:18:22 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1179
x-amz-id-2
0/fHFPUZQ+PkzhV9o8CbePJPiAo/0RnPjt4xD+ZUf95uaFE1MpGhdI3WGdE6r6AdDfkRlPpvx4E=
m
secure-gl.imrworldwide.com/cgi-bin/ 		44 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1619090301999&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&sr=1600x1200&tz=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ec00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
x-cache
Miss from cloudfront
content-type
image/gif
content-length
44
x-amz-cf-id
z3n5T7AJ63nbPj9URcSJcT4YwFaZ49U9TyGhzxYMfXZJjUYJBrZB_A==
expires
Thu, 01 Dec 1994 16:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5863
x-xss-protection
0
server
cafe
etag
12453517290502062038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Apr 2021 12:02:35 GMT
pub
pixel.adsafeprotected.com/services/ 		828 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=cc466166-37b2-bb6d-a0b9-beee21958d4e&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fnews%252Fbreaking-news%252Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%252Fnews-story%252F51d1f7f5eb7b1171ead1f607fceb68de%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
998beb94d3451a6ce6e478705eb2eae41dc6a8e9ff6d9dff30eef4a3b963f7aa

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
x-server-name
app29.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210420/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210420/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=849107178945.1321?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:14:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:14:10 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
528 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTbnSBTexlUOjjZU09ufZyrbLmENj-NH37IkHyRTcUQwW4dKxl3StfPgvudhj-nIiZTKMW0u7xfC9ZTXCD_jbOq9KH872UyL35w6ykmiNAGDJs_jVvVHBECRMH3eX4BR5f&sig=Cg0ArKJSzM5K2jS_jDqYEAE&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cisv=r20210420.93735&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=849107178945.1321?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=43085981809138204246847102887396970960&d_cid_ic=newsnkidcookie%013cbc7ad141fd17bb5e0c1222bb81034f%011&ts=1619090302041
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.68.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-68-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
17ae9f7a3185cb40620c2c84feb7e750b4abdbca7abf4272a2bd253e429d7a45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v004-08b1a0f3e.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
1lL/BE7TTEs=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1539
Expires
Thu, 01 Jan 1970 00:00:00 UTC
generic
match.adsrvr.org/track/cmf/ Frame 9C4A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7vKwCFgPoL7TmNGz-QQToL7TmNGz-QQUAAAAGBvQHHDNjjhiTyWaxoOw2w8VwNVjMlpPhcDNZLYfAMTPmiDGZbBYLym4zXAxHy8ViORqtdpPRcgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIt0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA735qXy-u0-9yiv1vier41g7Xa7tYcXqe70-sW-T0vz1tm-bvdktfn83S4NaeH6eUWXF5up8vyl7t8n7fm9Lc8_6rFyDHzzVwri2_iWOwWK4fJMbMNdjOPy2Ibjlx2AAAAAHgAmBK8h_gBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAAEDQGdMAgOJgONfd-rIbHa7Py-4PAICHAhAAAAEMEoCCveISgI2R_hMAAAAAAAAAAJb_____mAH6lhoZgJCzhB6ABx-AB6KCxCJGAAAAAJBMbR5HkzqhsqgCACBItwK4AgAIwMtvCtMNAwAAIBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkRmZmlBLAAAar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxCT2WCz2i2Ho9kBAAAA3P3____rgZhr5BnMVpaZxeabWEaWwcayMVkcDpPJYXLNnCPv9XnCwC7dGuL1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTvsVmOfHY1hLHbuQWzTYmt3Kz2LgVvsnEsByZhgvfbi16fUy_3cJlmJm8KBhguRfBRTqRu3yfj99yeLjeCtfJLXRZHmaT53W3iCWak0U6kV32NdfIM5itLDOLzTexjCyDjWVjsjgcJpPD5Jo5R_6Gb7FZTjy2tcSxG7lFs43JrdwsNm6FbzIxLEem4cK3W4teH9Nvt3AZZiZ_Y7ZYDpaDzWCxb8wWy8FysBks9h06w3f1ORs9Q53IY1MspI_jUGY-KFwGi_cnMS2m3dnB8_sdnTb1S1nUGYWX79FrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0IjLMFpPBbDHYDCY2l2e42GwGI8vCZhoMBrOZazURS5Smi3Sil1heDq_T7nPLXb7PX-eyvB1251vzcnmddp9b9HdLXM-3ZrBW292aw-t0d3rdIr_n5XnLLH-3W_L6fJ4Ot-b0ML3cgsvL7XRZ_nKX7_PWnP6W51-1GDlmvplrZfFNHIvdYuUwOWa2wW7mcVlsw5HLov5jQ4xGc91srhgs55rBKgEAAAAAAAAALGHOvAkAAADAaTCr5Wa2Wi5ARD6g7k9yczPRz09ycePHGO7yfT5-y-HheitcJ7fQZXmYTZ7X3coAEfeszJs9E8RarZY1AACAADYAAEAAt27eAsIsOQ!&cmcv=&pix=undefined&cb=1619090301838&uv=2957&tms=1619090301838&abt=aat1_vA!adh5c-1_vA!id5mc_vA!insc_vA!spa2_vA!sre_vA!t45!ufm!ul89551-722_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F9D12231A273818501692883259&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.128.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-128-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 9C4A 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7vKwCFgPoL7TmNGz-QQToL7TmNGz-QQUAAAAGBvQHHDNjjhiTyWaxoOw2w8VwNVjMlpPhcDNZLYfAMTPmiDGZbBYLym4zXAxHy8ViORqtdpPRcgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIt0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA735qXy-u0-9yiv1vier41g7Xa7tYcXqe70-sW-T0vz1tm-bvdktfn83S4NaeH6eUWXF5up8vyl7t8n7fm9Lc8_6rFyDHzzVwri2_iWOwWK4fJMbMNdjOPy2Ibjlx2AAAAAHgAmBK8h_gBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAAEDQGdMAgOJgONfd-rIbHa7Py-4PAICHAhAAAAEMEoCCveISgI2R_hMAAAAAAAAAAJb_____mAH6lhoZgJCzhB6ABx-AB6KCxCJGAAAAAJBMbR5HkzqhsqgCACBItwK4AgAIwMtvCtMNAwAAIBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkRmZmlBLAAAar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxCT2WCz2i2Ho9kBAAAA3P3____rgZhr5BnMVpaZxeabWEaWwcayMVkcDpPJYXLNnCPv9XnCwC7dGuL1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTvsVmOfHY1hLHbuQWzTYmt3Kz2LgVvsnEsByZhgvfbi16fUy_3cJlmJm8KBhguRfBRTqRu3yfj99yeLjeCtfJLXRZHmaT53W3iCWak0U6kV32NdfIM5itLDOLzTexjCyDjWVjsjgcJpPD5Jo5R_6Gb7FZTjy2tcSxG7lFs43JrdwsNm6FbzIxLEem4cK3W4teH9Nvt3AZZiZ_Y7ZYDpaDzWCxb8wWy8FysBks9h06w3f1ORs9Q53IY1MspI_jUGY-KFwGi_cnMS2m3dnB8_sdnTb1S1nUGYWX79FrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0IjLMFpPBbDHYDCY2l2e42GwGI8vCZhoMBrOZazURS5Smi3Sil1heDq_T7nPLXb7PX-eyvB1251vzcnmddp9b9HdLXM-3ZrBW292aw-t0d3rdIr_n5XnLLH-3W_L6fJ4Ot-b0ML3cgsvL7XRZ_nKX7_PWnP6W51-1GDlmvplrZfFNHIvdYuUwOWa2wW7mcVlsw5HLov5jQ4xGc91srhgs55rBKgEAAAAAAAAALGHOvAkAAADAaTCr5Wa2Wi5ARD6g7k9yczPRz09ycePHGO7yfT5-y-HheitcJ7fQZXmYTZ7X3coAEfeszJs9E8RarZY1AACAADYAAEAAt27eAsIsOQ!&cmcv=&pix=undefined&cb=1619090301838&uv=2957&tms=1619090301838&abt=aat1_vA!adh5c-1_vA!id5mc_vA!insc_vA!spa2_vA!sre_vA!t45!ufm!ul89551-722_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F9D12231A273818501692883259&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:7659:1bf:d736:fba9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame 9C4A 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7vKwCFgPoL7TmNGz-QQToL7TmNGz-QQUAAAAGBvQHHDNjjhiTyWaxoOw2w8VwNVjMlpPhcDNZLYfAMTPmiDGZbBYLym4zXAxHy8ViORqtdpPRcgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIt0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA735qXy-u0-9yiv1vier41g7Xa7tYcXqe70-sW-T0vz1tm-bvdktfn83S4NaeH6eUWXF5up8vyl7t8n7fm9Lc8_6rFyDHzzVwri2_iWOwWK4fJMbMNdjOPy2Ibjlx2AAAAAHgAmBK8h_gBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAAEDQGdMAgOJgONfd-rIbHa7Py-4PAICHAhAAAAEMEoCCveISgI2R_hMAAAAAAAAAAJb_____mAH6lhoZgJCzhB6ABx-AB6KCxCJGAAAAAJBMbR5HkzqhsqgCACBItwK4AgAIwMtvCtMNAwAAIBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkRmZmlBLAAAar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxCT2WCz2i2Ho9kBAAAA3P3____rgZhr5BnMVpaZxeabWEaWwcayMVkcDpPJYXLNnCPv9XnCwC7dGuL1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTvsVmOfHY1hLHbuQWzTYmt3Kz2LgVvsnEsByZhgvfbi16fUy_3cJlmJm8KBhguRfBRTqRu3yfj99yeLjeCtfJLXRZHmaT53W3iCWak0U6kV32NdfIM5itLDOLzTexjCyDjWVjsjgcJpPD5Jo5R_6Gb7FZTjy2tcSxG7lFs43JrdwsNm6FbzIxLEem4cK3W4teH9Nvt3AZZiZ_Y7ZYDpaDzWCxb8wWy8FysBks9h06w3f1ORs9Q53IY1MspI_jUGY-KFwGi_cnMS2m3dnB8_sdnTb1S1nUGYWX79FrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0IjLMFpPBbDHYDCY2l2e42GwGI8vCZhoMBrOZazURS5Smi3Sil1heDq_T7nPLXb7PX-eyvB1251vzcnmddp9b9HdLXM-3ZrBW292aw-t0d3rdIr_n5XnLLH-3W_L6fJ4Ot-b0ML3cgsvL7XRZ_nKX7_PWnP6W51-1GDlmvplrZfFNHIvdYuUwOWa2wW7mcVlsw5HLov5jQ4xGc91srhgs55rBKgEAAAAAAAAALGHOvAkAAADAaTCr5Wa2Wi5ARD6g7k9yczPRz09ycePHGO7yfT5-y-HheitcJ7fQZXmYTZ7X3coAEfeszJs9E8RarZY1AACAADYAAEAAt27eAsIsOQ!&cmcv=&pix=undefined&cb=1619090301838&uv=2957&tms=1619090301838&abt=aat1_vA!adh5c-1_vA!id5mc_vA!insc_vA!spa2_vA!sre_vA!t45!ufm!ul89551-722_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F9D12231A273818501692883259&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 9C4A
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=72a9ccb5-a35c-11eb-bbae-1d34abdd0206&orig=video&us_privacy=1---
0
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=72a9ccb5-a35c-11eb-bbae-1d34abdd0206&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7vKwCFgPoL7TmNGz-QQToL7TmNGz-QQUAAAAGBvQHHDNjjhiTyWaxoOw2w8VwNVjMlpPhcDNZLYfAMTPmiDGZbBYLym4zXAxHy8ViORqtdpPRcgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIt0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA735qXy-u0-9yiv1vier41g7Xa7tYcXqe70-sW-T0vz1tm-bvdktfn83S4NaeH6eUWXF5up8vyl7t8n7fm9Lc8_6rFyDHzzVwri2_iWOwWK4fJMbMNdjOPy2Ibjlx2AAAAAHgAmBK8h_gBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAAEDQGdMAgOJgONfd-rIbHa7Py-4PAICHAhAAAAEMEoCCveISgI2R_hMAAAAAAAAAAJb_____mAH6lhoZgJCzhB6ABx-AB6KCxCJGAAAAAJBMbR5HkzqhsqgCACBItwK4AgAIwMtvCtMNAwAAIBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkRmZmlBLAAAar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxCT2WCz2i2Ho9kBAAAA3P3____rgZhr5BnMVpaZxeabWEaWwcayMVkcDpPJYXLNnCPv9XnCwC7dGuL1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTvsVmOfHY1hLHbuQWzTYmt3Kz2LgVvsnEsByZhgvfbi16fUy_3cJlmJm8KBhguRfBRTqRu3yfj99yeLjeCtfJLXRZHmaT53W3iCWak0U6kV32NdfIM5itLDOLzTexjCyDjWVjsjgcJpPD5Jo5R_6Gb7FZTjy2tcSxG7lFs43JrdwsNm6FbzIxLEem4cK3W4teH9Nvt3AZZiZ_Y7ZYDpaDzWCxb8wWy8FysBks9h06w3f1ORs9Q53IY1MspI_jUGY-KFwGi_cnMS2m3dnB8_sdnTb1S1nUGYWX79FrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0IjLMFpPBbDHYDCY2l2e42GwGI8vCZhoMBrOZazURS5Smi3Sil1heDq_T7nPLXb7PX-eyvB1251vzcnmddp9b9HdLXM-3ZrBW292aw-t0d3rdIr_n5XnLLH-3W_L6fJ4Ot-b0ML3cgsvL7XRZ_nKX7_PWnP6W51-1GDlmvplrZfFNHIvdYuUwOWa2wW7mcVlsw5HLov5jQ4xGc91srhgs55rBKgEAAAAAAAAALGHOvAkAAADAaTCr5Wa2Wi5ARD6g7k9yczPRz09ycePHGO7yfT5-y-HheitcJ7fQZXmYTZ7X3coAEfeszJs9E8RarZY1AACAADYAAEAAt27eAsIsOQ!&cmcv=&pix=undefined&cb=1619090301838&uv=2957&tms=1619090301838&abt=aat1_vA!adh5c-1_vA!id5mc_vA!insc_vA!spa2_vA!sre_vA!t45!ufm!ul89551-722_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F9D12231A273818501692883259&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Thu, 22 Apr 2021 11:18:22 GMT
server
nginx
x-fastly-to-nlb-rtt
18309

