www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-...
Effective URL:
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronaviru...
Submission: On September 03 via api (September 3rd 2020, 6:31:31 am UTC) from US

Summary HTTP 283 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 56 IPs in 8 countries across 39 domains to perform 283 HTTP transactions. The main IP is 2.18.233.28, located in Ascension Island and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 23rd 2020. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 16	2.18.233.28 2.18.233.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2 14	2.18.233.169 2.18.233.169	16625 (AKAMAI-AS) (AKAMAI-AS)
90	143.204.201.97 143.204.201.97	16509 (AMAZON-02) (AMAZON-02)
9	104.111.215.136 104.111.215.136	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
7	99.86.2.78 99.86.2.78	16509 (AMAZON-02) (AMAZON-02)
3	54.76.175.152 54.76.175.152	16509 (AMAZON-02) (AMAZON-02)
2	54.154.62.31 54.154.62.31	16509 (AMAZON-02) (AMAZON-02)
1	15.236.9.100 15.236.9.100	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
2	34.254.167.184 34.254.167.184	16509 (AMAZON-02) (AMAZON-02)
2	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
3	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
8	104.111.229.57 104.111.229.57	16625 (AKAMAI-AS) (AKAMAI-AS)
3	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
1	99.86.2.32 99.86.2.32	16509 (AMAZON-02) (AMAZON-02)
3 7	2600:9000:214... 2600:9000:214f:4000:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:214... 2600:9000:214f:aa00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.62.98.32 23.62.98.32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:f1:... 2a02:26f0:f1:298::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.111.228.220 104.111.228.220	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
4	15.188.154.177 15.188.154.177	16509 (AMAZON-02) (AMAZON-02)
1	54.85.197.32 54.85.197.32	14618 (AMAZON-AES) (AMAZON-AES)
2 6	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	178.63.12.147 178.63.12.147	24940 (HETZNER-AS) (HETZNER-AS)
1	82.199.68.72 82.199.68.72	15830 (EQUINIX-C...) (EQUINIX-CONNECT-EMEA)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
3 16	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:10c... 2a02:26f0:10c:48b::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.206.235 143.204.206.235	16509 (AMAZON-02) (AMAZON-02)
1	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
4	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
4	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
2 4	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
6	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
3 11	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
5	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
6	2a02:26f0:10c... 2a02:26f0:10c:481::9b6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	52.30.152.201 52.30.152.201	16509 (AMAZON-02) (AMAZON-02)
3 9	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	54.73.180.117 54.73.180.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
283	56

16 2.18.233.28 (Ascension Island) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com

www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
commerceapi.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tcog.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.newsapi.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.18.233.169 (Ascension Island) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-169.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

90 143.204.201.97 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-97.fra53.r.cloudfront.net

subscriptions.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.111.215.136 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-136.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 99.86.2.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-78.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.175.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-175-152.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.62.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-62-31.eu-west-1.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.9.100 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-9-100.eu-west-3.compute.amazonaws.com

newscorpau.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.167.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-167-184.eu-west-1.compute.amazonaws.com

newslimited.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mboxedge37.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.229.57 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-57.deploy.static.akamaitechnologies.com

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.2.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-32.fra6.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:214f:4000:1e:a43d:b640:93a1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:aa00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seccdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.98.32 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-62-98-32.deploy.static.akamaitechnologies.com

a248.e.akamai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f1:298::268b (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.228.220 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-220.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.188.154.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.197.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-197-32.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.12.147 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de715.cxense.com

id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.199.68.72 (Netherlands)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2578e8765f2ddeef543b49512dd55274.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:48b::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.206.235 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-206-235.fra53.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net

8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.202.26 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.33.220.145 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:10c:481::9b6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

s7ap1.scene7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.152.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-152-201.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.180.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
116	news.com.au 2 redirects tags.news.com.au subscriptions.news.com.au commerceapi.news.com.au myaccount.news.com.au a.tcog.news.com.au	1 MB
18	doubleclick.net 7 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net 8228261.fls.doubleclick.net	123 KB
14	google.com 5 redirects www.google.com adservice.google.com	4 KB
14	imrworldwide.com 3 redirects secure-gl.imrworldwide.com cdn-gl.imrworldwide.com seccdn-gl.imrworldwide.com secure-dcr.imrworldwide.com	73 KB
13	heraldsun.com.au 5 redirects www.heraldsun.com.au metrics.heraldsun.com.au	161 KB
12	adnxs.com 3 redirects acdn.adnxs.com secure.adnxs.com ib.adnxs.com	13 KB
11	google.de www.google.de	952 B
9	googleadservices.com www.googleadservices.com	71 KB
9	tiqcdn.com tags.tiqcdn.com	36 KB
7	googlesyndication.com pagead2.googlesyndication.com 2578e8765f2ddeef543b49512dd55274.safeframe.googlesyndication.com tpc.googlesyndication.com	21 KB
7	stripe.com js.stripe.com	90 KB
6	scene7.com s7ap1.scene7.com	7 KB
6	mookie1.com au-gmtdmp.mookie1.com	3 KB
5	yahoo.com sp.analytics.yahoo.com	4 KB
5	demdex.net dpm.demdex.net newscorpau.demdex.net	6 KB
4	yimg.com s.yimg.com	12 KB
4	turn.com r.turn.com	2 KB
4	googletagmanager.com www.googletagmanager.com	140 KB
4	paypal.com www.paypal.com t.paypal.com	6 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	22 KB
3	cxense.com scdn.cxense.com id.cxense.com	25 KB
3	omtrdc.net newscorpau.sc.omtrdc.net newslimited.tt.omtrdc.net mboxedge37.tt.omtrdc.net	12 KB
2	bing.com bat.bing.com	8 KB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	2 KB
2	newscorpaustralia.com login.newscorpaustralia.com
2	paypalobjects.com www.paypalobjects.com	464 KB
2	polyfill.io cdn.polyfill.io	814 B
1	newsapi.com.au cdn.newsapi.com.au	169 KB
1	gstatic.com www.gstatic.com	132 KB
1	twitter.com analytics.twitter.com	650 B
1	t.co t.co	448 B
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	google.pl adservice.google.pl	890 B
1	chartbeat.net ping.chartbeat.net	168 B
1	akamai.net a248.e.akamai.net	14 KB
1	newscgp.com au.tags.newscgp.com	40 KB
1	everesttech.net 1 redirects cm.everesttech.net	554 B
283	39

	Domain	Requested by
90	subscriptions.news.com.au	www.heraldsun.com.au subscriptions.news.com.au
14	tags.news.com.au	2 redirects tags.tiqcdn.com au.tags.newscgp.com
13	www.google.com	5 redirects www.heraldsun.com.au subscriptions.news.com.au www.gstatic.com
11	www.google.de	www.heraldsun.com.au
11	googleads.g.doubleclick.net	5 redirects www.googleadservices.com
10	secure.adnxs.com	3 redirects www.heraldsun.com.au
9	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com www.googleadservices.com
9	tags.tiqcdn.com	www.heraldsun.com.au subscriptions.news.com.au tags.tiqcdn.com
9	www.heraldsun.com.au	5 redirects www.heraldsun.com.au
7	secure-gl.imrworldwide.com	3 redirects secure-gl.imrworldwide.com
7	js.stripe.com	subscriptions.news.com.au js.stripe.com
6	s7ap1.scene7.com
6	myaccount.news.com.au	www.heraldsun.com.au subscriptions.news.com.au
6	au-gmtdmp.mookie1.com	www.heraldsun.com.au
5	sp.analytics.yahoo.com	www.heraldsun.com.au s.yimg.com
5	cdn-gl.imrworldwide.com	seccdn-gl.imrworldwide.com secure-gl.imrworldwide.com cdn-gl.imrworldwide.com
5	commerceapi.news.com.au	subscriptions.news.com.au
4	8228261.fls.doubleclick.net	2 redirects www.heraldsun.com.au
4	s.yimg.com	www.heraldsun.com.au s.yimg.com
4	r.turn.com	secure-ds.serving-sys.com www.heraldsun.com.au
4	www.googletagmanager.com	secure-ds.serving-sys.com
4	metrics.heraldsun.com.au	tags.news.com.au
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net
3	www.paypal.com	www.paypalobjects.com
3	dpm.demdex.net	tags.news.com.au
2	px.ads.linkedin.com	1 redirects www.heraldsun.com.au
2	bat.bing.com	www.heraldsun.com.au
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	scdn.cxense.com	tags.tiqcdn.com scdn.cxense.com
2	login.newscorpaustralia.com	www.heraldsun.com.au
2	www.paypalobjects.com	subscriptions.news.com.au
2	newscorpau.demdex.net	tags.news.com.au
2	cdn.polyfill.io	subscriptions.news.com.au
1	cdn.newsapi.com.au
1	www.gstatic.com	www.google.com
1	a.tcog.news.com.au	subscriptions.news.com.au
1	secure-dcr.imrworldwide.com
1	insight.adsrvr.org	js.adsrvr.org
1	analytics.twitter.com	static.ads-twitter.com
1	t.co	www.heraldsun.com.au
1	ib.adnxs.com	www.heraldsun.com.au
1	www.linkedin.com	1 redirects
1	acdn.adnxs.com	www.heraldsun.com.au
1	js.adsrvr.org	secure-ds.serving-sys.com
1	snap.licdn.com	www.heraldsun.com.au
1	static.ads-twitter.com	www.heraldsun.com.au
1	2578e8765f2ddeef543b49512dd55274.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.pl	securepubads.g.doubleclick.net
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	id.cxense.com	scdn.cxense.com
1	ping.chartbeat.net
1	t.paypal.com
1	a248.e.akamai.net	tags.tiqcdn.com
1	seccdn-gl.imrworldwide.com	tags.news.com.au
1	au.tags.newscgp.com	tags.tiqcdn.com
1	mboxedge37.tt.omtrdc.net	tags.news.com.au
1	newslimited.tt.omtrdc.net	tags.news.com.au
1	cm.everesttech.net	1 redirects
1	newscorpau.sc.omtrdc.net	tags.news.com.au
283	62

This site contains links to these domains. Also see Links.

Domain
www.newscorporatesubscriptions.com.au
myaccount.news.com.au
www.newscorpaustraliaprivacy.com
policies.google.com

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2020-08-23` - `2021-09-22`	a year	crt.sh
subscriptions.news.com.au Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-17` - `2021-04-17`	8 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-07-07` - `2020-10-08`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2017-10-19` - `2020-11-25`	3 years	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
au.tags.newscgp.com Amazon	`2020-02-08` - `2021-03-08`	a year	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-06-10`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
t.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-07-15` - `2022-07-20`	2 years	crt.sh
metrics.heraldsun.com.au DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2021-07-15`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
*.google.pl GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
*.turn.com DigiCert SHA2 Secure Server CA	`2020-03-18` - `2021-04-19`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-06` - `2020-09-20`	a month	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.scene7.com DigiCert SHA2 Secure Server CA	`2020-01-02` - `2021-04-02`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh

This page contains 44 frames:

Primary Page: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
Frame ID: 4CB3ADF1B6E7D8AAEB5D3A422C8FD383
Requests: 200 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93be17fde268c6ff50c5aed9122214d2.html
Frame ID: 05145C314BF9D654CACC6D9D6CD6F8B0
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 00C2796CA1902092A4A52177CA1D87A6
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=i9mcZjyowVdHVXZPVropMQvfCq3.xSJI&nonce=KG9FOnX0z~pPZpvu3xLc-vaA9ZXwuj22&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMy40In0%3D
Frame ID: FD337ADDEA7A85E8FFDD024519BC9641
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93be17fde268c6ff50c5aed9122214d2.html
Frame ID: 3137E3C3D80C084E054CFB7FD803EF55
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=yTXIzM_jg-u5i5Cb_9ef6wuoo0qpkAwL&nonce=6k8cBrh2S2Q9Y5suoGjyDGlnf7~OvBQ4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMy40In0%3D
Frame ID: 4369BA0146B6D9CAE4EB101164224F25
Requests: 1 HTTP requests in this frame

Frame: https://scdn.cxense.com/sp1.html
Frame ID: 7E48B8DAFA001E578C76CF7ACF6C8B5C
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: FF235A1FD2124CF845E08AF7D76EF40F
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 5BA3F1624BA8EE6F221576633CE1E042
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 76F173DD2870AD834FEF15CA117CCCFA
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: E60E31E3E3FA7076E2DC54AC85396E71
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-994679518
Frame ID: 955ED4C68DF9C034A6A8B64295F2EF23
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-930683048
Frame ID: 8BC5E790D6F359F2FE8134A66B5EE086
Requests: 7 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 08053552820B71667A1CF52C7DC715D9
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: E1ED25FE16763CEBA0D9DAA41F9BC3EE
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: FFB8A8C29DEFF427565C4A4A81145317
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: D572065B50B1A34384284AB34931A4D2
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 8B81368982ECC81AD91020BA19693068
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: C8337032A18C4F5AC3B710AFECBB4C08
Requests: 2 HTTP requests in this frame

Frame: https://r.turn.com/server/beacon_call.js?b2=FZy510x9O42V4aG00mjSfmrJ6Am37gfKhClmr5LxVVqshx9n3v_NQ7FLoMambGCRBZ6uqhatUQk8UWSANt7hkg
Frame ID: 42471188EB1CCC1F3F8C88690752CAD8
Requests: 2 HTTP requests in this frame

Frame: https://s.yimg.com/wi/ytc.js
Frame ID: 00D5110F5CA31C2A1E03D740B29EDF4A
Requests: 3 HTTP requests in this frame