Redirect headers

Date
Thu, 22 Apr 2021 11:18:22 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=72a9ccb5-a35c-11eb-bbae-1d34abdd0206&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
101
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 9C4A 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7vKwCFgPoL7TmNGz-QQToL7TmNGz-QQUAAAAGBvQHHDNjjhiTyWaxoOw2w8VwNVjMlpPhcDNZLYfAMTPmiDGZbBYLym4zXAxHy8ViORqtdpPRcgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIt0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA735qXy-u0-9yiv1vier41g7Xa7tYcXqe70-sW-T0vz1tm-bvdktfn83S4NaeH6eUWXF5up8vyl7t8n7fm9Lc8_6rFyDHzzVwri2_iWOwWK4fJMbMNdjOPy2Ibjlx2AAAAAHgAmBK8h_gBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAAEDQGdMAgOJgONfd-rIbHa7Py-4PAICHAhAAAAEMEoCCveISgI2R_hMAAAAAAAAAAJb_____mAH6lhoZgJCzhB6ABx-AB6KCxCJGAAAAAJBMbR5HkzqhsqgCACBItwK4AgAIwMtvCtMNAwAAIBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQkRmZmlBLAAAar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxCT2WCz2i2Ho9kBAAAA3P3____rgZhr5BnMVpaZxeabWEaWwcayMVkcDpPJYXLNnCPv9XnCwC7dGuL1hQjL7PcdFJTT02N2GURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8ALgc4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgTvsVmOfHY1hLHbuQWzTYmt3Kz2LgVvsnEsByZhgvfbi16fUy_3cJlmJm8KBhguRfBRTqRu3yfj99yeLjeCtfJLXRZHmaT53W3iCWak0U6kV32NdfIM5itLDOLzTexjCyDjWVjsjgcJpPD5Jo5R_6Gb7FZTjy2tcSxG7lFs43JrdwsNm6FbzIxLEem4cK3W4teH9Nvt3AZZiZ_Y7ZYDpaDzWCxb8wWy8FysBks9h06w3f1ORs9Q53IY1MspI_jUGY-KFwGi_cnMS2m3dnB8_sdnTb1S1nUGYWX79FrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0IjLMFpPBbDHYDCY2l2e42GwGI8vCZhoMBrOZazURS5Smi3Sil1heDq_T7nPLXb7PX-eyvB1251vzcnmddp9b9HdLXM-3ZrBW292aw-t0d3rdIr_n5XnLLH-3W_L6fJ4Ot-b0ML3cgsvL7XRZ_nKX7_PWnP6W51-1GDlmvplrZfFNHIvdYuUwOWa2wW7mcVlsw5HLov5jQ4xGc91srhgs55rBKgEAAAAAAAAALGHOvAkAAADAaTCr5Wa2Wi5ARD6g7k9yczPRz09ycePHGO7yfT5-y-HheitcJ7fQZXmYTZ7X3coAEfeszJs9E8RarZY1AACAADYAAEAAt27eAsIsOQ!&cmcv=&pix=undefined&cb=1619090301838&uv=2957&tms=1619090301838&abt=aat1_vA!adh5c-1_vA!id5mc_vA!insc_vA!spa2_vA!sre_vA!t45!ufm!ul89551-722_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F9D12231A273818501692883259&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.242.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-242-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
279da92b
login.newscorpaustralia.com/akam/11/ Frame B994 		0
0
64c4f9debe4ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame B994 		0
0
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=43085981809138204246847102887396970960&d_cid_ic=newsnkidcookie%013cbc7ad141fd17bb5e0c1222bb81034f%011&ts=1619090302066
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.68.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-68-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cee186f19e3802adc9212d46c152f7ee7ad846527420c6615cdcd0f36a74ce68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v004-0c3092c0e.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
jNzsdsPyT3E=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1538
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dest5.html
newscorpau.demdex.net/ Frame 63CC 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
newscorpau.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.heraldsun.com.au/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=62805804159782286080150871197948392421
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Thu, 22 Apr 2021 11:18:22 GMT
DCS
dcs-prod-irl1-1-v004-071f92367.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 21 Apr 2021 11:56:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
hLoQF8ISRgA=
Content-Length
2791
Connection
keep-alive
s56170995382053
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 		43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s56170995382053?AQB=1&ndh=1&pf=1&t=22%2F3%2F2021%2013%3A18%3A22%204%20-120&cid.&newsnkidcookie.&id=3cbc7ad141fd17bb5e0c1222bb81034f&as=1&.newsnkidcookie&.cid&vid=3cbc7ad141fd17bb5e0c1222bb81034f&mid=43085981809138204246847102887396970960&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5P&cc=AUD&ch=D%3Dv4&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Cnews%7Cbreaking-news&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=news&c5=D%3Dv5&v5=breaking-news&c9=D%3Dv9&v9=story&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c15=D%3Dv15&v15=free&c16=D%3Dv16&v16=51d1f7f5eb7b1171ead1f607fceb68de&c17=D%3Dv17&v17=germany%20seeking%20to%20buy%2030%20mn%20sputnik%20doses%20from%20russia%3A%20state%20premier&c19=D%3Dv19&v19=afp&c20=D%3Dv20&v20=2021-04-22%2019%3A48%3A50&c22=D%3Dv22&v22=9%3A18%20PM%7CThursday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c46=D%3Dv46&v46=not%20logged%20in&c50=D%3Dv50&v50=2021-04-22%2019%3A41%3A10&v52=1600x1200%7Cwindows%7C10&c60=TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null&v77=D%3Dmid&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=knzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
x-c
main-1455.Icbb9a9.M0-487
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 23 Apr 2021 11:18:22 GMT
server
jag
xserver
anedge-5db677d464-gfs6m
etag
3476969948969959424-4621895569667973480
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 21 Apr 2021 11:18:22 GMT
ibs:dpid=411&dpuuid=YIFbfgAAACDCgSkN
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=43064906755279672506849208158330175690
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIFbfgAAACDCgSkN
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIFbfgAAACDCgSkN
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.68.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-68-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-003931d07.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
iPzKwdsIRyY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIFbfgAAACDCgSkN
Date
Thu, 22 Apr 2021 11:18:22 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Serving
bs.serving-sys.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=2508649409340194169&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY$$&activityValues=$$Session%3D1252635121697921967$$&ns=0&rnd=27833883775721313
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
82.199.68.72 Zwolle, Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1e5df6fe00b04d14e7ed9e7ead03a62b5b2920cff7310c75b3b349436f6088f5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:21 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=UTF-8
Content-Length
2361
Expires
Sun, 05-Jun-2005 22:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		188 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1503972992386441&correlator=4178754106792165&output=ldjh&impl=fifs&hxva=1&scor=407238587764840&eid=31060313%2C31060740%2C31060789%2C31060494%2C31060808&vrg=2021041901&ptt=17&co=1&npa=1&sc=1&sfv=1-0-38&ecs=20210422&iu_parts=5129%2Cndm.hwt%2Cnews%2Cbreakingnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C728x90%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C300x90%7C315x90%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D72acd536-a35c-11eb-9f5d-0ae27972a930%7Cpos%3D2%26id%3D72acd537-a35c-11eb-9f5d-0ae27972a930%7Cpos%3D1%26id%3D72acd538-a35c-11eb-9f5d-0ae27972a930%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%26vw15%3D40%2C50%2C60%26grm%3D40%2C50%2C60%2C70%26vw10%3D40%2C50%2C60%26pub%3D40%2C50%2C60%2C70%7Cpos%3D2%26id%3D72acd539-a35c-11eb-9f5d-0ae27972a930%7Cpos%3D1%26id%3D72acd53a-a35c-11eb-9f5d-0ae27972a930%7Cpos%3D1%26id%3D72acd53b-a35c-11eb-9f5d-0ae27972a930%7Cpos%3D1%26id%3D72acd53c-a35c-11eb-9f5d-0ae27972a930&eri=1&cust_params=tts%3Dn%26ttm%3Dn%26us%3Db%26s%3D0%26co%3D1%26kw%3DONLINENEWSEN%252CHealth%252CONLINENEWSEN_BREAKINGNEWS%252CMoscowRU%252CBerlin%252CSachsen%252Cvirus%252CRussia%252CBreaking%2520News%252Cvaccine%252CMichael%2520Kretschmer%252CEuropean%2520Medicines%2520Agency%252CGermany%252CSputnik%26nk%3D3cbc7ad141fd17bb5e0c1222bb81034f%26sec1%3Dnews%26sec2%3Dbreakingnews%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dstory%26aid%3D51d1f7f5eb7b1171ead1f607fceb68de%26adl%3Dfalse%26snol%3Dd%252Ce%252Cg%26pvid%3D3cbc7ad141fd17bb5e0c1222bb81034f-51d1f7f5eb7b1171ead1f607fceb68de-1619090301665-492972%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_UNSCORED_PG%252CIAS_2400_KW&bc=31&abxe=1&lmt=1619090302&dt=1619090302164&dlt=1619090300853&idt=1155&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C176%2C1124%2C1124%2C176%2C1124%2C0&adys=73%2C2544%2C638%2C1575%2C2544%2C612%2C3194&adks=3343294207%2C2808698625%2C1478358836%2C2507937728%2C1895762110%2C1679177193%2C2353233395&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C1248x0%7C299x0%7C299x0%7C1248x0%7C299x0%7C1600x3194&msz=728x43%7C728x0%7C299x250%7C299x250%7C1000x0%7C300x0%7C0x0&ga_vid=2125269237.1619090302&ga_sid=1619090302&ga_hid=708781652&ga_fc=false&fws=640%2C128%2C640%2C640%2C128%2C644%2C128&ohw=0%2C0%2C0%2C0%2C0%2C300%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
814d13d54e79ebe418c33a7b373af0326d76555b9f5eca6ee2b0c6465d84a12b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21914
x-xss-protection
0
google-lineitem-id
4682990628,4682990628,4682990628,4682990628,4682990628,4795254195,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234025560,138234025551,138234092471,138234092456,138234082178,138345071646,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c435ce09fb9281cc6d5090d0e86ec874.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://c435ce09fb9281cc6d5090d0e86ec874.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
glcfg510.js
cdn-gl.imrworldwide.com/novms/js/2/configs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by
Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hQDJIZwJWrviezp1bF9091Jf9LSRyY9_
content-encoding
gzip
etag
W/"931051f801612c3a0e2782961ac3d56c"
last-modified
Mon, 15 Mar 2021 14:07:26 GMT
server
AmazonS3
age
1067
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 22 Apr 2021 11:00:36 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
-lLCwskPtBZ7ZdCqPfo1iY2lZ4_9kX-HIiuxIiZ-ND08dcOhl8-NUw==
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0bfefba0e699b77fc665e11e791631d5773acbfd215098e31fa6b72d3a6cafc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wynOZekdfiScty.dJEADBpa.4yz5teLi
content-encoding
gzip
etag
W/"20a7cde39a94b12755e4e9ca89f07df4"
last-modified
Tue, 20 Apr 2021 15:18:13 GMT
server
AmazonS3
age
1151
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Thu, 22 Apr 2021 11:17:56 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
9Pr-0oEacs2rqztOG5nQRgAd1pdmjqOg7imjlFpCmJN9wf4USb6u1A==
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		176 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
984af48e7efc952d96c92943d3dc213bfc599182fac15dfb9409eaa655b38f34

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
doo8zakPyk_h6a65dWBtLeBk97YNaGf5
content-encoding
gzip
etag
W/"5040f47ea411a7f5e3c03138f192bc36"
last-modified
Mon, 15 Mar 2021 14:07:26 GMT
server
AmazonS3
age
778
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 22 Apr 2021 11:05:25 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
9424RYiJp7bJhwWQFuw9Sm8-08sB3bPRsiHTiFfJ7Jp-jJfkkzeM6Q==
up_loader.1.1.0.js
js.adsrvr.org/ Frame B987 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.100.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-100-124.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 19:12:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
57931
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 01ec1718bcc130455b377ec6b38ad50d.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
yIq5d9QLiIBVcO_0Me8qI4-ImGN74UUWaSrCz29uERA2CtpNnz2J5A==
uwt.js
static.ads-twitter.com/ Frame 2FB6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
37612
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1619090302.262940,VS0,VE0
x-served-by
cache-hhn11542-HHN
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame A254 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:1b2::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 11:18:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=59856
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
js
www.googletagmanager.com/gtag/ Frame 127F 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ebcffa4251956cd4d0b62fd9ea28eec7dec31146c4630e8ab185b10a9e268d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34044
x-xss-protection
0
last-modified
Thu, 22 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Apr 2021 11:18:22 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame EF15 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.100.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-100-124.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 19:12:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
57931
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 01ec1718bcc130455b377ec6b38ad50d.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
a6hSwmqcTnUaKVKgy_m5ChhrarUMcxc1I4KJFJ958eg0BxvwD_eGpg==
pixie.js
acdn.adnxs.com/dmp/up/ Frame AABA 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-185.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 11:18:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 May 2020 21:04:36 GMT
Server
nginx/1.13.10
ETag
"5ebdb264-1cfb"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
2601
Expires
Fri, 23 Apr 2021 11:18:24 GMT
activityi;dc_pre=CKTK0LLdkfACFSjauwgdmcUKEw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881.07898
8228261.fls.doubleclick.net/ Frame FA27
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881.07898?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CKTK0LLdkfACFSjauwgdmcUKEw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881...
403 B
355 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKTK0LLdkfACFSjauwgdmcUKEw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881.07898?
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f6.1e100.net
Software
cafe /
Resource Hash
744ba2de9735f3771ef6cebe93b6f377163694f74d6a6cbde24ef8ea7b347fb1
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8228261.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKTK0LLdkfACFSjauwgdmcUKEw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881.07898?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 22 Apr 2021 11:18:22 GMT
expires
Thu, 22 Apr 2021 11:18:22 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
330
x-xss-protection
0
set-cookie
IDE=AHWqTUmlxAHQlBqce91L2ydMnRzdWlCpIl01qZOegBIIJlfziZQ2s1RhqlDOZYR4lHo; expires=Tue, 17-May-2022 11:18:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 22 Apr 2021 11:18:22 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKTK0LLdkfACFSjauwgdmcUKEw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881.07898?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
conversion.js
www.googleadservices.com/pagead/ Frame 340D 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
28efd6fe192789ec933ddd5421da0d4d86ebeb1caf0a1cefeb1556e2a7f8b119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16562
x-xss-protection
0
server
cafe
etag
15733049745449987369
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Apr 2021 11:18:22 GMT
activity
au-gmtdmp.mookie1.com/t/v2/ Frame EE95 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
secure.adnxs.com/ Frame EA94
Redirect Chain
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:22 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.51:80
AN-X-Request-Uuid
d6f305a5-c1f0-437e-9f88-4d01ef5082d7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:22 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.40:80
AN-X-Request-Uuid
e3ac0ee8-aa81-4b01-a948-b00c4d348c06
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
0
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:22 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid
5a097897-3bca-44b8-85f7-19a2470242e7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:22 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.49:80
AN-X-Request-Uuid
46f49e41-0841-4152-801f-c2e3c903bb0c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F55D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumnnQClsbi0EtzE4yNBs6q-XBdYSLiAtTFeEQ8ACn4ozjQPRwwRwiebn3z_SCjBiMBSngz_hxsusNQ-pVlP2UvG_U82PfVnjQVcgnCvAYoiWQsb7_rLVPSU2EhnUJzy11Saq8055RBnFoMaua3Dt_dEnI8ayiEB8Pl7kwNCZA3lRNZVx8PHUD1ZOmOYjsBpl8PN7f2CBK3MGCcd_mQwk4k3W-ww93SX7tG1svSEBniqCfa7Qxa1ykBgSFJg56jfRUugs0N1SI1LM1-cTmyGCOUpOoqX6AEIprnNUl9qp4LLiVVcXLMEPpJwtm03gnY4AI&sai=AMfl-YQfg1aTSOYsju5y9sx6nxRtNpGKwygKoIczAPAc7L5BEr1SPJEXbJXIdC5kPfeAL_NT_DC4RJ4Myxcc&sig=Cg0ArKJSzMPG8soc8LakEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/ Frame F55D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e61fbc1b28f6df7a78610c40c0166aae6cc5f7b97f797af1400755a28beb313c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7118
x-xss-protection
0
server
cafe
etag
10067803527878659939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:16:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/ Frame F55D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:17:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F55D 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Thu, 22 Apr 2021 11:18:22 GMT
7114969398400660195
tpc.googlesyndication.com/simgad/ Frame F55D 		68 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 20:54:35 GMT
x-content-type-options
nosniff
age
138227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 20:54:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C1A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstwSSKbP9928NsB4OLwq9eQNKL7v0bt9nDWKJjzfO9ydZTYcPKomLhPpsaGOgW--lVZoLw8bTaZgBsHN9Jad15Zs81OQqcRLD6QeQXSlIIpeWr4VtTyikZ2I3bA8CZ1itWMLSwE1ZiwMMz9WpN52vAtXoIgm33wjaVqMkN5YPyYTRLvKsrkZWXHb5xNVF1ttxpTH2YPsqcdyRDELXpPNUPJPA55066fiIyOVAI8WLrcdBgIaq5rfdUnMXuUXSeayWwB8l69ViDiyXsNS5I_mljPXskObaVfTUFpu1Nzo_J-YrG8OFviqYc3kcN7Wo5Bog&sai=AMfl-YR37fL5IZ3CeTc2hlA2ReBowNZWe0uxmdfPZNW5cDNnaQVMBI036C1EdKHMpWwfjXvyk-sxSEROOvJg&sig=Cg0ArKJSzDLeLTZgiPDhEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
7114969398400660195
tpc.googlesyndication.com/simgad/ Frame C1A2 		68 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 20:54:35 GMT
x-content-type-options
nosniff
age
138227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 20:54:35 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/ Frame C1A2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e61fbc1b28f6df7a78610c40c0166aae6cc5f7b97f797af1400755a28beb313c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7118
x-xss-protection
0
server
cafe
etag
10067803527878659939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:16:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/ Frame C1A2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:17:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C1A2 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Thu, 22 Apr 2021 11:18:22 GMT
l
www.google.com/ads/measurement/ Frame C1A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaROMQ6zk5cnUZDQMX7-hxEMFlwgjwcc4Z02zogwf_hTcCZ1hRQZ4Nf7Qk_KhvmLfBqwx9V_
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831909828443"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Thu, 22 Apr 2021 11:18:22 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F6D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqKQR1izMZjid5JcBKia4k19PLjjGXeCqxDAcPTOns1yq7slerMEqouStIoZ3MISzdcgW9LvIwuYSRowf-Q0sWO-bhDpZkQfrq_zwsWHknsX9zNc5EqyY-Wt4ncFthXHrOl2WY2HO8XOPrJwYbPD52VmdUxjL9-04BremIs2HRYL-O3hj1XwDe3m2zfLdP73qnls-Ab7SLXIQjYJBv6DP_NyZ6fM6oqFrYhO1vs6Uk5hZp9vcG_L4IjLCNgRRD5trQHyE3LR34TplD1TTtAw3QP8PgMvT9t6f_5aXzE1XoLtLhKPsvgcbmAMsi5C6EmY8&sai=AMfl-YSVP0gqcD93bi9QdzxVSeZX6Ao55OZU5GhSr-5wbAvIUFexlUgVB9VOauCk4G-Y728TywFbq4nPpxg5&sig=Cg0ArKJSzLHSGh4l_wBiEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/ Frame F6D9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e61fbc1b28f6df7a78610c40c0166aae6cc5f7b97f797af1400755a28beb313c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7118
x-xss-protection
0
server
cafe
etag
10067803527878659939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:16:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/ Frame F6D9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:17:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F6D9 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Thu, 22 Apr 2021 11:18:22 GMT
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame F6D9 		68 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:41:47 GMT
x-content-type-options
nosniff
age
365795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 05:41:47 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 68B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlsm0AOb-uxLyszLTDX3f0u-XEzNvK1I3Jmx3-C9okSYT4TI4Ku1SpSNlsUZHhhLSU4hjseueI9B4jNbAw56T7nfc5F_EhQkONYsMKqLoy84nbLnbg_qhXBUKmzh-i18rWbeQrAtv2AW5_znNvKqOMg5-osiiSTYeJXSZwcekF6CdpeEBN9FspqwJl9wyrwC5Gqi8S3m8tfB22qoAK3sgIgp9gx_zSVrPb6WzJUQqvQ-QfaG-EXUe9O5u58sNsmeu2-HO8XvqoDoCk0UI0b6JYGqmnyzo6fFmodkdsIN_3PGXunr9OfYlgXWZdPRD3lZ4&sai=AMfl-YT9-c_kakqOH-cMkuK4eNiU48DRbj7uD7oQigjbju4vYSOP5aH0DVLxYrteW5jT1MpAfKkHPcn3oPFu&sig=Cg0ArKJSzJsJz-W94aZ8EAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 68B2 		68 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:41:47 GMT
x-content-type-options
nosniff
age
365795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 05:41:47 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/ Frame 68B2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e61fbc1b28f6df7a78610c40c0166aae6cc5f7b97f797af1400755a28beb313c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7118
x-xss-protection
0
server
cafe
etag
10067803527878659939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:16:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/ Frame 68B2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:17:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 68B2 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Thu, 22 Apr 2021 11:18:22 GMT
l
www.google.com/ads/measurement/ Frame 68B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSZ0_d_bHFvMCldxRMQpulxZ1cX1W5eXIQc3QJu2mfTkqdP-dxZFIwiE1dwmKyRHqD9rHv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 81D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmLQPHV3RJlVzWE8FRfMR9UojJgmODYk5cmo-tYck9FvdlVGCOO2m2rJPx2oUyqCX-ztRly3qZq-FoakVnQF3hgvun10bvJRi6cZtKAwNN3kR-7L_kgvMUPkjIJAEQT1T3t9TwZT0QKtfdvS2-GvUxHidgQu4eJ7XpF2bd2FTvHkfJh2yBvCUPImPbXRSZF8Xqngcf4Av27ZEW9wsB07rKTObokd-5LQ96UQYWMgYQPkBzx1eORSLk3jXzy-ZUvT6GAtKmbtzWmN5NV1vbh3K53djOXKyv7oqkDZ9AvemCJJN2JS79UchS2cZgzWfpaoo&sai=AMfl-YRWzdL7c5SQUhl_GKshAwojDLyefu3vgOcR8cOv5Fxfw1Quj50Iw2sztGExA0OdlJYF7w0e-NGxo7Bu&sig=Cg0ArKJSzLUwpY5fvgvQEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/ Frame 81D0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e61fbc1b28f6df7a78610c40c0166aae6cc5f7b97f797af1400755a28beb313c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7118
x-xss-protection
0
server
cafe
etag
10067803527878659939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:16:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/ Frame 81D0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:17:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 81D0 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Thu, 22 Apr 2021 11:18:22 GMT
13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 81D0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13503232906761715217
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 23:02:08 GMT
x-content-type-options
nosniff
age
130574
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3270
x-xss-protection
0
last-modified
Wed, 23 May 2018 04:43:28 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 23:02:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C71F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQPRIXQ97If280uJ8nodhrSs1Z2FDKSLO3bXBuKCeVYYhI2YGJkUEP8Jd8C7YxyybJPU1kmLWWW5hyiEjmgM-xevf-vRWMcuxTQUllXk5ZuFkZDSeo_W7UnkSkl063gvtZ7g3kkEnLoQ2FjaRFleF5yqe7A_BNc3FHJJA3_-YorU-f5K9Txu2KbbeDXjqmagysxwOyDvDKFSrcq4ZDzPsTDAE7FDRmAM2GioWBRvepIVr-DPb0mlSWUqN_ywQ5uAgUOiYDR594_OV-1q7aqU9MPtceEjYWO873uhaRZS9aMprVAY0B4-4JEh2SfOrEpCw&sai=AMfl-YSN0IMOBBfatgSNFiXaszxWCnBG89_sdO_AleucZYmuSJvEf4LLe0Q2Fd48jIP-yJ5QsUYe9EXf9Ecz&sig=Cg0ArKJSzJbf1p6T0SpsEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/ Frame C71F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e61fbc1b28f6df7a78610c40c0166aae6cc5f7b97f797af1400755a28beb313c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7118
x-xss-protection
0
server
cafe
etag
10067803527878659939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:16:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/ Frame C71F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210420/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 May 2021 11:17:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C71F 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Thu, 22 Apr 2021 11:18:22 GMT
4573440487296087453
tpc.googlesyndication.com/simgad/ Frame C71F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4573440487296087453
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fa06bea7bb296b456d46727e9b3a4a62cbfb2901247b9f93434c4cb3b7fbd18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 07:08:09 GMT
x-content-type-options
nosniff
age
101413
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11304
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 01:19:20 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 07:08:09 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 65EA 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method
GET
:authority
cdn-gl.imrworldwide.com
:scheme
https
:path
/novms/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html
last-modified
Mon, 15 Mar 2021 14:07:25 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
CQNsfisV0FRFvEwJtnSHt.sxZ.rmJ_Zz
server
AmazonS3
content-encoding
gzip
date
Thu, 22 Apr 2021 10:52:28 GMT
cache-control
max-age=86400
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
hib3YOOJnQOLN3GJ9u5D4YMVw988AiBg31oIExnrMkEfGeH64hZvyw==
age
1555
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 340D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1619090302461&fst=1619090302461&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a9b3736d43b3b8ac7afea4a40408ce6576d0c9cb194a4d69bd60886e186c241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1203
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixie
ib.adnxs.com/ Frame AABA 		42 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1619090302483&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1619090302483&et=1619090302483&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 11:18:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.17.9
Connection
keep-alive
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 10.2.80.88:80
Content-Length
42
Content-Type
image/gif
collect
px4.ads.linkedin.com/ Frame A254
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619090302486&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1619090302486%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619090302486&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619090302486&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIis4PXFJ5gqAAAAXj5TWi2x4zm95hJ9PVXcpgxi8M0Q3uxmxO_5X5RJ...
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619090302486&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIis4PXFJ5gqAAAAXj5TWi2x4zm95hJ9PVXcpgxi8M0Q3uxmxO_5X5RJv8rxFtTkeSaNL6o
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
axC2fw0qeBZQqGbbwyoAAA==