Frame: https://s.yimg.com/wi/ytc.js
Frame ID: ABBB08934D4C8D4450A007D8F0643FF3
Requests: 3 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJu2hLOuzOsCFZX7dwodx1UBeQ;src=8228261;type=invmedia;cat=newsc006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8349476942983.341
Frame ID: 2BD2934E562380656D8AC05BE49CCC7E
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPS2hLOuzOsCFUmGdwodvmEHMA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1853303183657.7861
Frame ID: 12AB24E8065CBAD627B01043B0040470
Requests: 1 HTTP requests in this frame

Frame: https://bat.bing.com/bat.js
Frame ID: 417A36376014073749AD807946E0FEF9
Requests: 2 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 7FCFA74B0FFD498C24157B54A307EA78
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: D89B8EE9F4FBD91B696E658E834035A1
Requests: 4 HTTP requests in this frame

Frame: https://r.turn.com/r/beacon?b2=p6XQ5Fc0adnznNpXL-pWH4UvNVDMRPMx8zrBFX6RFzv3Fa5NQOlD9S8IcQQSxWc9vEVgdRInyjPO9fW63tV3cg&cid=
Frame ID: B73AE705EDFF1961B3571A98E27784F0
Requests: 1 HTTP requests in this frame

Frame: https://r.turn.com/r/beacon?b2=YaJZyruTXtuOs2Zmj4LResGU5dxqPcSukoaiJ5IEES73Fa5NQOlD9S8IcQQSxWc9nzbZgxYJbBF0Zbp7Nc7AFQ&cid=
Frame ID: F509899163946BB888B290FDEA3007E6
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_804376&src.rand=[timestamp]&
Frame ID: 79C69D3BCFFBF7D1FF9D8D335BCCC1A5
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171455%26seg%3D19476740%26t%3D2
Frame ID: 1ED7B950D697D213872A191E6B421669
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_804370&src.rand=[timestamp]&
Frame ID: ABA75E9DF817875F65738029FA2105BF
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171454%26seg%3D19476739%26t%3D2
Frame ID: 2860152D36B243B20A521D0F22699C65
Requests: 1 HTTP requests in this frame

Frame: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10041060&js=no&url=heraldsunsitevisitors020419
Frame ID: 2AD36CA32B61EDA0FC1F5D467AF23E94
Requests: 1 HTTP requests in this frame

Frame: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10041060&js=no&url=heraldsunshopfrontpage020419
Frame ID: 3F63C9E6E606EF5E119F968565AD5DC7
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 58E89D012C72A26AB9AE9CB4CE22A14B
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 4260501DA228845CA083F9E89E54F376
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_136943&src.rand=[timestamp]
Frame ID: FE3D02710C34AAD99A6307EB36F89705
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 0A010713ADD95B59E56106BB98F31A4D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&upid=ekg5qxt&upv=1.1.0
Frame ID: 550F8343B5642EBAD65B436E935EF33F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-b3629fa4714c84944b88a393914ccbf4.html
Frame ID: 422E2F032248A2168A9E3C4DFDC6FA70
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-f0dfbb803355dfe356cf32b68cea2e58.html
Frame ID: DCCF748EA1F1B8CD115CF487BFF6364B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdTo0NDM.&hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&size=invisible&cb=snviv0icd8fr
Frame ID: 8F8AD6782B7F4F6B6C702508C43F2DDE
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-f0dfbb803355dfe356cf32b68cea2e58.html
Frame ID: E1652B80E36CF58394E9498DD8538989
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first... HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fcoronaviru... HTTP 302
https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first... HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fcoro... HTTP 302
https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first... HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun... HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubs... HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun... Page URL
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun... Page URL

Detected technologies

Red Hat (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Red Hat/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

283
Requests

96 %
HTTPS

39 %
IPv6

39
Domains

62
Subdomains

56
IPs

8
Countries

2697 kB
Transfer

8990 kB
Size

11
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.newscorporatesubscriptions.com.au/
Title: Corporate Subscriptions

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/templateCampaign?campaignId=HS_GIFT_PURCHASE
Title: View gifting offers

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_SDO_P1016AW04
Title: here

Search URL Search Domain Scan URL

URL: http://www.newscorpaustraliaprivacy.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/viewAccount
Title: My Account

Search URL Search Domain Scan URL

URL: http://www.newscorpaustraliaprivacy.com/#optout
Title: here.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown/news-story/6bc933fa2a930c5e708e543c3759d35a HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2fnews-story%2f6bc933fa2a930c5e708e543c3759d35a HTTP 302
https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown/news-story/6bc933fa2a930c5e708e543c3759d35a HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2fnews-story%2f6bc933fa2a930c5e708e543c3759d35a&15991146721595455476 HTTP 302
https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown/news-story/6bc933fa2a930c5e708e543c3759d35a?nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114673 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3danonymous%26mode%3dpremium&15991146731975030254 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674 Page URL
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown/news-story/6bc933fa2a930c5e708e543c3759d35a HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2fnews-story%2f6bc933fa2a930c5e708e543c3759d35a HTTP 302
https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown/news-story/6bc933fa2a930c5e708e543c3759d35a HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2fnews-story%2f6bc933fa2a930c5e708e543c3759d35a&15991146721595455476 HTTP 302
https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown/news-story/6bc933fa2a930c5e708e543c3759d35a?nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114673 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3danonymous%26mode%3dpremium&15991146731975030254 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674

Request Chain 23

https://cm.everesttech.net/cm/dd?d_uuid=73118517374066549532174625032303807181 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1CNswAABNHZ5C3-

Request Chain 135

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 150

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999005967/?value=1.00&label=fBbQCIHUqQgQj76u3AM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/999005967/?value=1.00&label=fBbQCIHUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=2882119399 HTTP 302
https://www.google.de/pagead/1p-user-list/999005967/?value=1.00&label=fBbQCIHUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=2882119399&ipr=y

Request Chain 151

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999005967/?value=1.00&label=NB48CPnUqQgQj76u3AM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/999005967/?value=1.00&label=NB48CPnUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=53905552 HTTP 302
https://www.google.de/pagead/1p-user-list/999005967/?value=1.00&label=NB48CPnUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=53905552&ipr=y

Request Chain 154

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677971&ci=newscorp&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&rp=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26nk%3Db66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&sr=1600x1200&id=lstrg-0078ea5d4145d003b3cb725a2ed933da&tz=2 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677971&ci=newscorp&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&rp=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26nk%3Db66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&sr=1600x1200&id=lstrg-0078ea5d4145d003b3cb725a2ed933da&tz=2&ja=1

Request Chain 155

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677972&ci=news-mobile&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&rp=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26nk%3Db66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&sr=1600x1200&id=lstrg-0078ea5d4145d003b3cb725a2ed933da&tz=2 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677972&ci=news-mobile&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&rp=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26nk%3Db66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&sr=1600x1200&id=lstrg-0078ea5d4145d003b3cb725a2ed933da&tz=2&ja=1

Request Chain 182

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8349476942983.341 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJu2hLOuzOsCFZX7dwodx1UBeQ;src=8228261;type=invmedia;cat=newsc006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8349476942983.341

Request Chain 183

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1853303183657.7861 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPS2hLOuzOsCFUmGdwodvmEHMA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1853303183657.7861

Request Chain 190

https://secure.adnxs.com/px?id=1171455&seg=19476740&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171455%26seg%3D19476740%26t%3D2

Request Chain 192

https://secure.adnxs.com/px?id=1171454&seg=19476739&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171454%26seg%3D19476739%26t%3D2

Request Chain 196

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Request Chain 209

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&time=1599114679203 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fsubscribe%252Fnews%252F1%252F%253FsourceCode%253DHSWEB_WRE170_a%2526dest%253Dhttps%25253A%25252F%25252Fwww.heraldsun.com.au%25252Fcoronavirus%25252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%25252Fnews-story%25252F6bc933fa2a930c5e708e543c3759d35a%2526memtype%253Danonymous%2526mode%253Dpremium%2526v21suffix%253D97-B%26time%3D1599114679203%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&time=1599114679203&liSync=true

Request Chain 246

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/?random=963230632&cv=9&fst=*&num=1&label=EgqJCNeJ1tgBEN61ptoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=t41QX_jgHuKg7_UPtsWPqAg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/994679518/?random=963230632&cv=9&fst=*&num=1&label=EgqJCNeJ1tgBEN61ptoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX_jgHuKg7_UPtsWPqAg&cid=CAQSKQCNIrLM-MeEZnfqd_qfCABcmER8-YUpqhkqhZsHyIZY1_YwGIEYyfvN&random=208753679&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/994679518/?random=963230632&cv=9&fst=*&num=1&label=EgqJCNeJ1tgBEN61ptoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX_jgHuKg7_UPtsWPqAg&cid=CAQSKQCNIrLM-MeEZnfqd_qfCABcmER8-YUpqhkqhZsHyIZY1_YwGIEYyfvN&random=208753679&resp=GooglemKTybQhCsO&ipr=y

Request Chain 249

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930683048/?random=1399868638&cv=9&fst=*&num=1&label=7SdtCKz0xcwBEKix5LsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=t41QX5DNH7C07_UPsuO_-AM&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/930683048/?random=1399868638&cv=9&fst=*&num=1&label=7SdtCKz0xcwBEKix5LsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX5DNH7C07_UPsuO_-AM&cid=CAQSKQCNIrLMsSVaRtuzxtWZWoGpFlh41Azz0-GYy-On1vBJGCWPGEM1zlBa&random=1190449342&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/930683048/?random=1399868638&cv=9&fst=*&num=1&label=7SdtCKz0xcwBEKix5LsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX5DNH7C07_UPsuO_-AM&cid=CAQSKQCNIrLMsSVaRtuzxtWZWoGpFlh41Azz0-GYy-On1vBJGCWPGEM1zlBa&random=1190449342&resp=GooglemKTybQhCsO&ipr=y

Request Chain 252

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1291309507&cv=9&fst=*&num=1&label=m9Y5CJ-OmLQBEPSlstEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=t41QX4D0H8DE7_UP7duE8AU&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/707564276/?random=1291309507&cv=9&fst=*&num=1&label=m9Y5CJ-OmLQBEPSlstEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX4D0H8DE7_UP7duE8AU&cid=CAQSKQCNIrLM1HjNBz02CqjodpKpSSS_m2EAWD2waF49Ayh-jIn2UN8-Ym0e&random=4003919880&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/707564276/?random=1291309507&cv=9&fst=*&num=1&label=m9Y5CJ-OmLQBEPSlstEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX4D0H8DE7_UP7duE8AU&cid=CAQSKQCNIrLM1HjNBz02CqjodpKpSSS_m2EAWD2waF49Ayh-jIn2UN8-Ym0e&random=4003919880&resp=GooglemKTybQhCsO&ipr=y

283 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown/news-story/6bc933fa2a930c5e708e543c3759d35a
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-...
https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown/news-story/6bc933fa2a930c5e708e543c3759d35a
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-ou...
https://www.heraldsun.com.au/coronavirus/secret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown/news-story/6bc933fa2a930c5e708e543c3759d35a?nk=b66ffddc0...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-...

2 KB
1 KB

171ms
170ms

Document
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

64a0570e7a08a80b4e13e598d66de603e83213b695eb3fb3f46530c76997f87f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:method: GET
:authority: www.heraldsun.com.au
:scheme: https
:path: /subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: n_regis=123456789; AWSALB=EftyosphBbjlQlKfyymMC42UkQuCAqU95h2CjSk0E2rGGS9OWTnWI78/UT1wWkg30Oo3pI3DsLqfZJLuYLaDr48l6/jFJdksYtWtsOVxDvDmsJ7p9Re6IQ2amZfz; AWSALBCORS=EftyosphBbjlQlKfyymMC42UkQuCAqU95h2CjSk0E2rGGS9OWTnWI78/UT1wWkg30Oo3pI3DsLqfZJLuYLaDr48l6/jFJdksYtWtsOVxDvDmsJ7p9Re6IQ2amZfz; anonymous_token={%22entitlements%22:anon}
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
content-type: text/html; charset=UTF-8
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
ssl: yes
content-encoding: gzip
cache-control: max-age=686
expires: Thu, 03 Sep 2020 06:42:40 GMT
date: Thu, 03 Sep 2020 06:31:14 GMT
content-length: 912

Redirect headers

status: 302
server: AkamaiGHost
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
set-cookie: nk=b66ffddc07ccfb9df7bce2fd5c6343c3; expires=Sun, 03 Sep 2023 06:31:14 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version: 1.0
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary: Accept-Encoding
etag: "b6f435aab7bbc553cf4ca52a9950b9c3:1580947248"
expires: Thu, 03 Sep 2020 06:31:14 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Thu, 03 Sep 2020 06:31:14 GMT

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 240 KB
75 KB 251ms
250ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

ce070ec2d399c394617ddf108a177139d6ae908ab788d35a5bf7abfe9a09da9d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "323cc059d5817bcf12c5780d5ebe0404:1596523056.236208"
vary: User-Agent, Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1371
date: Thu, 03 Sep 2020 06:31:14 GMT
is-https: true
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 03 Sep 2020 06:54:05 GMT

GET
H2 200 base.js Show response
subscriptions.news.com.au/latest/a/common/js/ 3 KB
1 KB 162ms
46ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c4a4f3ecd9442a2cdf9916934ddfd912fa7e852c7b64e7a2d57dc0e2e3ec12e

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:13:59 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22636
etag: W/"366e65e7005f97368fd79913a22461d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: duFtUACd0o5O0kLL2zFuX14If_J9S1_G
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: 2cKHjeWkX3my7A0apas5dRv8PxR4PNkNLoHXefhoEQbf0O7FnmfSqg==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 782 B
988 B 184ms
84ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4c7ef7bf1d02e99b77e82435d71f551afc5614a399c963fbb5e14d2921bc792f