Redirect headers

date
Thu, 22 Apr 2021 11:18:23 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619090302486&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIis4PXFJ5gqAAAAXj5TWi2x4zm95hJ9PVXcpgxi8M0Q3uxmxO_5X5RJv8rxFtTkeSaNL6o
x-li-proto
http/2
x-li-pop
prod-edc2
content-length
0
x-li-uuid
UKtNaQ0qeBbQ3Iq4cSsAAA==
adsct
t.co/i/ Frame 2FB6 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
120
pragma
no-cache
last-modified
Thu, 22 Apr 2021 11:18:22 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
5c714e76782f15edef2d9c4bb93406de
x-transaction
00e5e9ab00467fa1
expires
Tue, 31 Mar 1981 05:00:00 GMT
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=5
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210421-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
18
pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
via
1.1 varnish
server
nginx
x-timer
S1619090303.544222,VS0,VE18
x-served-by
cache-fra19180-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210421-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
via
1.1 varnish
server
nginx
x-timer
S1619090303.548980,VS0,VE9
x-served-by
cache-fra19180-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
truncated
/ Frame F55D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ad30e53ecbc5d89dada872cd9174dbbab7f36cb37715c9fdf09e23960ebbf5b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 3F3B 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=2136639323&custom=story&custom3=168400391&adsafe_par&impId=72acd536-a35c-11eb-9f5d-0ae27972a930
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c098d3ee3698a4e56418d22a140b17e195df7600d07c0cb5341bd713046d40d3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-server-name
app07.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame C1A2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8833a22adcf94ce738a54877fe44f37f2a7df2e18aa5be0eb1ba8c1308af14d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 5FFB 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=275573333&custom=story&custom3=168400391&adsafe_par&impId=72acd537-a35c-11eb-9f5d-0ae27972a930
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3b2a8f1509cce9a0634a074211d18c61a3bc3e07dfc85bd161b2a59c9864ed02

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-server-name
app06.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame F6D9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a3bed1428816b3a7f2cb61279b2ee08dda8f3575d01f26496d30ae4814e3e2f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame BA10 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1586281605&custom=story&custom3=168400391&adsafe_par&impId=72acd538-a35c-11eb-9f5d-0ae27972a930
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fdc3fd7b0dd3307f2ec2385ffc129a7e1df780f92f043bcc71cfc5a0f0f7c2cc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-server-name
app11.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame 68B2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a98f3db01c2ba8f6ac8d2ed34dec860612dafd8ee67c51ccde080713e9f583b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 40E2 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1772958183&custom=story&custom3=168400391&adsafe_par&impId=72acd539-a35c-11eb-9f5d-0ae27972a930
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c6f69b10c7374c04e6bb70ff0c6d4249cbd0ecf46eeb484dc3d9d582b05d34f3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-server-name
app28.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 127F 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1a8bc2ff14c32714cbf0dae8a0d4913eda0305acbe7019242cac29ba1e25dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13836
x-xss-protection
0
server
cafe
etag
11500755331297449547
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Apr 2021 11:18:22 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 81D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLwcB2OSmlv5esxnNKN6xEEl_v7vyBAFXvVGPwe5ZdhmxxeT9jZWreF0Yxr2v9VMSEv9D2wo6feNH6RaY-rbOdUH5iSr04rcGqICkIcOoEpaXkM3sRqB8r9fX4sscMnlfHSBw3PcWa4rUqFhTuguxj9ndsQBfWMKs5Q_VQxyevjWekHtUO9DwpJSS6uJ1sGuXFCUHat1LmFBYRF0odeJVc9uWObHLdlOwQ2FYXZpXErMkHL0m1I4QomulISpkmzKttNmdV6t0sfC0SR98Nkz3CoHtQNTwjnItN5nul-SHd2nDMefQa6Sad1WRZRxJGVVwStA&sai=AMfl-YTsrNZxAhT3jgPq5ORZYMtMx1A_Gk_TTMp0BD0eYa-MbgYnF_5yJgjY6_5jM4zCA6mi_h6O8-pFg9Pz&sig=Cg0ArKJSzKDTn5vUTvaoEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 81D0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
421440e0f32dabd1a50c0239ff20e7bd699c15374543da650a23424b7b708ee6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 60FB 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1582644768&custom=story&custom3=168400391&adsafe_par&impId=72acd53a-a35c-11eb-9f5d-0ae27972a930
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
04b0beab3fa29f06ebfff267cf602edc29c67931ccfafcf4e61b26552d5ad637

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-server-name
app14.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C71F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-EC8_-rMtQ2SHTJS21vhm8xO94TnTTka3l4N1DHHgqhX_QeEqLPV60quKr7htUSTcB6XKgNHFN_gdXY-KwTWGOYVHj7RA2aYDJjPR89rJOu9y6zDbPalRoUOQX04zPTUpJ_cleFqvtDg8ZZRS7HfJsSyL156uhyPMcYd7SZct0u2Qgdm24jHgKhaCxIfeKSy0jxCbLEzsrWaG8KZM-phn4yhWMCbSXQa73mou8bP392FVMESbdWBt15J2LP5E4hxNaoU4g0qYYzSGXABQM3cKb5u6JmJEVNWazyTEs_-ff5Ti2FnATSd7ECauHOH4X0JhAw&sai=AMfl-YQXNklgcXFqV2dTx3YkY0T-HAI-fF40ak00VVLr8Z2fYkTX549ivJhGlHjIDAoTZHhUoQf4-q-Iqsza&sig=Cg0ArKJSzG8fx2rzfmMjEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame C71F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
997a6b903dc9a877fa3eb9cb8ccaf4f7fd14e0471181dd6f9f62544862f4f7e8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 479C 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=778180840&custom=story&custom3=168400391&adsafe_par&impId=72acd53b-a35c-11eb-9f5d-0ae27972a930
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
78de8e197edeff618c0e60af285d7c8a02c73a4b8d2b14c2bd8ef89952f57153

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
content-encoding
gzip
x-server-name
app05.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C1A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHAw3XyfrXI8VZCjPwQD2rwFzaTg-J4Svx8BXGYSziQmmoND9CD5V0ep6fNtIYpcmbjlmtnTrrVVwirFSs5u63tbhYytWZP4AoZkUEFgEUvLkkFPpk1t0pjkGwL6bBR7SeqrWvDktSRiEbGw9PSLbSSnNV4vM-fpK3Aka6CapuD0vijNr31PR-1IUBZ4JX8upsa_9OGiN9yC4Mai9t1FdX7Oob5vQOTRUoFbrUX7VkBKQp4Sb5k4cQ2LEUahOcoIk1FpQYHA99m0igQe-kvPsAqOaBsDhCBEmnse2fST44k55oe16awd4E0kyA4rjDeiJZ8w&sai=AMfl-YQIid6DfIVVxf4-naSay3-DKqDJzL6ByAOz0ZmeockG-lIj4e6QB3fxU-sVTp311KBd2bPUAq2xNjqy&sig=Cg0ArKJSzDgyHVrkJwX4EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 68B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjtec4UGJ-sv9VlOGEaEa1itD9FHsInAEJW1PaG7B8ZQtYCmNHjE08ezZOj7zaVhupG36HpjMCz79QWnXrXmm_GluUyEPD1f6pyb5-4OLs_T4FjwGAGCwMP3sifee-ZGTb3kVQ2y8RCHh1sRD0y7UrDVzsU0DOHPv9inUG2GXfBGKfr0LUeM9d9B3qEmKMDiAHE_sHV3Am_VyygJA0FcKVVgPuXasSnuDYLxCs2VIj-u46JWr7oczDYwH_F_YZZAqivygsaRkf_HIf0PQrpFOfl4XsJjJqjSdfkEk5nZ-6liG_rOAKpkXEKMw4MMq0I_MQHg&sai=AMfl-YRk2Up7j4XdJhmuDvFsumQ9KODn2dapU5hPLnyzAfqs-vb0fSxvA2-woGN3Qz80lSGpXEF4FlWw4sH9&sig=Cg0ArKJSzGf-NnnKUhaCEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame F55D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsut6gHZoScbZKmBfh86hyzzea5lhjnpg0f7WwsMN0u6xhdTL3DVLI1F7m8O4LL8O2efoK2DxzK_5TvS74V4JSYTrcJcXA2RT6Nyia3rN7GMqChHrxcpIwKl6SZPiceN3MGNMviDjKJUzsqbqINhQIbP2nLxHpKRM0X9KK4ogcTrL469P5yTyUIJ_nJmSt0Lt1D4azi3DjTtO58qp9vCFdiS0SJrhdRZCKaY4SgIiBjxi1VecbOFEaRQxIjh06B9oKHSBxH40wasAcbpu-LiOASU87UG_jV2o-SVDYaomNc3ks41hZ_JsTBscZfT3wvEl-7I_Q&sai=AMfl-YRBwhmM1E5kzp9G_xbbZM5wWvPqJUVMse1-uA39QjOYzU49nTo-DdOPJ0YYYvZerWNp_R-sPIiLjoq0&sig=Cg0ArKJSzDoXvm5zREOTEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame F6D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTQSjnIST59pNgAAIjaQxvkR97pXFXZGGuovf2zQGGdNf_mv2J_HaTW0Mr5Cb4qdKVZAKYwis7oB9r1wkNwz2rMCizAbmLUuUEr8OG8f-D41J0wyVRW9fNBMVRfZPlVKxRZAxQ_xpvBcYR4FK4D-zLOj841MO12WlH2zLXuG1zqNn1G7XoT7fUZTSBLuYUqhaag2MAJrEHJuDdN2hO3l6eu47jIrN8cV-3HQpBUPx8paTXRrzzKI9xXdUFyXVcujCNoihrYb0-niCBooA5XTNN0jHL-jmTiz-DmvHdcr1bR6Ptx3_XdNb35WDtd5mjYmb3qw&sai=AMfl-YS53xdL05jE-091X6eWeY08U4N7nj7bJnC13pOejNVwz4C5trBu6c28E4YpDZcETj8gtHlnNLzd742u&sig=Cg0ArKJSzGyiWkatnYKGEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dc_pre=CKTK0LLdkfACFSjauwgdmcUKEw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881.07898
adservice.google.com/ddm/fls/z/ Frame FA27 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKTK0LLdkfACFSjauwgdmcUKEw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881.07898
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKTK0LLdkfACFSjauwgdmcUKEw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=267452083881.07898?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/859754747/ Frame 340D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1619090302461&fst=1619089200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=595404332&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/859754747/ Frame 340D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/859754747/?random=1619090302461&fst=1619089200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=595404332&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 63CC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=8227207831494261988
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=8227207831494261988
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=8227207831494261988
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-074efd7cf.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6z+UlteaQiU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v004-0695a076f.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
xPLY538NQ/U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=8227207831494261988
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 5FFB 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=275573333&custom=story&custom3=168400391&adsafe_par&impId=72acd537-a35c-11eb-9f5d-0ae27972a930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 3F3B 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=2136639323&custom=story&custom3=168400391&adsafe_par&impId=72acd536-a35c-11eb-9f5d-0ae27972a930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame BA10 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1586281605&custom=story&custom3=168400391&adsafe_par&impId=72acd538-a35c-11eb-9f5d-0ae27972a930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 40E2 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1772958183&custom=story&custom3=168400391&adsafe_par&impId=72acd539-a35c-11eb-9f5d-0ae27972a930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 127F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1619090303027&cv=9&fst=1619090303027&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c180342ced139d76a4ad782e230a3b58ceaab3affe964a5624f985f3b205a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1251
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 60FB 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1582644768&custom=story&custom3=168400391&adsafe_par&impId=72acd53a-a35c-11eb-9f5d-0ae27972a930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 479C 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=778180840&custom=story&custom3=168400391&adsafe_par&impId=72acd53b-a35c-11eb-9f5d-0ae27972a930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 65EA 		44 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=nwt2au9hcz6hxvpkrq8tvgere9cqq1619090302&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.587&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.66.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-66-228.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
nwt2au9hcz6hxvpkrq8tvgere9cqq1619090302.nuid.imrworldwide.com/ Frame 65EA 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nwt2au9hcz6hxvpkrq8tvgere9cqq1619090302.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6a00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 15:05:53 GMT
via
1.1 dca6db3c8f31f3cd48bb06d78a8be625.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
72751
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
CuXrN5oBRgOCn8gx_ADWDLcC7wx3JxPXdRaU5QkzIgFbzdW7DA1uig==
279da92b
login.newscorpaustralia.com/akam/11/ Frame 20ED 		0
0
64c4f9debe4ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 20ED 		0
0
campaigns
resourcesssl.newscdn.com.au/indies/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22article%22,site:%22heraldsun.com.au%22,section:%22/news/breaking-news%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
acfb1f0de15111045cdd0e765b51a974602fed8d35459a3fad5e1b02d09b7dba

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
etag
W/"a86-9Cgurj3mQkWki9/cFyEOFLiz4rY"
x-powered-by
Express
x-cache-hits
0
content-length
769
x-served-by
cache-ams21082-AMS
server
Google Frontend
x-timer
S1619078722.362854,VS0,VE499
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
4dd273da39f66dd5e713c2b6c5753c81
cache-control
private, max-age=593234
function-execution-id
cip0glfbvki8
accept-ranges
bytes
x-orig-accept-language
ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
x-country-code
DE
expires
Thu, 29 Apr 2021 08:05:37 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22article%22,site:%22heraldsun.com.au%22,section:%22/news/breaking-news%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-type
text/html
function-execution-id
txo5fpohter2
server
Google Frontend
x-cloud-trace-context
59c639c7a0f34f736c80785251f4934e
x-country-code
DE
x-orig-accept-language
en-US
x-powered-by
Express
accept-ranges
bytes
x-served-by
cache-ams21078-AMS
x-cache-hits
0
x-timer
S1619090303.123117,VS0,VE305
cache-control
private, max-age=604795
expires
Thu, 29 Apr 2021 11:18:18 GMT
date
Thu, 22 Apr 2021 11:18:23 GMT
x-i
true
279da92b
login.newscorpaustralia.com/akam/11/ Frame 24BB 		0
0
64c4f9debe4ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 24BB 		0
0
/
www.google.com/pagead/1p-user-list/707564276/ Frame 127F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1619090303027&cv=9&fst=1619089200000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3665913012&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/707564276/ Frame 127F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/707564276/?random=1619090303027&cv=9&fst=1619089200000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3665913012&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 63CC
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3146524792727287686
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=470&dpuuid=3146524792727287686
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=470&dpuuid=3146524792727287686
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-0401ddf40.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
DPLcHpCtRk4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v004-011e08634.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
w3ETirmNS5w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=470&dpuuid=3146524792727287686
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
token
token.rubiconproject.com/ Frame 63CC 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=43064906755279672506849208158330175690&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sca.17.5.1.js
static.adsafeprotected.com/ Frame E989 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3374205
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=275573333&custom=story&custom3=168400391&adsafe_par&impId=72acd537-a35c-11eb-9f5d-0ae27972a930&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:14f881b4-9cf5-3f77-a194-4e71b6bf8627,c:aw2erl,sl:outOfView,em:true,fr:true,mn:app06ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.2561.1.1,am:i,cc:800.2561.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svjbUpZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f*.10507%7C1f1%7C1g1%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1f*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:229,oid:73055509-a35c-11eb-b67c-0a6d0b536c42,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
up
insight.adsrvr.org/track/ Frame 8B78 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.64.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-64-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&upid=trk7f24&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
adsct
analytics.twitter.com/i/ Frame 2FB6 		31 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
115
pragma
no-cache
last-modified
Thu, 22 Apr 2021 11:18:23 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
9bbff4c33fd68f13bef25648b3e506df
x-transaction
009032f9008ff924
expires
Tue, 31 Mar 1981 05:00:00 GMT
up
insight.adsrvr.org/track/ Frame 0C68 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.64.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-64-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&upid=ekg5qxt&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ibs:dpid=771&dpuuid=CAESEFTzZz8kEDzi_1-zFZ-PKYU&google_cver=1
dpm.demdex.net/ Frame 63CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDMwNjQ5MDY3NTUyNzk2NzI1MDY4NDkyMDgxNTgzMzAxNzU2OTA=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFTzZz8kEDzi_1-zFZ-PKYU&google_cver=1?gdpr=0&gdpr_consent=
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFTzZz8kEDzi_1-zFZ-PKYU&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-02338252c.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qpOyOfkKTzs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFTzZz8kEDzi_1-zFZ-PKYU&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=14f881b4-9cf5-3f77-a194-4e71b6bf8627&tv=%7Bc:aw2esW,pingTime:-2,time:327,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:354,beZ:355,mfA:544,cmA:549,inA:550,inZ:558,prA:558,prZ:571,si:583,poA:584,poZ:606,cmZ:606,mfZ:606,loA:655,loZ:659,ltA:680,ltZ:680%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:228%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:328,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:227,wc:0.0.1600.1200,ac:800.2561.1.1,am:i,cc:800.2561.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B128~0%5D,as:%5B128~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svjbUpZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f*.10507%7C1f1%7C1g1%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_1,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_1__container__,ad-block-728x90-2%5D,sinceFw:96,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.1.js
static.adsafeprotected.com/ Frame 5337 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3375116
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1586281605&custom=story&custom3=168400391&adsafe_par&impId=72acd538-a35c-11eb-9f5d-0ae27972a930&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:4af31f5f-d6c1-a8cb-4775-017582b428e2,c:aw2etN,sl:inView,em:true,fr:true,mn:app11ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svjbUq7+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1g*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:373,oid:730729b0-a35c-11eb-86c1-024bf4a6d028,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
279da92b
login.newscorpaustralia.com/akam/11/ Frame 89E1 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/akam/11/279da92b
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oC~GkSNXfsELlzcfgtLcKSIZYtTZ2SAz&nonce=00UQ1Rv1Sy9ZJ.ejZFnr0IdMthZ-NShN&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oC~GkSNXfsELlzcfgtLcKSIZYtTZ2SAz&nonce=00UQ1Rv1Sy9ZJ.ejZFnr0IdMthZ-NShN&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2019 20:01:35 GMT
etag
"9488716fdddcf14011178ebc1ad515d39af73a2a9251d70aad1714a89b668b2d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
10429
expires
Thu, 22 Apr 2021 11:18:23 GMT
64c4f9debe4ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 89E1 		73 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/staticweb/64c4f9debe4ti17991ecfa342459f501b
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oC~GkSNXfsELlzcfgtLcKSIZYtTZ2SAz&nonce=00UQ1Rv1Sy9ZJ.ejZFnr0IdMthZ-NShN&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oC~GkSNXfsELlzcfgtLcKSIZYtTZ2SAz&nonce=00UQ1Rv1Sy9ZJ.ejZFnr0IdMthZ-NShN&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Tue, 16 Feb 2021 22:20:44 GMT
etag
"77ab0fb0bef6d3471b849a9e26e339e68a4c60a0a2f5d2cf6ab40c38bc1b0875"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-length
18915
sca.17.5.1.js
static.adsafeprotected.com/ Frame 7483 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3372842
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1582644768&custom=story&custom3=168400391&adsafe_par&impId=72acd53a-a35c-11eb-9f5d-0ae27972a930&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:62935c1a-5ec5-5ef5-a801-92fd52a63247,c:aw2eud,sl:outOfView,em:true,fr:true,mn:app14ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.2602.10.10,am:i,cc:795.2602.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svjbUql+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1f2%7C1g1%7C1g2%7C1h1%7C1i*.10507%7C1i1%7C1j1%7C1k%7C1l,idMap:1i*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:385,oid:73192b24-a35c-11eb-b338-02c390e9b11a,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
app22.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.1.js
static.adsafeprotected.com/ Frame 1680 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3373742
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=778180840&custom=story&custom3=168400391&adsafe_par&impId=72acd53b-a35c-11eb-9f5d-0ae27972a930&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:4b320969-d0de-73a0-ece4-f1a76f719ff1,c:aw2euH,sl:inView,em:true,fr:true,mn:app05ie,pt:1-5-15,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svjbUqp+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1f2%7C1g1%7C1g2%7C1h1%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:410,oid:731fe26d-a35c-11eb-acc2-02bf2b86cc68,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
app18.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 485B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=76503a2e-1c1a-4980-8c34-1f9083bc1417
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=76503a2e-1c1a-4980-8c34-1f9083bc1417&tbid=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff&query=taboola_hm%3D76503a2e-1c1a-...
0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=76503a2e-1c1a-4980-8c34-1f9083bc1417&tbid=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff&query=taboola_hm%3D76503a2e-1c1a-4980-8c34-1f9083bc1417&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
via
1.1 varnish
server
nginx
x-timer
S1619090304.735530,VS0,VE11
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11525-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=76503a2e-1c1a-4980-8c34-1f9083bc1417&tbid=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff&query=taboola_hm%3D76503a2e-1c1a-4980-8c34-1f9083bc1417&isDirect=0
tbl-x-upstream
10.41.10.104:10213
date
Thu, 22 Apr 2021 11:18:23 GMT
server
nginx
x-fastly-to-nlb-rtt
18493
sd
u.openx.net/w/1.0/ Frame 485B
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&gdpr=0&gdpr_consent=
date
Thu, 22 Apr 2021 11:18:23 GMT
via
1.1 google
server
OXGW/16.205.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sync.php
pixel.rubiconproject.com/exchange/ Frame 485B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 485B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9MDmkyRTYt2x&ev=1&orig=trc&pid=562107
0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9MDmkyRTYt2x&ev=1&orig=trc&pid=562107
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Thu, 22 Apr 2021 11:18:23 GMT
server
nginx
x-fastly-to-nlb-rtt
19172

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9MDmkyRTYt2x&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-jfbj5
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 485B
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=8227207831494261988&orig=trc
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=8227207831494261988&orig=trc
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Thu, 22 Apr 2021 11:18:23 GMT
server
nginx
x-fastly-to-nlb-rtt
17091

Redirect headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.58:80
AN-X-Request-Uuid
58966d0a-3924-43fa-8b38-37ae6cb6046e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=8227207831494261988&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 485B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO36c-c6JTg6QuC2Yh-rypw&google_cver=1
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO36c-c6JTg6QuC2Yh-rypw&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 22 Apr 2021 11:18:23 GMT
via
1.1 varnish
server
nginx
x-timer
S1619090304.631728,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19180-FRA

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO36c-c6JTg6QuC2Yh-rypw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 485B 		42 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 11:18:22 GMT
X-lat
amspug014:0:387
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 485B
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff
tbl-x-upstream
10.41.10.199:10213
date
Thu, 22 Apr 2021 11:18:23 GMT
server
nginx
x-fastly-to-nlb-rtt
17659
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 485B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a15e70da-69a0-4b0d-9623-e3f65a8c1ba2
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a15e70da-69a0-4b0d-9623-e3f65a8c1ba2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 22 Apr 2021 11:18:23 GMT
via
1.1 varnish
server
nginx
x-timer
S1619090304.716665,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19180-FRA

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a15e70da-69a0-4b0d-9623-e3f65a8c1ba2
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 485B
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:23 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:23 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 485B 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-dw888
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 485B 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 485B 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 485B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=cd36028c-7a96-4892-9485-8132d28ac7e6
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=cd36028c-7a96-4892-9485-8132d28ac7e6
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Thu, 22 Apr 2021 11:18:23 GMT
server
nginx
x-fastly-to-nlb-rtt
18106

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Thu, 22 Apr 2021 11:18:23 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=cd36028c-7a96-4892-9485-8132d28ac7e6
cache-control
no-cache
server-processing-duration-in-ticks
2728
content-type
text/html; charset=utf-8
content-length
222
expires
Thu, 22 Apr 2021 00:00:00 GMT
/
loadus.exelator.com/load/ Frame 485B
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=a7139bc6-b17d-46cd-931c-a72b09d48a77-tuct77ae0fd&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOXSlSqVkSia9ZN9lrbtpKoWqnlYjQu88OzQPD9A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOXSlSqVkSia9ZN9lrbtpKoWqnlYjQu88OzQPD9A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=7e998a3f-a37f-4a17-8316-c808a3e80546&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/441/5/3.gif?puid=e_3c6cf5b9-28ea-4631-93a0-ae4de436b900&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESECVwhyJjPzx6HPSspHIuDMc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8227207831494261988&opid=apx&ops=&utidl=tech:goo:CAESECVwhyJjPzx6HPSspHIuDMc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17061556163&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/3/5.gif?puid=8cb75370ae05c4f217e05287cf5ab84f&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/2/6.gif?puid=a0baf130-4200-428e-b527-dd2c4550d8ab&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
0
0
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 485B
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=WnTZ0Qx2CvmP5fuYgFuBYA
0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=WnTZ0Qx2CvmP5fuYgFuBYA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.57:10213
date
Thu, 22 Apr 2021 11:18:24 GMT
server
nginx
x-fastly-to-nlb-rtt
22312

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=WnTZ0Qx2CvmP5fuYgFuBYA
date
Thu, 22 Apr 2021 11:18:24 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 485B 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:19 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 485B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=40e245bb-324e-4146-9081-e1e8d0d2c753&gdpr=0&gdpr_consent=
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=40e245bb-324e-4146-9081-e1e8d0d2c753&gdpr=0&av_tc=True
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=d4fdfc70-598b-4958-8c43-8eff5f86f69f&expires=2&ssp=taboola&bsw_param=40e245bb-324e-4146-9081-e1e8d0d2c753
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=40e245bb-324e-4146-9081-e1e8d0d2c753
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=40e245bb-324e-4146-9081-e1e8d0d2c753
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Thu, 22 Apr 2021 11:18:23 GMT
server
nginx
x-fastly-to-nlb-rtt
23465