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:14 GMT
last-modified: Wed, 02 Sep 2020 23:59:00 GMT
server: AkamaiNetStorage
etag: "2f436604fea20a83b344fa3e14297599:1599091140.89434"
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 782
expires: Thu, 03 Sep 2020 06:36:14 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
615 B 21ms
7ms Script
text/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=fetch,Promise,Object.assign,Object.values,Array.prototype.find,Array.prototype.includes,Array.from,String.prototype.includes,URL

Requested by

Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 6668953
detected-user-agent: Chrome/83.0.4103
status: 200
request_came_from_shield: HHN
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Jun 2020 06:21:36 GMT
date: Thu, 03 Sep 2020 06:31:14 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 adobe_visitor.js Show response
tags.news.com.au/prod/visitor/ 60 KB
20 KB 56ms
55ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1bc3625c4e923d79a85677113b548e5444129ead716d43e10e2a6e9d56939143

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:14 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "762b36524699d0c801c527b6e71f35e4:1593471758.804374"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=16152
content-type: application/x-javascript
content-length: 19871

GET
H2 200 at.js Show response
tags.news.com.au/prod/adobetarget/ 91 KB
31 KB 67ms
66ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/adobetarget/at.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 42326c665ee3a7127e53a2d57b781f90cdf7fb642e877637fd4c4ad6186c3b28

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:14 GMT
content-encoding: gzip
server: Apache
etag: "11cd07d9a21026827f2b56da2d88c9e0:1580876007"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=70966
content-type: application/x-javascript
content-length: 31188

GET
H2 200 webcomponents-lite.min.js Show response
subscriptions.news.com.au/latest/js/ 40 KB
12 KB 50ms
49ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abe23ee1968e6b4d601df4f547cd7ace646b15d520f171d4cd6e5d4ad895e127

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:01 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:29:02 GMT
server: AmazonS3
age: 22634
etag: W/"32b5a9b7ada86304bec6b43d3f2194f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: boADc.0gMIB88dFcFYeh8IU4pfru3EZT
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: vZKXUee5rE-F2juO2VSE57LSwMhQOJItOta-ifhbABmk_wcUWjDcww==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 redux.min.js Show response
subscriptions.news.com.au/latest/js/ 6 KB
3 KB 68ms
67ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/js/redux.min.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63c02e1886055823813b9ff0d685f370412b5b82402c6516886e555a57955b2c

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:00 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:29:02 GMT
server: AmazonS3
age: 22635
etag: W/"540e264a9abaac0d7ed81cf6643fd87b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Yv7p.MzAShNs0EPlkhP2XyLGfonYzrpJ
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: oc3O-2o7kWTZJrEsIir4RwsRN9lJAspzwxoMwMwiw_Nv7chOfp1lAw==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 polymer-redux.js Show response
subscriptions.news.com.au/latest/js/ 11 KB
3 KB 50ms
49ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/js/polymer-redux.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8224a8520a725cfbcebe4a7873622dc98fb7b64eefa3d202970e0bb3181d098a

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:00 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:29:02 GMT
server: AmazonS3
age: 22634
etag: W/"756b57a5c8f233f47aa3ede8a75d9851"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ZZWtArGO97t4.wAu_JJF24_qI38aU7qU
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: tmWvDoEiXW9YaTdBh4_gXDvXshR-arqnc6tvxN0a_YP3ZyFbTV5u0g==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 smoothscroll.min.js Show response
subscriptions.news.com.au/latest/a/common/js/ 4 KB
2 KB 53ms
52ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/js/smoothscroll.min.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2329433568e2a7b14ad9325461c936dfba814c17928b09d21430a32c6ebce83e

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:00 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22635
etag: W/"654bb939df0734b3947e06916c43b0e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: H_jfOd76cc1M5ZbW1TJ1.fwI2H_H0pjC
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: R-T2g-sP-vPQ7QU7XBmg033ZXtYAaSvrXNa1I_LSenTW5dx4Vqi0sg==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 contact-data-services.min.js Show response
subscriptions.news.com.au/latest/a/common/js/ 15 KB
5 KB 68ms
67ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/js/contact-data-services.min.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ebc75ee9a4ddb37de836d42f65d318b33c6efb47d17ad37e189a549556949a9

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:01 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22634
etag: W/"3c87483840ea35c641220507fd34c4df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: DZlRN_vnlm2oHMxhFggqxCspUW_jf6YP
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: hIGtyaXSQUGtsyhAQgHQ5KC6L34bnNapf3QeUD2OjjS-CWR_prsE2w==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 / Show response
js.stripe.com/v3/ 172 KB
45 KB 164ms
59ms Script
application/javascript 99.86.2.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.2.78 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-2-78.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

48ae7580c5daf68ec255719d51401946da2ccf5272f88d5e5bec37174f9cc9e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:26:18 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 297
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: 8820DBF59B0B3DA4
x-amz-id-2: WTV8CdSe7ifsCI6r7Q4TnW2kMYW+OsdMCIYzVi5Z9dNqYk3YpyM/8d8+JvAf8vhE8BqYqbR1zdQ=
access-control-allow-origin: *
last-modified: Wed, 02 Sep 2020 16:20:25 GMT
server: AmazonS3
etag: W/"8678b42f67b7ab72714c877c11eebd55"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: tAMnUsCCwt34E_vXbZ3QT4Gl9rm10ScvOhWDBoHB15LbL8_kIkcO1Q==

GET
H2 200 caas.js Show response
subscriptions.news.com.au/latest/a/common/js/ 536 B
909 B 67ms
66ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/js/caas.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f525f91a7a413820bd68cc8978e7d92c21b00c9db45be510972ec96c2218e6d

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:13:59 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22636
etag: "3137b540e8cf74a40e5f57baf3cfd047"
x-cache: Hit from cloudfront
x-amz-version-id: PLn9EyHyZMsp9w4lT8gGlntsG9Bmae8X
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 536
x-amz-cf-id: DM7ThKNikQHDYzGGMo8JbxPVfgIkLgLl5yzXWvGJH7l2rCWdkVOHQg==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 248ms
65ms XHR
application/json 54.76.175.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1599114674668

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.175.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-175-152.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2e37e870d0f649c2477bd14b7591e0f6d0ec0aa64bcbe5c990383791f35c3484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v079-05a4bfe06.edge-irl1.demdex.com 5.77.1.20200812153735 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: 6bLW+DPOR24=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1502
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 subscription-form.html Show response
subscriptions.news.com.au/latest/a/common/components/subscription-form/ 3 KB
1010 B 138ms
44ms XHR
text/html 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/components/subscription-form/subscription-form.html?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e274a3634a724091fc4f0d9414b7ea92811d97fe3abef1fa2991c21e078f742

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:03 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 22632
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 05 Aug 2020 04:28:58 GMT
server: AmazonS3
etag: W/"f2ae66e3bfcce9d3a2335beb3290a4bb"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 8li9a12WS5Xf.0.9ekPmk.VcX4ud4TbP
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-type: text/html
x-amz-cf-id: E2sfkAT1G12Gu4mkkktUsuNXXc3eO3wDXF5UTtHKDJvgpe_4oljx4A==

GET
H2 200 m-outer-93be17fde268c6ff50c5aed9122214d2.html
js.stripe.com/v3/ Frame 0514 0
0 53ms
53ms Document
text/html 99.86.2.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93be17fde268c6ff50c5aed9122214d2.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.2.78 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-2-78.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-93be17fde268c6ff50c5aed9122214d2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: Uza5Bzi8n/PUzEeYnFUHyr1MeBQFglzOB2jUKRAbWcjdxDd2tMwb57hUxQe39mE+DOBADnuWCfo=
x-amz-request-id: E348B6E68B813CD6
last-modified: Wed, 26 Aug 2020 16:24:27 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Thu, 03 Sep 2020 06:30:33 GMT
etag: "93be17fde268c6ff50c5aed9122214d2"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: l4K9zB9k5x0x8tXgvJO3EgtZFZizN8WC6zVJf-rIJGLUiEdafmL--Q==
age: 42

GET
H2 200 subscription-form.js Show response
subscriptions.news.com.au/latest/a/common/components/subscription-form/ 226 KB
52 KB 52ms
51ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/components/subscription-form/subscription-form.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf7e44cea05be4da13f39efe29ce7b39f516a0e5633a0077ba4f6c26d1c0a5ec

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:03 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:28:58 GMT
server: AmazonS3
age: 22632
etag: W/"7a3733cab2343fa9b44225d0f9c9f8f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: SyGpUUi651NJcqUgfDEwLBGBbtBTa4QA
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: 9rtNAd4jNtykx2mQk_-aa2klhBa88NXPhMldOfQiwlXmC3wqVSMQIw==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 environment.json Show response
subscriptions.news.com.au/latest/a/common/config/ 3 KB
1 KB 55ms
55ms Fetch
application/json 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/config/environment.json
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/components/subscription-form/subscription-form.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f16a6c6ac8b3cfc6fc9680e555f18636e0ed2e858af1f8b476f09bc9fcc6591b

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:15:09 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 22565
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 05 Aug 2020 04:28:58 GMT
server: AmazonS3
etag: W/"cba14bf0e8542138d121903083c7b8f7"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: FDLyQQ53CPBLFxDdQ6MeAjmVm2Y88SGW
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-type: application/json
x-amz-cf-id: 7croaFV9AS0BRcaORmnKGc4U0tpGAosxk2ZjWwyYfF9pUX7ka7S2rg==

GET
H2 200 config.json Show response
subscriptions.news.com.au/latest/a/mastheads/heraldsun/config/ 323 B
763 B 60ms
60ms Fetch
application/json 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/config/config.json
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/components/subscription-form/subscription-form.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5f8fc266756e934dba9555c11ea89132c3ca6b25b26e9a498e0c96be304a35a

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:24:19 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
age: 22016
x-cache: Hit from cloudfront
status: 200
content-length: 323
last-modified: Wed, 05 Aug 2020 04:29:01 GMT
server: AmazonS3
etag: "77d1e0d8c00fd1a9ac532f18cb2950c6"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: a0QRSze6Qt2jSu.l0ijJMFUY0Dp1HAuo
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: SxztgGbxB8Eyr1wG0JYHTSAmXTUdvtrseWHzt5oYK40YctQVPj11hw==

GET
H2 200 subscription-form-template.html Show response
subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/ 290 KB
42 KB 58ms
58ms XHR
text/html 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/subscription-form-template.html?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00824d015ae55ae9d054f5b275d51dea712f85b9d285be896989244fe3fafe16

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:24:19 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 22016
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 05 Aug 2020 04:29:01 GMT
server: AmazonS3
etag: W/"2cb4f9fdf1c28b5e4f3431cddee4000b"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: D_FTQ39pdDKOSeayHGovD3KBEzoB2yB4
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-type: text/html
x-amz-cf-id: 0PKgqBHkgUvY841tprkGqeWPu3m_cnxKu2vyAJL1aLKlEYtJDnw4RA==

GET
H/1.1 200
OK Cookie set dest5.html
newscorpau.demdex.net/ Frame 00C2 0
0 263ms
60ms Document
text/html 54.154.62.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.62.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-62-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=73118517374066549532174625032303807181
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 13 Aug 2020 11:32:41 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=73118517374066549532174625032303807181;Path=/;Domain=.demdex.net;Expires=Tue, 02-Mar-2021 06:31:15 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: 342rOWhxTlU=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id
newscorpau.sc.omtrdc.net/ 2 B
321 B 177ms
52ms XHR
application/x-javascript 15.236.9.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.sc.omtrdc.net/id?d_visid_ver=4.5.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=73094556434333104512172244330151369687&ts=1599114674927

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-9-100.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Thu, 03 Sep 2020 06:31:14 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-75d94f685-8sqhs
vary: Origin
x-c: master-1346.I9098b4.M0-442
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X1CNswAABNHZ5C3-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=73118517374066549532174625032303807181
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1CNswAABNHZ5C3-

42 B
915 B

62ms
62ms

Image
image/gif

54.76.175.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1CNswAABNHZ5C3-

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.175.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-175-152.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v079-0ff14d11e.edge-irl1.demdex.com 5.77.1.20200812153735 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: NcE60YrSTyw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 03 Sep 2020 06:31:14 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1CNswAABNHZ5C3-
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

POST
H2 200 delivery
newslimited.tt.omtrdc.net/rest/v1/ 30 KB
6 KB 225ms
83ms XHR
application/json 34.254.167.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://newslimited.tt.omtrdc.net/rest/v1/delivery?client=newslimited&sessionId=dfec523b82c04592bca178d4258e3055&version=2.2.0
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/adobetarget/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.167.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-167-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Sep 2020 06:31:15 GMT
content-encoding: gzip
status: 200
vary: Origin,Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-credentials: true
x-request-id: ff265fd0ecadcb6149ad95e01b40df25

GET
H2 200 subscription-form-template.js Show response
subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/ 331 KB
52 KB 50ms
49ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/subscription-form-template.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 240dc57f9dd78cd71b0036a365d7b4fc969ecdc7dd36af9f097daa266d086560

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:24:22 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:29:01 GMT
server: AmazonS3
age: 22014
etag: W/"7bf607b8a291cef8048f6d2d4472498e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: i6LjquIrfI27lvH9uy0O8G1lWx1L20DQ
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: AB5uiiKMYYYwVLeuTRuYMFsmJ3VmzfpCghrqYOHzbOYxKzGhC-q95A==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 icon-error.png
subscriptions.news.com.au/latest/a/common/images/ 517 B
883 B 53ms
49ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-error.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "04c8d1f9a388e83cac7736053c0be189"
x-cache: Hit from cloudfront
x-amz-version-id: NvBCrYxJjWlJY5XhjDA0MedIe8J.iEdP
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 517
x-amz-cf-id: mcQuerVx_w9sHWmIBcJJ9Hx3zWeGHyxjHeeEUbpcGE5TH1GCpiikIw==