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=40e245bb-324e-4146-9081-e1e8d0d2c753
date
Thu, 22 Apr 2021 11:18:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2evu,pingTime:0,time:477,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:372%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:477,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:372,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B131~100%5D,as:%5B131~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svjbUq7+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h1%7C1i1%7C1j1%7C1k%7C1l,idMap:1g*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.1.js
static.adsafeprotected.com/ Frame 30FA 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3375116
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=2136639323&custom=story&custom3=168400391&adsafe_par&impId=72acd536-a35c-11eb-9f5d-0ae27972a930&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:6ea02adb-4cfa-146e-c8f8-09df6ef5552f,c:aw2evM,sl:outOfView,em:true,fr:true,mn:app07ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e*.10507%7C1e1%7C1f1%7C1f2%7C1g1%7C1g2%7C1h1%7C1i1%7C1i2%7C1j1%7C1j2%7C1k%7C1l%7C1m,idMap:1e*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:500,oid:730666f5-a35c-11eb-8686-06aaa1ae1a14,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
app25.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.1.js
static.adsafeprotected.com/ Frame E3D8 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:23 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3375116
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1772958183&custom=story&custom3=168400391&adsafe_par&impId=72acd539-a35c-11eb-9f5d-0ae27972a930&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:1e9c75a5-b9cb-c295-d68a-ab34f4414079,c:aw2ewq,sl:outOfView,em:true,fr:true,mn:app28ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.1647.1.1,am:i,cc:1273.1647.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svjbUqa+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1j1%7C1j2%7C1k%7C1l%7C1m,idMap:1h*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:533,oid:730c8123-a35c-11eb-b515-06bbbb59c0e2,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=903&dpuuid=a15e70da-69a0-4b0d-9623-e3f65a8c1ba2
dpm.demdex.net/ Frame 63CC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=a15e70da-69a0-4b0d-9623-e3f65a8c1ba2
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=a15e70da-69a0-4b0d-9623-e3f65a8c1ba2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-0b49112fe.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
wNoEXf4MRX8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=a15e70da-69a0-4b0d-9623-e3f65a8c1ba2
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2ewX,pingTime:0,time:550,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:410%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:550,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:409,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B158~100%5D,as:%5B158~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svjbUq7+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt62.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2exs,pingTime:-2,time:599,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:329,beZ:330,mfA:673,cmA:674,inA:674,inZ:676,prA:676,prZ:696,si:702,poA:702,poZ:709,cmZ:709,mfZ:709,loA:807,loZ:809,ltA:927,ltZ:927%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:372%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:599,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:372,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B253~100%5D,as:%5B253~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1g*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_2,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_2__container__,ad-block-300x250-1,rhc,story%5D,sinceFw:225,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt59.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=62935c1a-5ec5-5ef5-a801-92fd52a63247&tv=%7Bc:aw2exS,pingTime:-2,time:611,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:232,beZ:234,mfA:605,cmA:605,inA:605,inZ:607,prA:607,prZ:613,si:618,poA:618,poZ:626,cmZ:626,mfZ:626,loA:736,loZ:737,ltA:843,ltZ:843%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:10,h:10,t:384%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:611,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:384,wc:0.0.1600.1200,ac:795.2602.10.10,am:i,cc:795.2602.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B238~0%5D,as:%5B238~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h1%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_4,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_4__container__,ad-block-1000x50-1%5D,sinceFw:226,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt46.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2ey7,pingTime:-2,time:622,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:188,beZ:189,mfA:578,cmA:579,inA:579,inZ:581,prA:581,prZ:594,si:598,poA:598,poZ:605,cmZ:605,mfZ:605,loA:740,loZ:741,ltA:810,ltZ:810%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:410%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:622,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:409,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B230~100%5D,as:%5B230~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_5,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_5__container__,ad-block-300x90-1,rhc,story%5D,sinceFw:212,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt66.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=6ea02adb-4cfa-146e-c8f8-09df6ef5552f&tv=%7Bc:aw2eyr,pingTime:-2,time:664,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:397,beZ:399,mfA:881,cmA:882,inA:882,inZ:884,prA:884,prZ:893,si:897,poA:897,poZ:902,cmZ:902,mfZ:902,loA:1011,loZ:1012,ltA:1061,ltZ:1061%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:499%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:664,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:499,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e*.10507%7C1e1%7C1f1%7C1f2%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_0,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_0__container__,ad-block-728x90-1%5D,sinceFw:163,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=1e9c75a5-b9cb-c295-d68a-ab34f4414079&tv=%7Bc:aw2eyA,pingTime:-2,time:666,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:297,beZ:299,mfA:817,cmA:818,inA:818,inZ:820,prA:820,prZ:826,si:831,poA:831,poZ:846,cmZ:846,mfZ:846,loA:930,loZ:931,ltA:964,ltZ:964%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:532%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:666,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:532,wc:0.0.1600.1200,ac:1273.1647.1.1,am:i,cc:1273.1647.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B146~0%5D,as:%5B146~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_3,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_3__container__,ad-block-300x250-2,rhc,story%5D,sinceFw:133,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt50.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 63CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=14f881b4-9cf5-3f77-a194-4e71b6bf8627&tv=%7Bc:aw2eAd,time:778,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:779,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:227,wc:0.0.1600.1200,ac:800.2561.1.1,am:i,cc:800.2561.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B579~0%5D,as:%5B579~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:405,fm:svjbUpZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2eAk,time:777,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:777,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:372,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B431~100%5D,as:%5B431~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:295,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1g*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt35.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=62935c1a-5ec5-5ef5-a801-92fd52a63247&tv=%7Bc:aw2eAl,time:764,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:764,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:384,wc:0.0.1600.1200,ac:795.2602.10.10,am:i,cc:795.2602.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B392~0%5D,as:%5B392~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:118,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2eAn,time:762,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:762,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:409,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B370~100%5D,as:%5B370~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:132,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt39.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=6ea02adb-4cfa-146e-c8f8-09df6ef5552f&tv=%7Bc:aw2eAo,time:785,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:785,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:499,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B300~0%5D,as:%5B300~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:113,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e*.10507%7C1e1%7C1f1%7C1f2%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=1e9c75a5-b9cb-c295-d68a-ab34f4414079&tv=%7Bc:aw2eAr,time:781,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:781,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:532,wc:0.0.1600.1200,ac:1273.1647.1.1,am:i,cc:1273.1647.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B260~0%5D,as:%5B260~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1e2%7C1f1%7C1f2%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=23728&dpuuid=YIFbf8zIyq3U685H.fFlqgAA%261177
dpm.demdex.net/ Frame 63CC
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIFbf8zIyq3U685H.fFlqgAA%261177
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIFbf8zIyq3U685H.fFlqgAA%261177
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-011e08634.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
JWPzJrYIQt0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIFbf8zIyq3U685H.fFlqgAA%261177
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
264
Expires
Thu, 22 Apr 2021 11:18:23 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C71F 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHX_GuXpZeQDpchwGqiCnUcPGzY3Ai4OvCnXlZHOI2ttT_ne779qIr-fberncoFualuh5FQVa2bjhPJEVBUkEqHVG3HQfdgppyIdzlU6Q&sig=Cg0ArKJSzCQkV36eF9ZnEAE&id=lidar2&mcvt=1008&p=612,1124,702,1424&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20210419&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1679177193&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619090302403&dlt=0&rpt=577&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=14f881b4-9cf5-3f77-a194-4e71b6bf8627&tv=%7Bc:aw2eD8,pingTime:-10,time:959,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619090303968%7C%7C6189fa04bc2e99dd841211bcf5e794f8%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C09b20f92b1bf84750db0cee53dfd8afe%7C%7Cda4b4f835aee078b54c5c1d3fedc6b79%7C%7Cdad90931a160d9755cb0dc28e125bb4d%7C%7Cf5829b7207de77c2c4af0e964c2aef26%7C%7C0fe184227deac462e830ddd5b36e64a8%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt61.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=30432&dpuuid=CI-cbb85367852dcc3219d38964cc864572
dpm.demdex.net/ Frame 63CC
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=43064906755279672506849208158330175690&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-cbb85367852dcc3219d38964cc864572
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-cbb85367852dcc3219d38964cc864572
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-011e08634.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
UdgmorJ4QKM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-cbb85367852dcc3219d38964cc864572
Date
Thu, 22 Apr 2021 11:18:24 GMT
useSecure
true
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 63CC
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=43064906755279672506849208158330175690&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-0fd5a9680.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
tnhpY2AlQPw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Thu, 22 Apr 2021 11:18:24 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame 63CC
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=43064906755279672506849208158330175690
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=43064906755279672506849208158330175690
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=43064906755279672506849208158330175690
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.77.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-77-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=50 t=1619090304
x-served-by
beacon-n011-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=43064906755279672506849208158330175690
date
Thu, 22 Apr 2021 11:18:24 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a003-ash-prod.krxd.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2eHx,pingTime:-10,time:1206,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619090303968%7C%7C6189fa04bc2e99dd841211bcf5e794f8%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C09b20f92b1bf84750db0cee53dfd8afe%7C%7Cda4b4f835aee078b54c5c1d3fedc6b79%7C%7Cdad90931a160d9755cb0dc28e125bb4d%7C%7Cf5829b7207de77c2c4af0e964c2aef26%7C%7C0fe184227deac462e830ddd5b36e64a8%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:14f881b4-9cf5-3f77-a194-4e71b6bf8627%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt47.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=134096&dpuuid=K1rGBy9999OBX%2FaQ
dpm.demdex.net/ Frame 63CC
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=43064906755279672506849208158330175690&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=K1rGBy9999OBX%2FaQ
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=K1rGBy9999OBX%2FaQ
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-0acd3deef.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
h/mqyQUES8U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=K1rGBy9999OBX%2FaQ
Date
Thu, 22 Apr 2021 11:18:24 GMT
Connection
keep-alive
Content-Length
0
BK-Server
5fff
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame 63CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlGYmdBQUFYb3JXNmdCZw==&_test=YIFbgAAAXorW6gBg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlGYmdBQUFYb3JXNmdCZw==&_test=YIFbgAAAXorW6gBg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619090305.550342,VS0,VE0
x-served-by
cache-hhn4038-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlGYmdBQUFYb3JXNmdCZw==&_test=YIFbgAAAXorW6gBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2eLD,pingTime:1,time:1478,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:372%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1478,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:372,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1132~100%5D,as:%5B1132~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:114,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1g*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt35.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2eLE,pingTime:1,time:1479,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:372%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1479,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:372,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1133~100%5D,as:%5B1133~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:114,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1g*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2eLF,pingTime:1,time:1480,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:372%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1480,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:372,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1134~100%5D,as:%5B1134~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:114,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1g*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt58.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2eLG,pingTime:1,time:1481,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:372%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1481,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:372,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1135~100%5D,as:%5B1135~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:114,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1g*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt39.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 63CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=YIFbgAAAXnP5fQAC
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIFbgAAAXnP5fQAC&expires=90&_test=YIFbgAAAXnP5fQAC
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIFbgAAAXnP5fQAC&expires=90&_test=YIFbgAAAXnP5fQAC
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619090305.646176,VS0,VE0
x-served-by
cache-hhn4038-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIFbgAAAXnP5fQAC&expires=90&_test=YIFbgAAAXnP5fQAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2eN7,pingTime:1,time:1552,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:410%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1552,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:409,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1161~100%5D,as:%5B1161~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:113,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt37.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2eN8,pingTime:1,time:1553,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:410%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1553,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:409,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1162~100%5D,as:%5B1162~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:113,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2eN9,pingTime:1,time:1554,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:410%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1554,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:409,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1162~100%5D,as:%5B1162~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:113,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2eNa,pingTime:1,time:1555,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:410%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1555,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:409,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1163~100%5D,as:%5B1163~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:113,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=6ea02adb-4cfa-146e-c8f8-09df6ef5552f&tv=%7Bc:aw2eNQ,pingTime:-10,time:1619,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619090303968%7C%7C6189fa04bc2e99dd841211bcf5e794f8%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C09b20f92b1bf84750db0cee53dfd8afe%7C%7Cda4b4f835aee078b54c5c1d3fedc6b79%7C%7Cdad90931a160d9755cb0dc28e125bb4d%7C%7Cf5829b7207de77c2c4af0e964c2aef26%7C%7C0fe184227deac462e830ddd5b36e64a8%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:14f881b4-9cf5-3f77-a194-4e71b6bf8627%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
rum
dsum-sec.casalemedia.com/ Frame 63CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIFbgAAAXnP5fQAC
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIFbgAAAXnP5fQAC
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 22 Apr 2021 11:18:24 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619090305.649549,VS0,VE0
x-served-by
cache-hhn4038-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIFbgAAAXnP5fQAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
ib.adnxs.com/ Frame 63CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YIFbgAAAXnP5fQAC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YIFbgAAAXnP5fQAC
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Apr 2021 11:18:24 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid
7a4878a0-ea9a-44e6-8d53-50c1e45c841c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619090305.750022,VS0,VE0
x-served-by
cache-hhn4038-HHN
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YIFbgAAAXnP5fQAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=6ea02adb-4cfa-146e-c8f8-09df6ef5552f&tv=%7Bc:aw2eQn,time:1776,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1776,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:499,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1291~0%5D,as:%5B1291~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:107,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e*.10507%7C1e1%7C1f1%7C1f2%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt67.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=1e9c75a5-b9cb-c295-d68a-ab34f4414079&tv=%7Bc:aw2eR8,pingTime:-10,time:1816,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619090303968%7C%7C6189fa04bc2e99dd841211bcf5e794f8%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C09b20f92b1bf84750db0cee53dfd8afe%7C%7Cda4b4f835aee078b54c5c1d3fedc6b79%7C%7Cdad90931a160d9755cb0dc28e125bb4d%7C%7Cf5829b7207de77c2c4af0e964c2aef26%7C%7C0fe184227deac462e830ddd5b36e64a8%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:14f881b4-9cf5-3f77-a194-4e71b6bf8627%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sd
us-u.openx.net/w/1.0/ Frame 63CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YIFbgAAAXnP5fQAC
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YIFbgAAAXnP5fQAC
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619090305.850988,VS0,VE0
x-served-by
cache-hhn4038-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YIFbgAAAXnP5fQAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2eRA,pingTime:-10,time:1847,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619090303968%7C%7C6189fa04bc2e99dd841211bcf5e794f8%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C09b20f92b1bf84750db0cee53dfd8afe%7C%7Cda4b4f835aee078b54c5c1d3fedc6b79%7C%7Cdad90931a160d9755cb0dc28e125bb4d%7C%7Cf5829b7207de77c2c4af0e964c2aef26%7C%7C0fe184227deac462e830ddd5b36e64a8%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:14f881b4-9cf5-3f77-a194-4e71b6bf8627%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt58.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=62935c1a-5ec5-5ef5-a801-92fd52a63247&tv=%7Bc:aw2eSu,pingTime:-10,time:1889,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619090303968%7C%7C6189fa04bc2e99dd841211bcf5e794f8%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C09b20f92b1bf84750db0cee53dfd8afe%7C%7Cda4b4f835aee078b54c5c1d3fedc6b79%7C%7Cdad90931a160d9755cb0dc28e125bb4d%7C%7Cf5829b7207de77c2c4af0e964c2aef26%7C%7C0fe184227deac462e830ddd5b36e64a8%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:14f881b4-9cf5-3f77-a194-4e71b6bf8627%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
x-server-name
dt48.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 63CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIFbgAAAXnP5fQAC
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIFbgAAAXnP5fQAC
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 11:18:25 GMT
X-lat
lhrpug004:0:506
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619090305.956944,VS0,VE0
x-served-by
cache-hhn4038-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIFbgAAAXnP5fQAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 63CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIFbgAAAXnP5fQAC&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIFbgAAAXnP5fQAC&img=1&__user_check__=1&sync_id=74716b4a-a35c-11eb-b5f8-129210fe0506
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIFbgAAAXnP5fQAC&img=1&__user_check__=1&sync_id=74716b4a-a35c-11eb-b5f8-129210fe0506
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 11:18:25 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
7
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 22 Apr 2021 11:18:25 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YIFbgAAAXnP5fQAC&img=1&__user_check__=1&sync_id=74716b4a-a35c-11eb-b5f8-129210fe0506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
98
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 63CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIFbgAAAXnP5fQAC&t=2592000&o=0
43 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIFbgAAAXnP5fQAC&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
x-fb-debug
6KMpXmo3l5Q80wnPPwjQan36Y2xzlxosvFRrJ3QxRHluM0MHcQT4W/Fq4NdJ4eJYLZxUL/jjci7MYRS/7wZquw==
content-encoding
br
x-content-type-options
nosniff
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 22 Apr 2021 04:18:25 PDT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
expires
Thu, 22 Apr 2021 04:18:25 PDT