GET
H2 200 did-you-know.png
subscriptions.news.com.au/latest/a/common/images/ 36 KB
36 KB 52ms
48ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/did-you-know.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "1311dc4829db75aaa494bd3ca091c4b3"
x-cache: Hit from cloudfront
x-amz-version-id: 3eKJWZ0Rfsfg6m2uD_fOrJJ1I_0GRv5s
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 36400
x-amz-cf-id: 6sxsazF4poIOTveJaW4x8i-PvmiCmd9V2lNv_WvPOTgLVRyyodrVEQ==

GET
H2 200 logo-white-dt.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 53ms
49ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-dt.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "3473020eb79d0a6bf8589136aed5fdb5"
x-cache: Hit from cloudfront
x-amz-version-id: 4doHkTXgUdG7A4HE4HalHl60NR5jqQUx
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1588
x-amz-cf-id: ZXv7r1nkpPnAJXOGUBKgDdQMD1gMpIEsOqVzhWC0zzVYgBCy0-sTBg==

GET
H2 200 logo-white-cm.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 52ms
48ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-cm.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22383
etag: "900218ec7d63fe234f5e0c5f5fe2c69f"
x-cache: Hit from cloudfront
x-amz-version-id: ezmj4d8PDqi4xV2yJkJMk75CfYxYVIGr
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1723
x-amz-cf-id: oOB-OqgGTv5J_PZMXKqyt7epjmxQwi_x_2PZlWtPFGm_7V8UbhgNzg==

GET
H2 200 logo-white-hs.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 63ms
59ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-hs.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22383
etag: "5af921862aa258b614dfa752475c31ee"
x-cache: Hit from cloudfront
x-amz-version-id: 8fu8fIh9B.45JjkUg3h.pA8NSKc0qNmZ
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1589
x-amz-cf-id: J7S701bdpEDn-0DqOHf3I__xpx-60PaXUvpVtDDwQZAUCZsoLpFESg==

GET
H2 200 logo-white-aa.png
subscriptions.news.com.au/latest/a/common/images/ 1 KB
2 KB 62ms
58ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-aa.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22383
etag: "8c70f8beefbd3ffb925d0facc44ce532"
x-cache: Hit from cloudfront
x-amz-version-id: XvBU6sR..E1R8t_siCWIelseqTOq2S4v
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1476
x-amz-cf-id: zNbf1XEIzqy7k60dFAm6h-2bmWMNbXS7-eZ1uw6P8MQ9zkIYcMIM7A==

GET
H2 200 logo-white-cp.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 53ms
49ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-cp.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22382
etag: "701d06d25ddad230c0a0ab3eb2670a5e"
x-cache: Hit from cloudfront
x-amz-version-id: 3q65tMRNBiMm4JKV7rvmJ5L5j0mdzDfT
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1643
x-amz-cf-id: Asw1nJaHJSaa4rnXG7WjQBH_6720oDK5To0YGS_sXbgRxtO6emrOBA==

GET
H2 200 logo-geelongadvertiser.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 52ms
48ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-geelongadvertiser.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22383
etag: "748da161070397b93e672262ce97f5a1"
x-cache: Hit from cloudfront
x-amz-version-id: jH7YRfV8pU4Og1BPHacFmXd6PDAabRGF
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1563
x-amz-cf-id: i46SdJDcTv6vkBf_NEyyz60wMGzhC_0Hz1SokNJis_i6n64Nngqhwg==

GET
H2 200 logo-white-nt.png
subscriptions.news.com.au/latest/a/common/images/ 1 KB
2 KB 53ms
50ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-nt.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22383
etag: "d38d1e3fde2d06c9374cc6a26060c4ae"
x-cache: Hit from cloudfront
x-amz-version-id: jviu5E7svkFVhx3A3V273WeYEbzd0KHK
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1402
x-amz-cf-id: BR5wtBa5sVj9BDBO7rBQvvKT9KbKT2DH94nMTnoMqGfvk71-tSDm3w==

GET
H2 200 logo-mercury.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 62ms
59ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-mercury.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22383
etag: "4747ac25f272c4d204a3f1f81e50954e"
x-cache: Hit from cloudfront
x-amz-version-id: qrUDQ0qLd4yjX2V89zk2wbMCBMeyPJtU
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1613
x-amz-cf-id: 7WnVo7s52mvfbrEWxpuENKwsv3Sn5R9vIoSS0oglZ5BcKW-JSl0Ueg==

GET
H2 200 logo-white-gcb.png
subscriptions.news.com.au/latest/a/common/images/ 1 KB
1 KB 68ms
65ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-gcb.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22383
etag: "e99442316fa01cad61fda13fafc1465f"
x-cache: Hit from cloudfront
x-amz-version-id: lCqjJAhAUa612ZBpTUcrEYnwCMJrm.1h
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1109
x-amz-cf-id: 9oQqDfrtDfKoo2CD3Su4M1oh3jofCgtJ_altn_6qzeJ9RdKjIe_mKg==

GET
H2 200 logo-white-tb.png
subscriptions.news.com.au/latest/a/common/images/ 950 B
1 KB 69ms
67ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-tb.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22382
etag: "2632aa390ac4ae24d4d57bd2db82bc26"
x-cache: Hit from cloudfront
x-amz-version-id: WqeFCNJAL9H3peDSZYjLZPfLA510omQ5
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 950
x-amz-cf-id: oePQoF9Sy8SNr_pYXitSJBUaXAH76Pi19N3F8GXNrb2-v0KV_jB0Bw==

GET
H2 200 weeklytimes.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 70ms
67ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/weeklytimes.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22382
etag: "b60accba2d1fa828233b62f6d1cbc5f8"
x-cache: Hit from cloudfront
x-amz-version-id: VZPRaKbhrQt0dHO0Og1Vzd518ZaM0To0
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1549
x-amz-cf-id: 5tZHtHlyX1gTTrWv5pa8JPtKFetr2YT_VHAU0JaFSukm1i7z94vObg==

GET
H2 200 logo-white-taus.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 68ms
65ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-taus.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22381
etag: "be2087e07a9f922cf5d2a79897c47a0b"
x-cache: Hit from cloudfront
x-amz-version-id: 38pU7AaIa5Y9dLlPCQ03mPsdQKMUfzZJ
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1815
x-amz-cf-id: 9Dxv3i03D5MDVSDCXRN4CftY-xYnBBoQip71qPhD0GUK3Hsbr7CZFw==

GET
H2 200 logo-supercoach-copy.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 68ms
66ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-supercoach-copy.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22382
etag: "2e22ebb9d7ce2c601d7f2c82c62aec0b"
x-cache: Hit from cloudfront
x-amz-version-id: HXj6F3.ONDkeDlVrtt3UNGM2NjV2zmjD
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1607
x-amz-cf-id: ULqKpnPUs6AJSqYTX5Ej03EWBaydzIvCUgOPyofbwXtw_kj-tqWtVg==

GET
H2 200 logo-white-fs.png
subscriptions.news.com.au/latest/a/common/images/ 1 KB
1 KB 68ms
66ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-fs.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22382
etag: "29b101c5f53ab0a7b43b35e769ec1985"
x-cache: Hit from cloudfront
x-amz-version-id: JNMaM3klbgPMIp9OOyPEtSq49WGrvU2W
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1067
x-amz-cf-id: eknSvpEfKSkPerkyhVo7xeXFoj60oH6cPd6wTyesv_QMXobZBoa4Jw==

GET
H2 200 checkout.js
www.paypalobjects.com/api/ 1 MB
232 KB 119ms
38ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1690165
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 237180
x-served-by: cache-lax8635-LAX, cache-hhn4024-HHN
last-modified: Fri, 14 Aug 2020 16:56:22 GMT
server: Apache
x-timer: S1599114675.477543,VS0,VE0
strict-transport-security: max-age=31557600
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 3, 33292

GET
H2 200 Primary Request / Show response
www.heraldsun.com.au/subscribe/news/1/ 2 KB
1 KB 342ms
342ms Document
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

64a0570e7a08a80b4e13e598d66de603e83213b695eb3fb3f46530c76997f87f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:method: GET
:authority: www.heraldsun.com.au
:scheme: https
:path: /subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: n_regis=123456789; AWSALB=EftyosphBbjlQlKfyymMC42UkQuCAqU95h2CjSk0E2rGGS9OWTnWI78/UT1wWkg30Oo3pI3DsLqfZJLuYLaDr48l6/jFJdksYtWtsOVxDvDmsJ7p9Re6IQ2amZfz; AWSALBCORS=EftyosphBbjlQlKfyymMC42UkQuCAqU95h2CjSk0E2rGGS9OWTnWI78/UT1wWkg30Oo3pI3DsLqfZJLuYLaDr48l6/jFJdksYtWtsOVxDvDmsJ7p9Re6IQ2amZfz; anonymous_token={%22entitlements%22:anon}; check=true; AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg=1; AMCV_5FE61C8B533204850A490D4D%40AdobeOrg=77933605%7CMCIDTS%7C18509%7CMCMID%7C73094556434333104512172244330151369687%7CMCAAMLH-1599719474%7C6%7CMCAAMB-1599719474%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1599121875s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.5.1; mbox=session#dfec523b82c04592bca178d4258e3055#1599116535|PC#dfec523b82c04592bca178d4258e3055.37_0#1662359476; mboxEdgeCluster=37
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674

Response headers

status: 200
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
content-type: text/html; charset=UTF-8
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
ssl: yes
content-encoding: gzip
cache-control: max-age=369
expires: Thu, 03 Sep 2020 06:37:24 GMT
date: Thu, 03 Sep 2020 06:31:15 GMT
content-length: 912

OPTIONS
H2 200 offersets
commerceapi.news.com.au/offersapi/ Frame 0
0 1175ms
966ms Other
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commerceapi.news.com.au/offersapi/offersets?offersetName=hs_premium&masthead=heraldsun&pkgDef=&sourceCode=HSWEB_WRE170_a&isCaasLite=false
Protocol: H2
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.heraldsun.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 1
x-amzn-requestid: 2c25f4e0-4fc9-4b0e-9a53-e5288704f5d6
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: SRsUPFx8ywMFpFw=
access-control-allow-methods: OPTIONS,GET
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: YFJCEAZn56M5pEZ52m8hix-m1SD41m73C6ED4Knl8redCQqBEKvjEg==
date: Thu, 03 Sep 2020 06:31:16 GMT

GET
H2 200 pptm.js
www.paypal.com/tagmanager/ 12 KB
0 158ms
54ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.heraldsun.com.au&source=checkoutjs&t=xo&v=4.0.317

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-labSALqJuE0+IS3/L+l6PldwTzl+q7/C/TSHwN8FgwI7BzFi' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline'; form-action 'self' https://.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-labSALqJuE0+IS3/L+l6PldwTzl+q7/C/TSHwN8FgwI7BzFi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"310f-FGviSVLWgsmjFEfYfieMcNrYi0M"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
date: Thu, 03 Sep 2020 06:31:15 GMT
paypal-debug-id: 2753441e6b08c
strict-transport-security: max-age=63072000
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 4456
x-xss-protection: 1; mode=block

GET offersets
commerceapi.news.com.au/offersapi/ 0
0

GET
H2 200 utag.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 51 KB
14 KB 91ms
91ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/subscription-form-template.js?v=2.1.6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:15 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 23:59:00 GMT
server: AkamaiNetStorage
etag: "7c546dd3a630ec8b60428ae7c04fc11d:1599091140.270913"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 13900
expires: Thu, 03 Sep 2020 06:36:15 GMT

GET
H2 200 Roboto.css
subscriptions.news.com.au/media/fonts/Roboto/ 3 KB
3 KB 44ms
43ms Stylesheet
text/css 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Roboto/Roboto.css
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/components/subscription-form/subscription-form.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 01:49:06 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2018 23:29:56 GMT
server: AmazonS3
age: 16930
etag: "613d6ee149cd9800506e6078eab1b18a"
x-cache: Hit from cloudfront
x-amz-version-id: rdeyD_jEIubE.FKV0T07jBjORoCUefRJ
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 3035
x-amz-cf-id: WXgA68wEvW7vOvrZLIy_7vkqoqhpUeTQqBoYcVXWSPJ3hTLv5Ae5Fw==

GET
H2 200 loading.gif
subscriptions.news.com.au/latest/a/common/images/ 6 KB
7 KB 47ms
45ms Image
image/gif 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/loading.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22382
etag: "a89c20b87057a80be393a236a1dd18b9"
x-cache: Hit from cloudfront
x-amz-version-id: DplV6oxlNsSKTnZTXFcRFnYgxERkq3AM
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
content-length: 6651
x-amz-cf-id: 05gYFNxAiJ3nKtjFdYhDnklcIdcJnqOOaXxzyCUhSNH9mOCSxzi2bA==

GET
H2 200 icon-timeout.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
3 KB 47ms
46ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-timeout.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22382
etag: "e6d8a48d022904956468066b94e64f99"
x-cache: Hit from cloudfront
x-amz-version-id: NgOxRqFzkAXIZoYvWtGZMF5b_EBc2lMU
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 2503
x-amz-cf-id: JdNPiwr6WcFCrMX7-6zhMsumkfs13APxjXaaZC_7EHi9aosrdmZMrQ==

GET
H2 200 icon-error-grey.png
subscriptions.news.com.au/latest/a/common/images/ 1 KB
2 KB 51ms
50ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-error-grey.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22382
etag: "7dbbd2c4d7104be6253889385b3f171e"
x-cache: Hit from cloudfront
x-amz-version-id: VQ7u8Wkm8syY7eVUppGJSgBibD8JnjHw
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1255
x-amz-cf-id: rOUvpoxcVVh8iShnTbYWBNImchPZj4qWdQno9_F427ptSdll_Q7EhQ==

GET
H2 200 loading-bw.gif
subscriptions.news.com.au/latest/a/common/images/ 6 KB
6 KB 48ms
47ms Image
image/gif 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/loading-bw.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22383
etag: "da944465736a84de12f51947b026c39d"
x-cache: Hit from cloudfront
x-amz-version-id: DLVcr55A5IKz76JmFpGb1T2yEmXvgHGm
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
content-length: 6081
x-amz-cf-id: s68N0By89qvZ-zp3ibyAsKk_Z7jH78Osk_uFfEigEh_pi8fz_ceVdQ==

GET
H2 200 icon-phone.png
subscriptions.news.com.au/latest/a/common/images/ 758 B
1 KB 49ms
48ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-phone.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "b9f78eddd0b00da2c16d3e94eb52d937"
x-cache: Hit from cloudfront
x-amz-version-id: YyW84IaCqEuelWJ0MWOGgmum6k2Vo62L
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 758
x-amz-cf-id: hJEY9EHOYllMYvXarefvPuZsAvjakqpTRR0wa6GkRBdKMzH-ToacOg==

GET
H2 200 masthead-header-logo.png
subscriptions.news.com.au/latest/a/mastheads/heraldsun/images/ 11 KB
11 KB 48ms
47ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/images/masthead-header-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:24:24 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:29:01 GMT
server: AmazonS3
age: 22012
etag: "c41bbed254b0e736bc6369ea11c655b0"
x-cache: Hit from cloudfront
x-amz-version-id: vJACrLP73HOUUYKpimdxpBWGCjG8PYap
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 10778
x-amz-cf-id: txFP83_I-ytZBwE3NQuU8GRVm0thEnD6LRw1xil1P0dQoU0uQy3bhA==

GET
H2 200 btn-close.png
subscriptions.news.com.au/latest/a/common/images/ 970 B
1 KB 44ms
44ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/btn-close.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:15:23 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:58 GMT
server: AmazonS3
age: 22553
etag: "e1648df9c2ccd0322acb860af732612d"
x-cache: Hit from cloudfront
x-amz-version-id: 2RZ3VVglBA1BFkopbTlr3dN_ITNvyI45
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 970
x-amz-cf-id: _Ahux76Iu2yNzKqtxuqp4Yt2vqyvEojHcgj7pfEntHz3flg7ODIBvQ==

GET
H2 200 icon-faq-plus.png
subscriptions.news.com.au/latest/a/common/images/ 248 B
616 B 44ms
44ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-faq-plus.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:11 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22385
etag: "eb20d15011429e58c79c76642dec7ae6"
x-cache: Hit from cloudfront
x-amz-version-id: Yqn4p_Ir8YyHmmoAlNRC2VEMSr_XKVWE
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 248
x-amz-cf-id: EscGzFJO3OXI4-imGxPzM2tSlW4LJjZNSvXIJ2PBi_xwGjLY7Btfng==

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame FD33 0
0 488ms
383ms Document
text/html 104.111.229.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=i9mcZjyowVdHVXZPVropMQvfCq3.xSJI&nonce=KG9FOnX0z~pPZpvu3xLc-vaA9ZXwuj22&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMy40In0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.57 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-57.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=i9mcZjyowVdHVXZPVropMQvfCq3.xSJI&nonce=KG9FOnX0z~pPZpvu3xLc-vaA9ZXwuj22&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMy40In0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674

Response headers

status: 200
server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 469e725055d8d823
ot-tracer-traceid: 1a6e06502ee0a02c
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 359-1599114676.013-2.16.110.190-1716-241502369-14-0.000
x-auth0-requestid: 87ae3cdadbe5972f815c
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1599114677
content-encoding: gzip
strict-transport-security: max-age=15768000
x-akamai-transformed: 9 533 0 pmb=mTOE,3
expires: Thu, 03 Sep 2020 06:31:16 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 03 Sep 2020 06:31:16 GMT
content-length: 839
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A11b05550-edaf-11ea-af4e-1d89f526807d.8gzxyuQwr1Z%2BWJFcIC05sJZkBer35877RrRcZyFdp1g; Max-Age=31557600; Path=/; Expires=Fri, 03 Sep 2021 12:31:16 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A11b05550-edaf-11ea-af4e-1d89f526807d.8gzxyuQwr1Z%2BWJFcIC05sJZkBer35877RrRcZyFdp1g; Max-Age=31557600; Path=/; Expires=Fri, 03 Sep 2021 12:31:16 GMT; HttpOnly; Secure ak_bmsc=1EC68DFEB1FE7EED5478D43CC19B63D50210BB2CC73F0000B48D505FA35DCB4D~plWZas6ielhcesrbBiy9OKOg3W5yXtGYVrK1ypLb70NQu5aOcmEVhvLHjA4Bd+16rZYWBZyyaHSSQiqQi0cLtkiCsxlqkzRrE0U1+3YdOHPtZg9kmxVxZk5iIZnimpA7HwEDHTECSRNrFzzRl7bXGDhhZkUe5dBhNJh0SPf4yYYpewczyyu0rGbb0FypO10LQ119huJz4gg/1+0TLph9OC6zIKA37Ahf4q5xA6eN0f+Dq6tbk8Sf++mJgz/qeNMZlv; expires=Thu, 03 Sep 2020 08:31:16 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=737ED14C344120E0AC061390FF6E777F~6wDZFel0V6j5nkRXcd3QqXqBrd+oGtytpQw5GuvP52Htphjc4egJ7zG7Aa5JtBjHeAEhTA8gUywUKjeZR58iX4Q/IUgGKw6mpZYHquJJv2mrajfjagJ/GVBcxIjqzhDcHJTaOPbBRBkAqrWTphiSstwIbb0KbyQKb/ebPA1bs4TTw1TIFFriWFwIh4No0BilfWwMx+AjJ9pLxtVEmk6GpnigKco5jBUPWKOzCUD+Dfqtj63d5+SLw8AQ4MeUz5Vw; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=E03CC0A35429E7448C43573A322CE68F~YAAQLLsQAhRVME90AQAA04epUgjcWcuLS178cLD5uhj2piy0++cRJ5CNp589YPSZaU8AIRLrUFj04bw6RttCNM244jTuCLFQ+hnDw3INN2vaEoB1BBJGXEkrMIX1kKEU0KgRczVoJk2VWqad0OEwmzo5GNeSOEEtmC/GHO/ZCZqRC5KB/kjUfZPgNrRsQCQo8apUABXSQNumxgA=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 03 Sep 2020 10:31:15 GMT; Max-Age=14399; HttpOnly _abck=E24D6C2A3236231838B34BE68B3ED2C1~-1~YAAQLLsQAhVVME90AQAA04epUgSpPY+bXPOEmOTqaLBqr62fgaXGHXQPuqJnLobLNPgVd6ARookP6yC4AsP27+4FRv8z002lvwvhPUpcs+vm2SA+/vvp8aKWDJPbI7TwQo/Qn/CnfQ5HlzJL3/63HsBlW2LKh6MRGiYCU8G1r+3oXk4th+J8u+LfZFvwMUZrpD8aw3+/z/tn/66XWgruyUK27uNlhfYK2KFNpU2XpT3GehgCpUXnFc27WBGYCZI4FlLPlhcWKbb1BAYrEFShsCMOHniSU9Y9r84K8HMhqLVZ96P6j/hWXS9nFMyKL5EABLp7aGo=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 03 Sep 2021 06:31:16 GMT; Max-Age=31536000; Secure

GET utrack.js
tags.news.com.au/prod/utrack/ 0
0

GET mitas.js
tags.news.com.au/prod/mitas/ 0
0

GET
H2 200 gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 61 B
358 B 942ms
820ms XHR
text/plain 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:16 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "f1d1adc077c1f1f826a151ee3db530bc:1594002579.72485"
status: 200
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-type: text/plain
content-length: 61
expires: Thu, 03 Sep 2020 06:31:16 GMT

GET utag.664.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 0
0

GET utag.665.js
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 0
0

GET robotocondensed-bold-webfont.woff2
subscriptions.news.com.au/media/fonts/Roboto/ 0
0

GET roboto-regular-webfont.woff2
subscriptions.news.com.au/media/fonts/Roboto/ 0
0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 356ms
258ms Other
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.com/xoplatform/logger/api/logger
Protocol: H2
Server: 104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-228-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-app-name,x-requested-with
Origin: https://www.heraldsun.com.au
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type,x-app-name,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://www.heraldsun.com.au

POST logger
www.paypal.com/xoplatform/logger/api/ 0
0

GET robotocondensed-bold-webfont.woff
subscriptions.news.com.au/media/fonts/Roboto/ 0
0

GET roboto-regular-webfont.woff
subscriptions.news.com.au/media/fonts/Roboto/ 0
0

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 240 KB
75 KB 146ms
144ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

ce070ec2d399c394617ddf108a177139d6ae908ab788d35a5bf7abfe9a09da9d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "323cc059d5817bcf12c5780d5ebe0404:1596523056.236208"
vary: User-Agent, Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1369
date: Thu, 03 Sep 2020 06:31:16 GMT
is-https: true
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 03 Sep 2020 06:54:05 GMT

GET
H2 200 base.js Show response
subscriptions.news.com.au/latest/a/common/js/ 3 KB
1 KB 45ms
44ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c4a4f3ecd9442a2cdf9916934ddfd912fa7e852c7b64e7a2d57dc0e2e3ec12e

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:13:59 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22638
etag: W/"366e65e7005f97368fd79913a22461d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: duFtUACd0o5O0kLL2zFuX14If_J9S1_G
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: kw4A6qFY-jpTls8mpgzySm2ZF-MoOfYV_tDaKtJPAN8jPlhoLB45cg==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 782 B
988 B 52ms
51ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4c7ef7bf1d02e99b77e82435d71f551afc5614a399c963fbb5e14d2921bc792f

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:16 GMT
last-modified: Wed, 02 Sep 2020 23:59:00 GMT
server: AkamaiNetStorage
etag: "2f436604fea20a83b344fa3e14297599:1599091140.89434"
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 782
expires: Thu, 03 Sep 2020 06:36:16 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
199 B 7ms
6ms Script
text/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=fetch,Promise,Object.assign,Object.values,Array.prototype.find,Array.prototype.includes,Array.from,String.prototype.includes,URL

Requested by

Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 6668955
detected-user-agent: Chrome/83.0.4103
status: 200
request_came_from_shield: HHN
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=0
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Jun 2020 06:21:36 GMT
date: Thu, 03 Sep 2020 06:31:16 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 adobe_visitor.js Show response
tags.news.com.au/prod/visitor/ 60 KB
20 KB 65ms
64ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1bc3625c4e923d79a85677113b548e5444129ead716d43e10e2a6e9d56939143

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:16 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "762b36524699d0c801c527b6e71f35e4:1593471758.804374"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=16150
content-type: application/x-javascript
content-length: 19871

GET
H2 200 at.js Show response
tags.news.com.au/prod/adobetarget/ 91 KB
31 KB 72ms
71ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/adobetarget/at.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 42326c665ee3a7127e53a2d57b781f90cdf7fb642e877637fd4c4ad6186c3b28

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:16 GMT
content-encoding: gzip
server: Apache
etag: "11cd07d9a21026827f2b56da2d88c9e0:1580876007"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=70964
content-type: application/x-javascript
content-length: 31188

GET
H2 200 webcomponents-lite.min.js Show response
subscriptions.news.com.au/latest/js/ 40 KB
12 KB 52ms
50ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abe23ee1968e6b4d601df4f547cd7ace646b15d520f171d4cd6e5d4ad895e127

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:01 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:29:02 GMT
server: AmazonS3
age: 22636
etag: W/"32b5a9b7ada86304bec6b43d3f2194f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: boADc.0gMIB88dFcFYeh8IU4pfru3EZT
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: KELFEr5DTiciB84bW0x4OdREyPlAnHJfjyG4rFMJj4RkHkL_mEUkfg==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 redux.min.js Show response
subscriptions.news.com.au/latest/js/ 6 KB
3 KB 52ms
51ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/js/redux.min.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63c02e1886055823813b9ff0d685f370412b5b82402c6516886e555a57955b2c

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:00 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:29:02 GMT
server: AmazonS3
age: 22637
etag: W/"540e264a9abaac0d7ed81cf6643fd87b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Yv7p.MzAShNs0EPlkhP2XyLGfonYzrpJ
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: mIW4HQFN0N0XKxg2-mikqIdukEvD3eUHBbgsUdHAB8i_vv1m1Buaqg==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 polymer-redux.js Show response
subscriptions.news.com.au/latest/js/ 11 KB
3 KB 52ms
51ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/js/polymer-redux.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8224a8520a725cfbcebe4a7873622dc98fb7b64eefa3d202970e0bb3181d098a

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:00 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:29:02 GMT
server: AmazonS3
age: 22636
etag: W/"756b57a5c8f233f47aa3ede8a75d9851"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ZZWtArGO97t4.wAu_JJF24_qI38aU7qU
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: XRj4ragHfbU3RyofoRfT7rP8DOrY-ZU4NHXzwv0qjc0n_XHTy6qJRw==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 smoothscroll.min.js Show response
subscriptions.news.com.au/latest/a/common/js/ 4 KB
2 KB 54ms
52ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/js/smoothscroll.min.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2329433568e2a7b14ad9325461c936dfba814c17928b09d21430a32c6ebce83e