Redirect headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619090305.169388,VS0,VE0
x-served-by
cache-hhn4038-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIFbgAAAXnP5fQAC&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
gn
secure-dcr.imrworldwide.com/cgi-bin/ 		44 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_all_S&asn=all&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=nwt2au9hcz6hxvpkrq8tvgere9cqq1619090302&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,breaking-news&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16190903024248791&c30=bldv,6.0.0.587&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1619090302195&c3=st,c&c64=starttm,1619090304&adid=1619090302195&c58=isLive,false&c59=sesid,&c61=createtm,1619090305&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY&c66=mediaurl,&c62=sendTime,1619090305&rnd=135758
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.66.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-66-228.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:25 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
ibs:dpid=147592
dpm.demdex.net/ Frame 63CC
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-0be04b742.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Tn6LbjTWSsk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
9
date
Thu, 22 Apr 2021 11:18:25 GMT
via
1.1 varnish
server
nginx
x-timer
S1619090305.275469,VS0,VE9
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19180-FRA
ibs:dpid=461447&dpuuid=RX-dee99091-8dcc-4335-9a0a-5f5e08808441-003
dpm.demdex.net/ Frame 63CC
Redirect Chain
  • https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1619090305407
  • https://sync.targeting.unrulymedia.com/csync/RX-dee99091-8dcc-4335-9a0a-5f5e08808441-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-dee99091-8dcc-4335-9a0a-5f5e08808441-003
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-dee99091-8dcc-4335-9a0a-5f5e08808441-003
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-dee99091-8dcc-4335-9a0a-5f5e08808441-003
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier/news-story/51d1f7f5eb7b1171ead1f607fceb68de?_hsmi=88974744&_hsenc=p2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-06e62850d.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nbiFE6cJTE4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-dee99091-8dcc-4335-9a0a-5f5e08808441-003
date
Thu, 22 Apr 2021 11:18:25 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXdee990918dcc43359a0a5f5e08808441003
content-type
text/html
/
zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_7WDMojjIXvhyOBn&Q_LOC=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.903.js?utv=ut4.46.202009280518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a95bde68eb8372fc2b99802424611a23aedadcf9d75f83f1bccdd731a57bbd28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
464448
cf-polished
origSize=62663
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
099ae68b0b0000d6c174077000000001
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"f4c7-q+Q+3yh1KdC6sxz2Nc95B0en1ik"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
643e738b4bcad6c1-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95facaaff2ae6cbbd592d0df538d0bc1debd789f6d54deb31c5ddd5833d35e00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Apr 2021 11:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7001
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 22 Apr 2021 11:18:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 40B2 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 22 Apr 2021 11:11:33 GMT
expires
Fri, 22 Apr 2022 11:11:33 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
412
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 40B2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 09:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
6358
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Fri, 22 Apr 2022 09:32:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041901&jk=1503972992386441&bg=!BQalBkLNAAZUuIlwVLg7ACkAdvg8WtPIsRHW5U2UxG_VwF6Wc2hnyBe5TxH_NGjKHYRb53-jiyyAnQIAAACNUgAAAAxoAQcKAD2qhwYh2EbKg6mmIn8TgdQYG844FD_Z9Uv7H6NiLZsf7T3kh7Pi_KPvp5L3vg9G_cXmlpaLN56HcjBIiSbQmQIgdbRNfpskXFpX9xhpNrlmpDyfoWWV5TXrqHAskzvzQoUFPXtW1ctsiV-BmL08A5ldKZDJvv6PivXfQ2VtWvNOGTDERTmoW7RorTRKbqBIr5SEYhKT5apvrnwerJUsqJbDt1oUN5r5EsKgsHqgFhp__aMLtSi5L6wdL9I4r0a9ZGVjoxnr3lMmctZLNRhSQ1cQ6vvSbzP-BREesjT7Yj2pjkSjPz4DbbKglxcwGLVnJws9hbtJYg5cVkSGiugz1Rtpdr3-M7FKA-KiGLahibngIMBvX37r8o_JAPQOjtaRHIPFFCm4cPzMCyn2uF_GE_IHC3JZ7qQ9mN-T4ties9vGb6yevatAxL1xMAxUllkoLgNQxHGJTV4-8zxkiELEDD_tVQveP8m-UB1ZGSbwDoyIlZSxCkId1Zj7_A7IBVFJwGvQhkYM5VqmgrSvX5pFnF03kKOAX8zC6vTFF5eDLPYPB0EG4vxPMuxUPrmZzlR0cS0-sdCJK8c8M4BCIIhqXdCH3upjuqlZTldFu6IJAkygNKTongQ5647K2fBWdHkiiOq_asjbHUX8L3gKShJNAdPjKawRDlc5VeiBAbqtGbmONbNuBWW6ACSimzLl-K6SwF_LqY6FC6UPr_W15fju_KsouwnGmDPIxvY0JSPwHaMQ5ItuTm8HdHYapzmsZZSCYx3-c98eUZiM0w9_yf4pbgxOJTgczJNjX1fRhV8zEfXP1g
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2fO9,pingTime:5,time:5479,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:372%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5479,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:372,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5133~100%5D,as:%5B5133~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:111,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1g*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:28 GMT
x-server-name
dt37.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2fOa,pingTime:5,time:5479,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:372%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5479,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:372,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5134~100%5D,as:%5B5134~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:111,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1g*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:28 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2fPD,pingTime:5,time:5552,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:410%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5552,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:409,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5160~100%5D,as:%5B5160~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:119,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:28 GMT
x-server-name
dt63.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2fPE,pingTime:5,time:5553,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:410%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5553,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:409,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5161~100%5D,as:%5B5161~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:119,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:28 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=6ea02adb-4cfa-146e-c8f8-09df6ef5552f&tv=%7Bc:aw2fT2,time:5785,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5785,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:499,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5300~0%5D,as:%5B5300~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:106,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e*.10507%7C1e1%7C1f1%7C1f2%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k%7C1l%7C1m,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:28 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de&u=CBxb7_pN-PKDyK6og&d=heraldsun.com.au&g=36976&g0=news%2Cbreaking-news%2Cstory%2Cno_video%2Cpc.ct.free&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=3294&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=4969&t=WXFQKBGFDsxDLwySdzHHoNBIw6fi&V=126&tz=-120&_acct=anon&sn=2&sv=B-w6fdDyQcJUDD0uFzDV0uE7DLHkxC&sd=1&im=06530c52&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.164.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-164-179.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2ipr,pingTime:15,time:15478,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:372%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15478,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:372,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15132~100%5D,as:%5B15132~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:107,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1g*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:38 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4af31f5f-d6c1-a8cb-4775-017582b428e2&tv=%7Bc:aw2ips,pingTime:15,time:15479,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:372%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15479,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:372,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15133~100%5D,as:%5B15133~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:107,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k%7C1l,idMap:1g*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.96.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-96-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Apr 2021 11:18:38 GMT
x-server-name
dt46.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		0
0
dt
dt.adsafeprotected.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dpm.demdex.net
URL
http://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619090301866
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/11/279da92b
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/staticweb/64c4f9debe4ti17991ecfa342459f501b
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/11/279da92b
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/staticweb/64c4f9debe4ti17991ecfa342459f501b
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/11/279da92b
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/staticweb/64c4f9debe4ti17991ecfa342459f501b
Domain
loadus.exelator.com
URL
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2iqV,pingTime:15,time:15552,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:410%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15552,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:409,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15160~100%5D,as:%5B15160~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:117,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=4b320969-d0de-73a0-ece4-f1a76f719ff1&tv=%7Bc:aw2iqW,pingTime:15,time:15553,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:410%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15553,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:409,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15161~100%5D,as:%5B15161~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:117,fm:svjbUq3+11%7C12%7C13%7C141%7C15%7C16%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j*.10507%7C1j1%7C1k%7C1l,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u

Verdicts & Comments Add Verdict or Comment

290 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| newscorpau object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| _taboola object| utag_data object| bruce_rtget object| ads_api number| topicIndex number| LUX_t_start number| LUX_t_end object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| loadjs function| udm_ object| ns_p object| COMSCORE function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| lazySizes function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| placementData string| nam object| _tfa object| cmTag function| Rampart function| webpackHotUpdateRampart object| __core-js_shared__ function| parcelRequire object| auth object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag undefined| isAsync undefined| httpGetAsync undefined| parseResponse object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| Nielsen_Event object| trac function| _tealium_old_error boolean| __tealium_twc_switch object| newskey object| nb function| Krux object| sectionData number| _sf_endpt object| unruly number| gptPluginLoaded object| m object| nn string| ZN_7WDMojjIXvhyOBn_ed string| ZN_7WDMojjIXvhyOBn_sampleRate string| ZN_7WDMojjIXvhyOBn_url object| vidora function| vidoraTrackExtraElements object| app boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL object| ads_core object| ads_extra object| googletag string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| __iasPET object| kw_ignore object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| ggeac object| google_js_reporting_queue string| CE_USER_COMMON_SCRIPT_URL object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId function| pbjsChunk object| pbjs object| _pbjsGlobals function| AppNexusPrebidAnalytics object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData object| NOLCMB object| vidora_ns object| diagPixSentCodes object| __iasAdRefreshConfig function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick object| V60 object| NOLBUNDLE object| CE2BH function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ads_ready function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error function| omrhp string| s_tnt string| f0 object| s_i_newscorpau-hsweb_newscorpau-global string| ptclString object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal undefined| oneTagObj function| ebDecode object| bsResponseObj object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| _typeof object| ns object| paramsPassed object| stateObject string| BUILDVERSION object| stateEvents function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __IntegralASExec object| tbopt object| GoogleGcLKhOms object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.48.0 object| google_image_requests

14 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUn-nn45lx67D-bkxum7IgFYlY_2bIrnBSIZ3dzalyo30vrD-4HYRZCKfZUIo7o
.adsrvr.org/ Name: TDID
Value: a15e70da-69a0-4b0d-9623-e3f65a8c1ba2
.imrworldwide.com/ Name: IMRID
Value: 7349d7b0-a35c-11eb-87e2-a93622b75fbf
.imrworldwide.com/ Name: SSCVER
Value: v1
www.heraldsun.com.au/ Name: AWSALB
Value: IesuYAg6YkMIHx2U4husLsYp6pvihNUFYf5R2UGHiuFYfKxyaZafqZVwP7c6j0rPrd8QpWuySVUFRySDCV87RwNzLhmaco/zvNVfjdT38pgkLk4xB6AvbLIureSb
.demdex.net/ Name: dextp
Value: 358-1-1619090302984|470-1-1619090303095|481-1-1619090303198|771-1-1619090303329|903-1-1619090303585|19566-1-1619090303726|23728-1-1619090303833|30432-1-1619090304013|30064-1-1619090304114|66757-1-1619090304234|134096-1-1619090304337|144230-1-1619090304442|144231-1-1619090304544|144232-1-1619090304645|144233-1-1619090304746|144234-1-1619090304847|144235-1-1619090304952|144236-1-1619090305060|144237-1-1619090305164|147592-1-1619090305265|461447-1-1619090305372
www.heraldsun.com.au/ Name: _ncg_marketingCloudVisitorId
Value: 43085981809138204246847102887396970960
.demdex.net/ Name: demdex
Value: 15589924863705913033910090048533201793
www.heraldsun.com.au/ Name: AWSALBCORS
Value: IesuYAg6YkMIHx2U4husLsYp6pvihNUFYf5R2UGHiuFYfKxyaZafqZVwP7c6j0rPrd8QpWuySVUFRySDCV87RwNzLhmaco/zvNVfjdT38pgkLk4xB6AvbLIureSb
.heraldsun.com.au/ Name: s_ppv
Value: https%253A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-seeking-to-buy-30-mn-sputnik-doses-from-russia-state-premier%2Fnews-story%2F51d1f7f5eb7b1171ead1f607fceb68de%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz-9ZujUpOirUK0rCCu-cyngjspR0vnOoeOFIgILxv2p6im101TwYPXdwvIebYoby5PknzsETNMPOQOXBSWeaERBmmYOAIsN_qGwBCzgLFOQrCbrlFFY%2C36%2C36%2C1200
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIvpvxgMziwjkQBRgBIAIoAjILCL6T9K3i4sI5EAU4AVoDYWFtYAI.
.heraldsun.com.au/ Name: tp
Value: 3294
.taboola.com/ Name: t_gid
Value: c8a29c1e-8b45-418b-81cc-ae0c1538f3a3-tuct77ae0ff
.heraldsun.com.au/ Name: nk
Value: 3cbc7ad141fd17bb5e0c1222bb81034f