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:00 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22637
etag: W/"654bb939df0734b3947e06916c43b0e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: H_jfOd76cc1M5ZbW1TJ1.fwI2H_H0pjC
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: uuGqfcniGLeYR9M403mWFa9sYii3DgxraHqI2NM_zFi1tEyXRc11gQ==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 contact-data-services.min.js Show response
subscriptions.news.com.au/latest/a/common/js/ 15 KB
5 KB 52ms
51ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/js/contact-data-services.min.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ebc75ee9a4ddb37de836d42f65d318b33c6efb47d17ad37e189a549556949a9

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:01 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22636
etag: W/"3c87483840ea35c641220507fd34c4df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: DZlRN_vnlm2oHMxhFggqxCspUW_jf6YP
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: -fHEeNGLyKzgZKD4hz0NpIcZjzacuJdrmH1v8u72a1z5RKIebg1IQg==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 / Show response
js.stripe.com/v3/ 172 KB
45 KB 54ms
53ms Script
application/javascript 99.86.2.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.2.78 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-2-78.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

48ae7580c5daf68ec255719d51401946da2ccf5272f88d5e5bec37174f9cc9e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:26:18 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 299
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: 8820DBF59B0B3DA4
x-amz-id-2: WTV8CdSe7ifsCI6r7Q4TnW2kMYW+OsdMCIYzVi5Z9dNqYk3YpyM/8d8+JvAf8vhE8BqYqbR1zdQ=
access-control-allow-origin: *
last-modified: Wed, 02 Sep 2020 16:20:25 GMT
server: AmazonS3
etag: W/"8678b42f67b7ab72714c877c11eebd55"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: WUcxHaduR6rxTLi7YusPCUoovrMda6icW9XFnlT7ldonfpYFlT92SQ==

GET
H2 200 caas.js Show response
subscriptions.news.com.au/latest/a/common/js/ 536 B
897 B 52ms
51ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/js/caas.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f525f91a7a413820bd68cc8978e7d92c21b00c9db45be510972ec96c2218e6d

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:13:59 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22638
etag: "3137b540e8cf74a40e5f57baf3cfd047"
x-cache: Hit from cloudfront
x-amz-version-id: PLn9EyHyZMsp9w4lT8gGlntsG9Bmae8X
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 536
x-amz-cf-id: If03bAelrGjG2bBQjKNjkV3dfb1n9JM1Mm6l32udIYevMHpAicfcag==

GET
H2 200 subscription-form.html Show response
subscriptions.news.com.au/latest/a/common/components/subscription-form/ 3 KB
1001 B 46ms
45ms XHR
text/html 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/components/subscription-form/subscription-form.html?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e274a3634a724091fc4f0d9414b7ea92811d97fe3abef1fa2991c21e078f742

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:03 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 22635
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 05 Aug 2020 04:28:58 GMT
server: AmazonS3
etag: W/"f2ae66e3bfcce9d3a2335beb3290a4bb"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 8li9a12WS5Xf.0.9ekPmk.VcX4ud4TbP
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-type: text/html
x-amz-cf-id: ve7BWgkkb1PgvV3RQUy5e-MGEqcQThcHhGSB1dVwJu90MUSHdG5CoQ==

POST
H2 200 delivery Show response
mboxedge37.tt.omtrdc.net/rest/v1/ 30 KB
6 KB 71ms
69ms XHR
application/json 34.254.167.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mboxedge37.tt.omtrdc.net/rest/v1/delivery?client=newslimited&sessionId=dfec523b82c04592bca178d4258e3055&version=2.2.0
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/adobetarget/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.167.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-167-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 657d0926095e68a9c4e897f2c58f5b085461cc40d8089a12770633eac06be7c5

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
status: 200
vary: Origin,Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-credentials: true
x-request-id: 2286d85baa0f0bc9d078d3f493f1defe

GET
H2 200 m-outer-93be17fde268c6ff50c5aed9122214d2.html
js.stripe.com/v3/ Frame 3137 0
0 58ms
58ms Document
text/html 99.86.2.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93be17fde268c6ff50c5aed9122214d2.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.2.78 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-2-78.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-93be17fde268c6ff50c5aed9122214d2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: Uza5Bzi8n/PUzEeYnFUHyr1MeBQFglzOB2jUKRAbWcjdxDd2tMwb57hUxQe39mE+DOBADnuWCfo=
x-amz-request-id: E348B6E68B813CD6
last-modified: Wed, 26 Aug 2020 16:24:27 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Thu, 03 Sep 2020 06:30:33 GMT
etag: "93be17fde268c6ff50c5aed9122214d2"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: kfwaC6sLDZysgfu_7fXbvULFzXIqfUoD3XRBdlYTyFiWaH0cFYPc5g==
age: 45

GET
H2 200 subscription-form.js Show response
subscriptions.news.com.au/latest/a/common/components/subscription-form/ 226 KB
52 KB 52ms
52ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/components/subscription-form/subscription-form.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf7e44cea05be4da13f39efe29ce7b39f516a0e5633a0077ba4f6c26d1c0a5ec

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:14:03 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:28:58 GMT
server: AmazonS3
age: 22635
etag: W/"7a3733cab2343fa9b44225d0f9c9f8f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: SyGpUUi651NJcqUgfDEwLBGBbtBTa4QA
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: TOLSfK_doH96nkV1Ztbf6XdWmWQs0YQIjkYsqgHcHh26qk8ztciS9Q==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H2 200 environment.json Show response
subscriptions.news.com.au/latest/a/common/config/ 3 KB
1 KB 49ms
47ms Fetch
application/json 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/common/config/environment.json
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/components/subscription-form/subscription-form.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f16a6c6ac8b3cfc6fc9680e555f18636e0ed2e858af1f8b476f09bc9fcc6591b

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:15:09 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 22568
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 05 Aug 2020 04:28:58 GMT
server: AmazonS3
etag: W/"cba14bf0e8542138d121903083c7b8f7"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: FDLyQQ53CPBLFxDdQ6MeAjmVm2Y88SGW
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-type: application/json
x-amz-cf-id: qfDpQ_TDM-OmDd-lqlDYhtf_di0xOM2ng8-9K7MoK666mzKAVGUBUw==

GET
H2 200 config.json Show response
subscriptions.news.com.au/latest/a/mastheads/heraldsun/config/ 323 B
755 B 48ms
47ms Fetch
application/json 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/config/config.json
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/components/subscription-form/subscription-form.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5f8fc266756e934dba9555c11ea89132c3ca6b25b26e9a498e0c96be304a35a

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:24:19 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
age: 22019
x-cache: Hit from cloudfront
status: 200
content-length: 323
last-modified: Wed, 05 Aug 2020 04:29:01 GMT
server: AmazonS3
etag: "77d1e0d8c00fd1a9ac532f18cb2950c6"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: a0QRSze6Qt2jSu.l0ijJMFUY0Dp1HAuo
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: DQZbThDNNWNw3YYNMoUeAjYipOGhf0wMf0NcC2zI3yrwwH815MAUXw==

GET
H2 200 subscription-form-template.html Show response
subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/ 290 KB
42 KB 49ms
47ms XHR
text/html 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/subscription-form-template.html?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00824d015ae55ae9d054f5b275d51dea712f85b9d285be896989244fe3fafe16

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:24:19 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 22019
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 05 Aug 2020 04:29:01 GMT
server: AmazonS3
etag: W/"2cb4f9fdf1c28b5e4f3431cddee4000b"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: D_FTQ39pdDKOSeayHGovD3KBEzoB2yB4
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-type: text/html
x-amz-cf-id: GY5VeAJVWuVfO65c7BdINXb44HGlnurW6zuWtRuQJTIplLj9VRa2ug==

GET
H2 200 subscription-form-template.js Show response
subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/ 331 KB
52 KB 48ms
48ms Script
text/javascript 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/subscription-form-template.js?v=2.1.6
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 240dc57f9dd78cd71b0036a365d7b4fc969ecdc7dd36af9f097daa266d086560

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:24:22 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 04:29:01 GMT
server: AmazonS3
age: 22016
etag: W/"7bf607b8a291cef8048f6d2d4472498e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: i6LjquIrfI27lvH9uy0O8G1lWx1L20DQ
status: 200
x-amz-cf-pop: FRA53-C1
content-type: text/javascript
x-amz-cf-id: lZ4cNmGBaLMPPTNGtTIqxfkMTPJmMiWIBVxQX2YAQ89xNhfaO-cSAg==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

OPTIONS
H2 200 offersets
commerceapi.news.com.au/offersapi/ Frame 0
0 916ms
916ms Other
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commerceapi.news.com.au/offersapi/offersets?offersetName=hs_premium&masthead=heraldsun&pkgDef=&sourceCode=HSWEB_WRE170_a&isCaasLite=false
Protocol: H2
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.heraldsun.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 1
x-amzn-requestid: 570f507c-9734-4dea-a1f7-0a403a81382a
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: SRsUdEGRywMF0Fg=
access-control-allow-methods: OPTIONS,GET
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 8GDXuAMHLvmJop1VUVHZjtcuqZ3tivXOmbjtaPY_34wCDsGUS914bg==
date: Thu, 03 Sep 2020 06:31:18 GMT

GET
H2 200 offersets Show response
commerceapi.news.com.au/offersapi/ 12 KB
3 KB 953ms
952ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commerceapi.news.com.au/offersapi/offersets?offersetName=hs_premium&masthead=heraldsun&pkgDef=&sourceCode=HSWEB_WRE170_a&isCaasLite=false
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/caas.js?v=2.1.6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 469fef89f9e262fa0f3bea650824fd824abbef4ba73036788d17b0d9621e73aa

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-api-key: 0iwH8Iq4KC9UZKpkJJn6B8SpM7MCC3tl35vR1WF9

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
status: 200
x-amzn-requestid: c12e74d6-55d9-4b81-9b95-bc71890cf55c
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f508db6-413213e08d10c940e117e0e8;Sampled=0
x-amz-apigw-id: SRsUmGZ6SwMFZ7w=
content-length: 2361
x-amz-cf-id: cVLnagB1ESVDKM5dbbk9sz-ubrwvVZj7sM99NEDj4cGJ6mbLKnzgBw==

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 51 KB
14 KB 53ms
52ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/subscription-form-template.js?v=2.1.6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a09886e2fa4c170d3f5dc029b0aab4fba8306ff3c09cc70513408eb5386a2db0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 23:59:00 GMT
server: AkamaiNetStorage
etag: "7c546dd3a630ec8b60428ae7c04fc11d:1599091140.270913"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 13900
expires: Thu, 03 Sep 2020 06:36:17 GMT

GET
H2 200 Roboto.css
subscriptions.news.com.au/media/fonts/Roboto/ 3 KB
3 KB 44ms
43ms Stylesheet
text/css 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Roboto/Roboto.css
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/components/subscription-form/subscription-form.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0f0d91d4822f932943383056a7ece530de55eca480df5c59cb8ce22c8f6d985

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 01:49:06 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2018 23:29:56 GMT
server: AmazonS3
age: 16932
etag: "613d6ee149cd9800506e6078eab1b18a"
x-cache: Hit from cloudfront
x-amz-version-id: rdeyD_jEIubE.FKV0T07jBjORoCUefRJ
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 3035
x-amz-cf-id: vMiSU5FJDUsjf-YDF1s7KioX1i0dUoscVjrMwsitqs_q8-4F9P2NQg==

GET
H2 200 btn-close.png
subscriptions.news.com.au/latest/a/common/images/ 970 B
1 KB 56ms
55ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/btn-close.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36728a086a7c0d5852faea6f7ee1c4402574ce445389e1b4f72c87ef86cd8943

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:15:23 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:58 GMT
server: AmazonS3
age: 22555
etag: "e1648df9c2ccd0322acb860af732612d"
x-cache: Hit from cloudfront
x-amz-version-id: 2RZ3VVglBA1BFkopbTlr3dN_ITNvyI45
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 970
x-amz-cf-id: iu0pWeZWdE5xIRuBu2eIw9FgWh1sslq5NB56YrwFQYhWpoxfQ_5zPQ==

GET
H2 200 icon-faq-plus.png
subscriptions.news.com.au/latest/a/common/images/ 248 B
606 B 56ms
56ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-faq-plus.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4337259b432dc43956bf63501cd001bb86056126594de3814f27ce1a7770805

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:11 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22387
etag: "eb20d15011429e58c79c76642dec7ae6"
x-cache: Hit from cloudfront
x-amz-version-id: Yqn4p_Ir8YyHmmoAlNRC2VEMSr_XKVWE
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 248
x-amz-cf-id: bjj0VAaUA--PTLI75aJ9qE-pSwlKOIGV3VQa-wA8vYU5BqH53c_BrA==

GET
H2 200 masthead-header-logo.png
subscriptions.news.com.au/latest/a/mastheads/heraldsun/images/ 11 KB
11 KB 57ms
57ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/images/masthead-header-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47829b37dfa278e375151af83846259e3b02fc51630a6790802396dbc2380eea

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:24:24 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:29:01 GMT
server: AmazonS3
age: 22014
etag: "c41bbed254b0e736bc6369ea11c655b0"
x-cache: Hit from cloudfront
x-amz-version-id: vJACrLP73HOUUYKpimdxpBWGCjG8PYap
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 10778
x-amz-cf-id: FhN_xFqpkuoG2vYV_R0W2KUvvlSWlnY-Noguq8v9AvuuzNZzGrlJlw==

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame 4369 0
0 372ms
366ms Document
text/html 104.111.229.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=yTXIzM_jg-u5i5Cb_9ef6wuoo0qpkAwL&nonce=6k8cBrh2S2Q9Y5suoGjyDGlnf7~OvBQ4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMy40In0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.57 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-57.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=yTXIzM_jg-u5i5Cb_9ef6wuoo0qpkAwL&nonce=6k8cBrh2S2Q9Y5suoGjyDGlnf7~OvBQ4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMy40In0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: did=s%3Av0%3A11b05550-edaf-11ea-af4e-1d89f526807d.8gzxyuQwr1Z%2BWJFcIC05sJZkBer35877RrRcZyFdp1g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B

Response headers

status: 200
server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 1b1a4cf30dee7477
ot-tracer-traceid: 498825a76d666df0
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 360-1599114677.692-2.16.110.190-1836-241502363-4-0.000
x-auth0-requestid: d6588020cd646fcf0585
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1599114678
content-encoding: gzip
strict-transport-security: max-age=15768000
x-akamai-transformed: 9 532 0 pmb=mTOE,3
expires: Thu, 03 Sep 2020 06:31:17 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 03 Sep 2020 06:31:17 GMT
content-length: 837
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A11b05550-edaf-11ea-af4e-1d89f526807d.8gzxyuQwr1Z%2BWJFcIC05sJZkBer35877RrRcZyFdp1g; Max-Age=31557600; Path=/; Expires=Fri, 03 Sep 2021 12:31:17 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A11b05550-edaf-11ea-af4e-1d89f526807d.8gzxyuQwr1Z%2BWJFcIC05sJZkBer35877RrRcZyFdp1g; Max-Age=31557600; Path=/; Expires=Fri, 03 Sep 2021 12:31:17 GMT; HttpOnly; Secure ak_bmsc=641AF7F91488BF2FF793B6D490156EE50210BB2CC73F0000B58D505F9A6B0D77~plPTMTUR4TKV2PL7dmWElQY5FJhHylMbnntUEGkURftVR+H4FxkqqvtvHqlwjUqV97RZ9zHtL7FWka0VktJxKJ9yBbMyat5w4IL7193LdTvKjroUM+n3scO43dxh1VCoh4r3/FUPxdKnjGAJeANKbhlfTOLsKYB5zu12rHm8bQtjmPkyb94P6sJfDIcwFiqG0x7FR/56aS9wymXvBrdWdzHxo5aHi8hVh1rYam/14J4nE2XxgrF6gX/GyJgxuoCFeC; expires=Thu, 03 Sep 2020 08:31:17 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=E9999E99B1ECD98C859D014EB137E07F~6wDZFel0V6j5nkRXcd3QqQXEQFvGnY8xPVOlehXwerjo2COp3yZLgr3TGgI+ms+fn9aGfzfgCmF3HT0vGWgpgU1l7q/1nUsSSf52BDcANqqE3/8FHu2UHGiptDEf6BBMPoSjrRrOP8W4rnR3QUhY3x127F5lAoZw1UguzkAmT3W8xPmCSf0kSKHdlP2rLNaoYcyek9NnxelrLH1HSZTMrp0aIXYzz5hhgZa3OKhL3qLpZevPSw/27bUvKRale8l6; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=7B9689E3EC83C176B526EFDF1A4A9B0F~YAAQLLsQAiJVME90AQAAXo6pUgiJkxWC4mJCfC+KhpG9rI14CLzHpwyUeznGi3WApn6XJAJpac40L6iFns4F9qKk+m3hb9yE1kVQY68gbCNPzji0oV4klTRgAemcSwAbnO4LY//uM2ugrznc3Q0czzMUDJw7W9C2cFG9XdbwGFtglXeC7/MSmFIX+UYufl9CVXfcPN3CR+pzBaI=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 03 Sep 2020 10:31:17 GMT; Max-Age=14400; HttpOnly _abck=3CEB2EEEF0EDAF5FC44A0749007CF40F~-1~YAAQLLsQAiNVME90AQAAXo6pUgSNjT4crxVCUaQUTY5jZR9gyCtq/LLU+KlqrmMpYP21PUVYQd2w19UfbX7KShF8gJxwwV0W5UkZsmVqSZTXASOebQmi7zODjCk+nLi7eydyL/8a2snR46xKcQnZ+/6EXAY5ntyd7az50rTryxTXI6Y7lJKDdPz0eIsJxbLzPb1e1wmnkEPRHDVjRrzXga53n5dVdlNXi7J6ddBmqwfoi063cgQfJaLu67Fb18BViowtUGB58KIfJ/Uzhc4UdjiYHW/2C3ITQPXgAqsemp0HAjnae4c01ONjPgYzEyDDwSktGgY=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 03 Sep 2021 06:31:17 GMT; Max-Age=31536000; Secure

GET
H2 200 icon-phone.png
subscriptions.news.com.au/latest/a/common/images/ 758 B
1 KB 62ms
55ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-phone.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67893f9fe3995a99d5cdf1296da71d57f8bf7186cf8cea81e22313f048abe412

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22386
etag: "b9f78eddd0b00da2c16d3e94eb52d937"
x-cache: Hit from cloudfront
x-amz-version-id: YyW84IaCqEuelWJ0MWOGgmum6k2Vo62L
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 758
x-amz-cf-id: GFzDqkNiYrgOwZ9HzAWsySQz5Fus-nMFfLTs3doYFCFIq-zKrZ5CPQ==

GET
H2 200 icon-error.png
subscriptions.news.com.au/latest/a/common/images/ 517 B
872 B 62ms
55ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-error.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 791f125adb9c6f01bab87026daf956b41ff8fbd3d33e44048f7ceaa3768e6009

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22386
etag: "04c8d1f9a388e83cac7736053c0be189"
x-cache: Hit from cloudfront
x-amz-version-id: NvBCrYxJjWlJY5XhjDA0MedIe8J.iEdP
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 517
x-amz-cf-id: bpllaedjFf-hta-Y3fV_N3CozFY-r4p5iJz37NbS-RtX2kO0tcGaJA==

GET
H2 200 did-you-know.png
subscriptions.news.com.au/latest/a/common/images/ 36 KB
36 KB 56ms
49ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/did-you-know.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e50994ce0b07664bc133f8c6663a5a54e851d6b9cdae218eef5f3dcf01cbdd53

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22386
etag: "1311dc4829db75aaa494bd3ca091c4b3"
x-cache: Hit from cloudfront
x-amz-version-id: 3eKJWZ0Rfsfg6m2uD_fOrJJ1I_0GRv5s
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 36400
x-amz-cf-id: MIcVcswJjLRfKtwPBqX5jejYe8gdWPJEfwzvZ2GHMfefcKdCW9wu_Q==

GET
H2 200 logo-white-dt.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 56ms
49ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-dt.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9efc0d466ce947838b31b9704464cdfcb0c62d689631fe987c3b4d04129ccb40

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22386
etag: "3473020eb79d0a6bf8589136aed5fdb5"
x-cache: Hit from cloudfront
x-amz-version-id: 4doHkTXgUdG7A4HE4HalHl60NR5jqQUx
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1588
x-amz-cf-id: HbDNMSNv33o6ZheH8nQgBE00470pZLLvLfdFCVrumob0xCqWk9uwTw==

GET
H2 200 logo-white-cm.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 61ms
54ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-cm.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e9d0602b6595d3ec4443e76a0c1af5747c3600160d429c0427730d10e6d72af

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22385
etag: "900218ec7d63fe234f5e0c5f5fe2c69f"
x-cache: Hit from cloudfront
x-amz-version-id: ezmj4d8PDqi4xV2yJkJMk75CfYxYVIGr
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1723
x-amz-cf-id: KQgczolsO_FQn_mVF1S64zJ5eSMSCNk3xYEfIG9JY49HPXdtAt5sMA==

GET
H2 200 logo-white-hs.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 62ms
55ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-hs.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99f2f90604e94f947df4602ad481fceda0b0694c8ef82a3253b606a46843805f

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22385
etag: "5af921862aa258b614dfa752475c31ee"
x-cache: Hit from cloudfront
x-amz-version-id: 8fu8fIh9B.45JjkUg3h.pA8NSKc0qNmZ
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1589
x-amz-cf-id: hz1ntZdq1IGy2iS8KQCQNH2duJfAqiZCNLCY30jFIrYz9bz78mkKCQ==

GET
H2 200 logo-white-aa.png
subscriptions.news.com.au/latest/a/common/images/ 1 KB
2 KB 63ms
56ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-aa.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d88fbced651c5e1d90cd83b3fa8e7e656ba06ab0ae4370c14d971b5c43c8d11

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22385
etag: "8c70f8beefbd3ffb925d0facc44ce532"
x-cache: Hit from cloudfront
x-amz-version-id: XvBU6sR..E1R8t_siCWIelseqTOq2S4v
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1476
x-amz-cf-id: G53nh68Y3RRZlXLC4aXXmLjnyhhi4y_FTcoctELGQVrO28DN-9rPFQ==

GET
H2 200 logo-white-cp.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 63ms
57ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-cp.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c63660722c0610de88e2426dd6098719cb3697a516f46ecf55f2779c2557597a

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "701d06d25ddad230c0a0ab3eb2670a5e"
x-cache: Hit from cloudfront
x-amz-version-id: 3q65tMRNBiMm4JKV7rvmJ5L5j0mdzDfT
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1643
x-amz-cf-id: 4HSf_FOkzFFF_ukXQjynZ903ghsFnWIkv4MA2fxuJzK0UEkN9HFspw==

GET
H2 200 logo-geelongadvertiser.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 62ms
55ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-geelongadvertiser.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5b97e4c32aef871602fd377e1097dcd411590a07e899db9d7abf8d76338cdde

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22385
etag: "748da161070397b93e672262ce97f5a1"
x-cache: Hit from cloudfront
x-amz-version-id: jH7YRfV8pU4Og1BPHacFmXd6PDAabRGF
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1563
x-amz-cf-id: 2qPjHAcTdxNF_3dbtUeVwnbhectMoPyp_M1ypu_Fj_WaKudsledsjA==

GET
H2 200 logo-white-nt.png
subscriptions.news.com.au/latest/a/common/images/ 1 KB
2 KB 62ms
56ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-nt.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae5572698a5d08167e0432c8ce4ccf6fca7916ea0ad796e947b8fa3d520663e2

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22385
etag: "d38d1e3fde2d06c9374cc6a26060c4ae"
x-cache: Hit from cloudfront
x-amz-version-id: jviu5E7svkFVhx3A3V273WeYEbzd0KHK
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1402
x-amz-cf-id: ijjHd0r1QGe4srNSmCJe42z8HcSfgm1RdMORhHEzMNJZ1vL02ul9DA==

GET
H2 200 logo-mercury.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 65ms
59ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-mercury.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbe47d35e470c59b404ad7abf6048ced3c7a941d6a19ae904fe423e9d8ed6f46

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22385
etag: "4747ac25f272c4d204a3f1f81e50954e"
x-cache: Hit from cloudfront
x-amz-version-id: qrUDQ0qLd4yjX2V89zk2wbMCBMeyPJtU
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1613
x-amz-cf-id: G0iHyvS6MR9_KP1I-SoKFKnub3fviBm0B11mjfE7zq9-CL_vCcnncQ==

GET
H2 200 logo-white-gcb.png
subscriptions.news.com.au/latest/a/common/images/ 1 KB
1 KB 62ms
56ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-gcb.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8b0cc239d456bcac305aa4462153ba23876bae16e94003cd3dc13ba724449bc

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22385
etag: "e99442316fa01cad61fda13fafc1465f"
x-cache: Hit from cloudfront
x-amz-version-id: lCqjJAhAUa612ZBpTUcrEYnwCMJrm.1h
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1109
x-amz-cf-id: PjqfLbtvFPfUSXlxiXvnxbqRgTDFSC--N-mFPuahVpyNWWaXHh1yyg==

GET
H2 200 logo-white-tb.png
subscriptions.news.com.au/latest/a/common/images/ 950 B
1 KB 65ms
60ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-tb.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44aced147172b0857f4dc31dfdc2833978efed8beefa71c4af07dcffd31b6005

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:13 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "2632aa390ac4ae24d4d57bd2db82bc26"
x-cache: Hit from cloudfront
x-amz-version-id: WqeFCNJAL9H3peDSZYjLZPfLA510omQ5
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 950
x-amz-cf-id: qYLQ1ZcvQPcm6FdW8bhX6hDp21zxfpiO0khhKQsG2F8zx7QbodPe6g==

GET
H2 200 weeklytimes.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 64ms
59ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/weeklytimes.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a24003f95d56ba84223ad3c68cdb8b982bc04dafdffef6010fb13492d302f3c

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "b60accba2d1fa828233b62f6d1cbc5f8"
x-cache: Hit from cloudfront
x-amz-version-id: VZPRaKbhrQt0dHO0Og1Vzd518ZaM0To0
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1549
x-amz-cf-id: YmF0BI4y8WY9oEyh9_CixvmtjTWcKRUfUEPCAz0Tj7_s4V_GhXqYLg==

GET
H2 200 logo-white-taus.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 64ms
59ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-taus.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f05457da67cefc39122d84c1a6d6fd562350ad4ddb35efb3d0db64d2e49b16cb

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22383
etag: "be2087e07a9f922cf5d2a79897c47a0b"
x-cache: Hit from cloudfront
x-amz-version-id: 38pU7AaIa5Y9dLlPCQ03mPsdQKMUfzZJ
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1815
x-amz-cf-id: B-kXmwoQJ0cp18oIggUnTXyu7ukcRdBoLCxbMFRSN2M7YVGE5qSsSA==

GET
H2 200 logo-supercoach-copy.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
2 KB 64ms
59ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-supercoach-copy.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54f6d2970d4ad8b7f22ccfa889293b29acf0edd2a21802aa481a9c9364d5b70e