10 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VVTDyF8FPwq6W2frdKb3cpYqgW4gSXWJ4qJk9hN2qdv0_4Zc_rV3Zsc37CgTcMW64LFkb22jBz8W57ZBPf3Nj8djM9HY65HwM4wN1s5hkScJ0TgW74rm9V67VrzjW1mJBn54Rm1pDW6c-fQ277yDNnW4GZp-l6fCZ_yW7LkxQG84nz-hW6znRJD1l8L3tW4cPYpV2KXf9QW631LRk4xg-9rW8V9-Fz7W46YKVYLW3d1szKr8W8SPXBx3BwfNpVQWm7-1tbxVsV_pkQf30xz1FW1GL1vT5-ldYnW8-LhdH7pMY1hW1XkXKw1lYFC_W41sy4v5l7wxcW4P6_nM5f6XSjW6lZSzy4Fh-f7W6PwkYT7m-pqNW8CFH9q5hnSjVW7qqpj05chMvlW3P-6nb35dgrDW5H5BJY3fqYQ2Vqd5lG5c-KCPW8J2DNS3wf9_JW7P9Hry1cZwxcW7THLjZ5P3mDKW3lFZ7d2Ljzg5W65WhhV8Kbjjv3b9g1(Line 13)
Message:
toS
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210421-2-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbnails-bc-desktop-article-02-native
console-api log URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18)
Message:
UTRACK loaded (from tealium)
console-api log URL: https://tags.news.com.au/prod/tad/tad.js(Line 6)
Message:
AD CORE ERROR: TypeError: Cannot read property 'disc.segments' of null
console-api log URL: https://tags.news.com.au/prod/tad/tad.js(Line 6)
Message:
AD CORE ERROR: 18 function(e,a){var d=e.localStorage;d["disc.segments"]&&(a.ad_audi_segs=d["disc.segments"].split(",")||[])}
console-api log URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3)
Message:
vidora-client 1.3.4 4a354580d3cf929b5a8a7d86ed03be7f4218d021
console-api log URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1)
Message:
%c Vidora API finished initializing! background: #222; color: #b9da52
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js(Line 6)
Message:
[GPT] Invalid arguments: PubAdsService.setTargeting('adl', false).
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041901.js(Line 6)
Message:
[GPT] Invalid arguments: PubAdsService.setLocation(50.48).
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32)
Message:
a: 0.001953125 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
ads.avads.net
adservice.google.com
adservice.google.de
am-vid-events.taboola.com
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
beacon.krxd.net
bh.contextweb.com
bs.serving-sys.com
bttrack.com
c435ce09fb9281cc6d5090d0e86ec874.safeframe.googlesyndication.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
d.turn.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
images.taboola.com
imprammp.taboola.com
info.silobreaker.com
insight.adsrvr.org
js.adsrvr.org
loadus.exelator.com
login.newscorpaustralia.com
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
newscorpau.demdex.net
nwt2au9hcz6hxvpkrq8tvgere9cqq1619090302.nuid.imrworldwide.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
sb.scorecardresearch.com
script.crazyegg.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.co
taboola-supply-partners.tremorhub.com
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
vidstat.taboola.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com
dpm.demdex.net
dt.adsafeprotected.com
loadus.exelator.com
login.newscorpaustralia.com
104.109.77.38
104.111.230.77
104.111.247.190
104.17.208.240
104.244.42.133
104.244.42.3
108.174.10.14
13.224.100.124
13.224.102.122
13.224.102.91
141.226.228.48
142.250.185.102
142.250.185.226
142.250.185.66
142.250.185.98
151.101.1.195
151.101.114.217
151.101.114.49
151.101.13.44
172.105.221.29
178.250.0.163
18.195.155.181
18.197.47.23
184.30.20.111
184.30.20.190
184.30.24.185
184.30.24.190
184.30.24.198
184.30.24.241
185.33.221.14
185.64.189.110
185.64.190.80
185.86.137.131
185.94.180.126
192.132.33.46
198.148.27.139
199.127.207.191
199.232.136.157
199.232.137.181
199.232.137.44
199.60.103.254
2001:678:cb4:bbbb::13
213.19.147.45
216.52.2.39
216.58.212.134
23.111.9.35
23.45.110.176
2600:1f18:612b:4264:7659:1bf:d736:fba9
2600:9000:206f:ec00:1e:a43d:b640:93a1
2600:9000:211e:3400:4:77d:a0c0:93a1
2600:9000:211e:6a00:1d:667e:2a40:93a1
2600:9000:2190:4600:2:42d9:3100:93a1
2600:9000:2190:6600:2:42d9:3100:93a1
2600:9000:2190:ae00:18:1fcd:34e:d2a1
2606:4700::6813:9308
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a02:26f0:7100:1b2::25ea
2a03:2880:f13d:83:face:b00c:0:25de
3.120.242.149
3.121.49.210
3.127.178.105
3.223.81.219
3.232.164.179
3.248.66.228
34.205.96.170
34.243.47.58
34.249.30.33
34.249.39.204
34.255.166.243
35.181.18.61
35.205.207.25
35.227.202.26
35.244.159.8
52.214.68.15
52.31.77.198
52.50.64.214
63.35.128.189
69.173.144.165
82.199.68.72
99.86.2.86
012deb702d2f006f2ad08a3ecf6bb74406c49952d2719d58265d3b98db67fcf0
03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
04b0beab3fa29f06ebfff267cf602edc29c67931ccfafcf4e61b26552d5ad637
04fa8b95805236ab0bba06939eb6da8f12329ca1b6608d007a92390c91a4c2ee
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea
1173ff74d3bff944e1165a5bc72d7a122b3e80a12a67d9c7e21ee724a589c252
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
174b9a58c7e4e80c420d329af6a87671f2a602c1878580298a832034adfe155a
17ae9f7a3185cb40620c2c84feb7e750b4abdbca7abf4272a2bd253e429d7a45
188945163ead1035348d6c68f98d2244ba1e0d43fae82b6dd0a280e1d411fb18
1a8bc2ff14c32714cbf0dae8a0d4913eda0305acbe7019242cac29ba1e25dfa5
1e5df6fe00b04d14e7ed9e7ead03a62b5b2920cff7310c75b3b349436f6088f5
1fa06bea7bb296b456d46727e9b3a4a62cbfb2901247b9f93434c4cb3b7fbd18
1fb5b5e121f1c4ef29618e84c1cd6081bf3ad7c3847d8893839936b50ceb0ebc
2469fd005fedf00fb6052876b6651fbdc4d71eb17a7a315fc25b6338ff01c8e6
255dee7f449752dc74a724a1ee60e897a78c5231f4649601b7593939c1b1116a
28efd6fe192789ec933ddd5421da0d4d86ebeb1caf0a1cefeb1556e2a7f8b119
29fab09f5b5fd35ed037211b06ebf370fae3d972c356854fed237426314aa1d0
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2ebcffa4251956cd4d0b62fd9ea28eec7dec31146c4630e8ab185b10a9e268d6
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
37d986b0611e24260cb38265fbebd61719b013f2acdfe34a9fadab7c923cc9b8
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
38e3937f91b95dd27692e21d69fc01a55c173f4295331ec45ef5d087dae0978d
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b2a8f1509cce9a0634a074211d18c61a3bc3e07dfc85bd161b2a59c9864ed02
421440e0f32dabd1a50c0239ff20e7bd699c15374543da650a23424b7b708ee6
4379b5695f319d7ad15e6c86346e9117f0b4f4a8d4bcbab18aa840fd9e6d900a
45587dd8d590b1ea2ad27ea69b28a07085c15414b06ec93a3ecff73cffb3a791
4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48d3221be8abb72faec69a02a3c4fb8489fdc2244c98fb67ddf0dec71b0937ee
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503c04f4a9119ba15ff9382a52a222e61734a73a59cced402b546b88adbee693
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
584ebca28b361c3381c686b75b71c2cb4cdc074bc0ba6e44980c9db33c5cdf1c
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5a98f3db01c2ba8f6ac8d2ed34dec860612dafd8ee67c51ccde080713e9f583b
5c180342ced139d76a4ad782e230a3b58ceaab3affe964a5624f985f3b205a55
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6ad30e53ecbc5d89dada872cd9174dbbab7f36cb37715c9fdf09e23960ebbf5b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9ac34f490f2b47dc94a224635cb2a1f2a5f9ba3f8d1df0547e992be3782248
6d90199995b493e006d03ef62d624e59120a272ed586ff1496bd7a5c38ccb3fe
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
72b5e10cf8de535f8ac52fa339d8330a41b3ea7ee75610c80654433fcfaf4c32
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
744ba2de9735f3771ef6cebe93b6f377163694f74d6a6cbde24ef8ea7b347fb1
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
78de8e197edeff618c0e60af285d7c8a02c73a4b8d2b14c2bd8ef89952f57153
7a3bed1428816b3a7f2cb61279b2ee08dda8f3575d01f26496d30ae4814e3e2f
7ad835c4747bb13fd0aba70ccdf79f30275af189e93d6e0b3c3bd7e53237c1a3
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d4d85fed5127caa93ae2067a50d79dd31996a5442c7b8ecad7736df9e3c7d6d
7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c
814d13d54e79ebe418c33a7b373af0326d76555b9f5eca6ee2b0c6465d84a12b
82ef85db9124f8188c2c8c03a4ad9a0918591f752994d8ec228331c715ecac86
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9b3736d43b3b8ac7afea4a40408ce6576d0c9cb194a4d69bd60886e186c241
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e0cf75c2cfcb35edbce8e01875f1690dc3ffbfbb3eff4f3e02f69da5a5d6846
919a09d45286a3828a624e7dae7c7ee6b964ba70339274d8e333c5aaaf9c9ec9
95facaaff2ae6cbbd592d0df538d0bc1debd789f6d54deb31c5ddd5833d35e00
9635d0c2ad301f4b79011b25ef35cc869b3dc344a04beabfd886d7f1fb02ed4a
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
984af48e7efc952d96c92943d3dc213bfc599182fac15dfb9409eaa655b38f34
98b3f09045cdc206eb82fed87074e93160df6e3ba901216c26542f49c276e99e
997a6b903dc9a877fa3eb9cb8ccaf4f7fd14e0471181dd6f9f62544862f4f7e8
998beb94d3451a6ce6e478705eb2eae41dc6a8e9ff6d9dff30eef4a3b963f7aa
9a32bed4e81651c9c81c8d7a215a2f5cfbdec52ea96a40e2866a6864842e6ee6
9a800184984f1b83249bc6652a9b8eb9e31af36324a446fd22e7ff92eba75ce3
9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a199bb8b08c9f7739abca0b659e0048679ba9065d879de98c33d9ba814367065
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a21ca1e4c12dc930ab431e7e98a88452a1c6386cb1c143c07076895c347ff1cb
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3bf97f5daed942759e5fdc1a616aefcf2e9a8abe72d54ec94aadd0df9ff3e81
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a95bde68eb8372fc2b99802424611a23aedadcf9d75f83f1bccdd731a57bbd28
a97178289ab863f2a651270e3ab1e833c4eee79e09b494e70be273047956a67e
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
acfb1f0de15111045cdd0e765b51a974602fed8d35459a3fad5e1b02d09b7dba
aeff34d9a1c253a230b7436d1f8798f9d4d096c0dd88ac2983997dce9ef88508
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43d99222dff35d3423219626a3c8f2ea11101cc9ecc9103151dbf34dcb31909
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
bb1c0b880df1d5247bcab5a7d2bfbb91d4bad4da0c6a86d95262a78f76f2d6c9
bdd0ec69f2e3415a4c3a1644b473a8610cc15fff6308887aca5f561725ce3012
c098d3ee3698a4e56418d22a140b17e195df7600d07c0cb5341bd713046d40d3
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1dc3cfad3f3b95151a0d26208e45c2119aa8e5440a4f076f7c999f7810fb222
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c6f69b10c7374c04e6bb70ff0c6d4249cbd0ecf46eeb484dc3d9d582b05d34f3
c7a8d4e8c6cad88c36def71504911446af10622eddf2c23004e9cb586fcd7db6
c7e5c94584c7a69b7da90a656c5b4f6af46beeb35d66ef255f7f0705ef6b1bf5
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
cc0b06aec3c945ddd18ae31bcb30cfeadf02050e367261fc8c78ca3fe8f621b0
cec3b0fbaafc108c26b3e824d89089ae4404f7d1b067750a97f343f47dce8897
cee186f19e3802adc9212d46c152f7ee7ad846527420c6615cdcd0f36a74ce68
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bfefba0e699b77fc665e11e791631d5773acbfd215098e31fa6b72d3a6cafc
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d36de9c147ee1d0e7fcb880dfe530494ee6b3c4fab4310718243677d3b8603b7
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e26654a11ebef6b38480e8373c54025938de39347e28032e1c16e7185ca2286a
e343f317675f7d684ebed15a8521fa9dbe2a8e26e3760abd78bfe0de8083fe14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f132b714c70bfa32e7e5f4bbe41db3be0395f8c5c505df53f143bac12f1c44
e61fbc1b28f6df7a78610c40c0166aae6cc5f7b97f797af1400755a28beb313c
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e8833a22adcf94ce738a54877fe44f37f2a7df2e18aa5be0eb1ba8c1308af14d
ecc18d5c60efc39097843e3f258303635aef5e6c15df6f8c577e2736eed82556
ecf40c64bfd3e8e8a25ec1983f011fbd393068b16d1ef434ff6d4cc17c2c96a6
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eefa532420e445f8e2e9627bdad975d0f5c4228f60fd31de699171fef5ce71fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2c6db2cbd62f6fc19cbd6130bf73cabbd8140c423f6407d96707ae3951757b
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efcd038fff3becbe148fefb893ed26081fd0d8e7293fcd49d470c13fcd522e02
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f3ee7f733586379df35b59416987e636427861079c0780e08be2feff3c2af0a1
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
fc03e80c7c678f41cb0a9dd847455d9b7ab2cdb941ea547ff3602ac0a9cc1546
fdc3fd7b0dd3307f2ec2385ffc129a7e1df780f92f043bcc71cfc5a0f0f7c2cc