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "2e22ebb9d7ce2c601d7f2c82c62aec0b"
x-cache: Hit from cloudfront
x-amz-version-id: HXj6F3.ONDkeDlVrtt3UNGM2NjV2zmjD
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1607
x-amz-cf-id: uA0c98r-McULNJ28PPaQ1HWd1W6e3pRBfKaZxgJVm8twnFPvdZn1cA==

GET
H2 200 logo-white-fs.png
subscriptions.news.com.au/latest/a/common/images/ 1 KB
1 KB 66ms
61ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/logo-white-fs.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa470cdbe83c5968a4f5832dda90934799759b7680d013a476eea5ef1712fbd4

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "29b101c5f53ab0a7b43b35e769ec1985"
x-cache: Hit from cloudfront
x-amz-version-id: JNMaM3klbgPMIp9OOyPEtSq49WGrvU2W
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1067
x-amz-cf-id: M2_inx48JExNxPrkC4e0sPskRJWrGBAmduV1OlBcTh81tF9FqKuGMA==

GET
H2 200 loading.gif
subscriptions.news.com.au/latest/a/common/images/ 6 KB
7 KB 61ms
56ms Image
image/gif 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/loading.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40a1e67dfd231122e56a56dc459d9b2ae9b13a60305764a216b1f2ec99532a6a

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "a89c20b87057a80be393a236a1dd18b9"
x-cache: Hit from cloudfront
x-amz-version-id: DplV6oxlNsSKTnZTXFcRFnYgxERkq3AM
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
content-length: 6651
x-amz-cf-id: QouD-L42Y_SZ6AcbIaTxvU-TElGJhg34Yjopfvu09h80ejIaB0Q2aA==

GET
H2 200 icon-timeout.png
subscriptions.news.com.au/latest/a/common/images/ 2 KB
3 KB 64ms
60ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-timeout.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71ee286347ef8df59a18fecb7ad98a405c951c965dd3feaaff6a05eec9997ae2

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "e6d8a48d022904956468066b94e64f99"
x-cache: Hit from cloudfront
x-amz-version-id: NgOxRqFzkAXIZoYvWtGZMF5b_EBc2lMU
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 2503
x-amz-cf-id: jBWAbB4wxLTVvOFXtKPYIFfjbnoiNQV8w_8LMa9EfhALi2gXOsebdg==

GET
H2 200 icon-error-grey.png
subscriptions.news.com.au/latest/a/common/images/ 1 KB
2 KB 61ms
56ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-error-grey.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9094c6391ef30ed52d0524c3e46cef45deea94f1b7b20aaefbc5d18b9281b67

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22384
etag: "7dbbd2c4d7104be6253889385b3f171e"
x-cache: Hit from cloudfront
x-amz-version-id: VQ7u8Wkm8syY7eVUppGJSgBibD8JnjHw
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1255
x-amz-cf-id: bmIhBD9wuZFD9V9N-OoqCMscKw1D4RgbBVJpCnFKMDrdDjC4ylRRqA==

GET
H2 200 loading-bw.gif
subscriptions.news.com.au/latest/a/common/images/ 6 KB
6 KB 58ms
54ms Image
image/gif 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/loading-bw.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d8daea900a16fb19a3f2b66f3e57dd34a49749934bb404691865b9e28ca1190

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22385
etag: "da944465736a84de12f51947b026c39d"
x-cache: Hit from cloudfront
x-amz-version-id: DLVcr55A5IKz76JmFpGb1T2yEmXvgHGm
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
content-length: 6081
x-amz-cf-id: QRuWJZloKliAuxtbutKDZOro5ylfroYC9AD8LpQSabn5K8TtC6CfHA==

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ 1 MB
232 KB 43ms
39ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

f70ad01b77c844be8f9b2f3312bc97c57e192e0b0feafcb03f788379b1f51e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1690167
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 237180
x-served-by: cache-lax8635-LAX, cache-hhn4024-HHN
last-modified: Fri, 14 Aug 2020 16:56:22 GMT
server: Apache
x-timer: S1599114678.529059,VS0,VE0
strict-transport-security: max-age=31557600
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 3, 33296

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 51ms
50ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=15991146775170.9698053990750475
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 69db8b2a48ae184507608101447b27c415dadec9f5c7265aec3c2633da5c6128

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
server: Apache
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 831
expires: Thu, 03 Sep 2020 06:31:17 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
898 B 51ms
50ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
server: Apache
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=15008
content-type: application/x-javascript
content-length: 666

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 61 B
358 B 88ms
87ms XHR
text/plain 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 12a174500222f25e802175d5cf739d6ed5aeb7ad9812cbfe18b97992d6692a89

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:17 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "f1d1adc077c1f1f826a151ee3db530bc:1594002579.72485"
status: 200
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-type: text/plain
content-length: 61
expires: Thu, 03 Sep 2020 06:31:17 GMT

GET
H2 200 utag.664.js Show response
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 3 KB
1 KB 58ms
57ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.664.js?utv=ut4.46.201912020329
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bc55f44e6ca90afdf4df5325f7021b77f8e89bb8fad03b59b4401ea02dba8057

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
last-modified: Mon, 02 Dec 2019 03:29:34 GMT
server: AkamaiNetStorage
etag: "df10ec5b4e740990997200fb193ad396:1575257374.710243"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1273
expires: Fri, 18 Sep 2020 06:31:17 GMT

GET
H2 200 utag.665.js Show response
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 3 KB
1 KB 57ms
57ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.665.js?utv=ut4.46.201912020329
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2661ea184dd0f138a8056dd760ed2883b1cc5b19bf8c21f3023082a19d74b3d

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
last-modified: Mon, 02 Dec 2019 03:29:32 GMT
server: AkamaiNetStorage
etag: "3b536677114eb4fedd7f3c1b085674a1:1575257372.638988"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1277
expires: Fri, 18 Sep 2020 06:31:17 GMT

GET
H2 200 robotocondensed-bold-webfont.woff2
subscriptions.news.com.au/media/fonts/Roboto/ 19 KB
20 KB 49ms
49ms Font
binary/octet-stream 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Roboto/robotocondensed-bold-webfont.woff2
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/Roboto/Roboto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b28168e2c953ea94b326fd9b995a5ca8f7625da9b69bd41808e7371d69f0c955

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://subscriptions.news.com.au/media/fonts/Roboto/Roboto.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 01:49:07 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
age: 16931
x-cache: Hit from cloudfront
status: 200
content-length: 19752
last-modified: Tue, 23 Jan 2018 23:29:52 GMT
server: AmazonS3
etag: "63c10d94c77870aa0ffcbba9ca7622dd"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: TGhddzvAXN_Hvt9EwC6ryo1F3K6yE2vs
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: rtz2Ihng41u0MgrWA_ILLwyr_Elq93vhOamqajgNL39ccj9M3S02_Q==

GET
H2 200 roboto-regular-webfont.woff2
subscriptions.news.com.au/media/fonts/Roboto/ 19 KB
20 KB 55ms
54ms Font
binary/octet-stream 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Roboto/roboto-regular-webfont.woff2
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/Roboto/Roboto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03b3308669f1e3f7d9318ec7cb4a23e2fc935bbabee3fff22cd92081a736d0eb

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://subscriptions.news.com.au/media/fonts/Roboto/Roboto.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 01:49:07 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
age: 16931
x-cache: Hit from cloudfront
status: 200
content-length: 19804
last-modified: Tue, 23 Jan 2018 23:29:56 GMT
server: AmazonS3
etag: "f48c935d8c1ee416ae9c3baeb6f62349"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: ChZoPr7mTEVa2NzMODznUQtZE5d_AFKM
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: uDQn-YYOwzcVnyw8b3_kjmQ56oPO_FujExqSFK2If0cdyqOtNOqXYQ==

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 173 KB
60 KB 61ms
61ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 38ea1ac9fd49ff712334df32aa5b7b7ff0e0c4f0eae531d66db3a710134fe146

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "f45997f8296b114b0eaf28e4e83e2f63:1597020711.631858"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=17337
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 76 KB
25 KB 54ms
53ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cf049ca68b7965ef6de1e966003a7ac176412394f9989f5198df15f8503fa16

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "6ed9a3eb994fa42c79e03a78aa68626c:1599094146.557419"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=65932
content-type: application/x-javascript
content-length: 24905

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 135ms
50ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

d781d9975c78e39fbb8c3b65f95587b8560621a1f458414201d95953661af70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "621 / 189 of 1000 / last-modified: 1599085232"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18719
x-xss-protection: 0
expires: Thu, 03 Sep 2020 06:31:17 GMT

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 21 KB
9 KB 50ms
49ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 728c49a2c9cae48f12242565437f2e0f7b3edffb1085ab28b28c03cb123561ae

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
server: Apache
etag: "9029e66e5e2f80ebe09189332c981f3c:1588290195"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=15023
content-type: application/x-javascript
content-length: 8633

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 124 KB
40 KB 150ms
48ms Script
text/javascript 99.86.2.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-32.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 716b170a37df0b3e60269439f97779ec22a0d0ee5ea18bc01c5dc6958dfb5eda

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 05:38:58 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sun, 02 Aug 2020 23:19:10 GMT
Server: AmazonS3
Age: 3140
ETag: "44281d8d84dc66dbff90f2725195e6f7"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: HFWuKTYsz8iyIVUMMIUOJWqgPHEmVQisntE4LpLxY1_5pzWUyV5ebQ==

GET
H2 200 utag.5.js Show response
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 1 KB
905 B 54ms
52ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.5.js?utv=ut4.46.201512010123
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 16af5171092c14e376cfda8ac1f39086f5f9b712cdae14eb7133555970a9e0d8

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2013 00:59:30 GMT
server: AkamaiNetStorage
etag: "5f8ceb21de71f6a7dcd60fd938b54e0a:1364864370"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 680
expires: Fri, 18 Sep 2020 06:31:17 GMT

GET
H2 200 utag.666.js Show response
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 2 KB
2 KB 54ms
53ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.666.js?utv=ut4.46.201912020329
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0c6d42d0979ec5bb886d140abc26adf460b8af819f11c728092344ebcf19598a

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
last-modified: Mon, 02 Dec 2019 03:29:33 GMT
server: AkamaiNetStorage
etag: "48b217223d48ec66f4c657326a7fb26c:1575257373.230336"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1316
expires: Fri, 18 Sep 2020 06:31:17 GMT

GET
H2 200 utag.673.js Show response
tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/ 2 KB
1 KB 60ms
59ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.673.js?utv=ut4.46.201911200450
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8d8017dcf0215335c597e2a4fb3b1d49aa74002d020078689b5c7f6dbf2fd5a7

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 04:50:26 GMT
server: AkamaiNetStorage
etag: "6de2c8775994bd52649030333c12458f:1574225426.28333"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 904
expires: Fri, 18 Sep 2020 06:31:17 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 95ms
95ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.heraldsun.com.au&source=checkoutjs&t=xo&v=4.0.317

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-labSALqJuE0+IS3/L+l6PldwTzl+q7/C/TSHwN8FgwI7BzFi' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline'; form-action 'self' https://.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-labSALqJuE0+IS3/L+l6PldwTzl+q7/C/TSHwN8FgwI7BzFi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"310f-FGviSVLWgsmjFEfYfieMcNrYi0M"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
date: Thu, 03 Sep 2020 06:31:17 GMT
paypal-debug-id: 2753441e6b08c
strict-transport-security: max-age=63072000
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 4456
x-xss-protection: 1; mode=block

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

11ms
10ms

Script
application/javascript

2600:9000:214f:aa00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 01:14:20 GMT
content-encoding: gzip
age: 19018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 04 May 2020 13:03:46 GMT
server: AmazonS3
etag: W/"485e22c0ad60bcb2677b2f8f9b011e61"
vary: Accept-Encoding
x-amz-version-id: Atg2BNoq_w9GuxA03gYewv2lTFbMKFkY
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: onRQ8oVXsRhBPNbQZAFpoYbzLOlR4uUFybClUjA2DJ-Uj9_rDpwyYA==

Redirect headers

date: Thu, 03 Sep 2020 06:31:17 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA53-C1
status: 301
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 150
x-amz-cf-id: OUXIJFNSCvd-zahocI-jNA6ArT69ej9zqBlt7A_YDEsgUCmQHUhZeQ==

GET
H2 200 ggcmb510.js Show response
seccdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 43ms
7ms Script
application/javascript 2600:9000:214f:aa00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:19:34 GMT
content-encoding: gzip
age: 704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 31 Aug 2020 13:41:33 GMT
server: AmazonS3
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
vary: Accept-Encoding
x-amz-version-id: n3q_bF37_FBlZH_XRzcQNsIp2iM_eW7C
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: khVUuCHwlVoHMx_Ij7NWagAi4YQ3cCJHMAGOYyYQxwR7e_d4T6kdew==

GET
H/1.1 200
OK chartbeat.js Show response
a248.e.akamai.net/chartbeat.download.akamai.com/102508/js/ 36 KB
14 KB 190ms
78ms Script
application/x-javascript 23.62.98.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a248.e.akamai.net/chartbeat.download.akamai.com/102508/js/chartbeat.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.5.js?utv=ut4.46.201512010123
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.62.98.32 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-62-98-32.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 06:31:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Apr 2020 01:13:44 GMT
Server: AkamaiNetStorage
ETag: "a770d044e339cc16e1385861faadb4f6:1587690824.651133"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14204

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 102 KB
25 KB 20ms
6ms Script
application/x-javascript 2a02:26f0:f1:298::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:298::268b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 398e4d36ca67dffc51bdeba0b450355bdc9452600e8d767f3f5c1d986f27d600

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 06:31:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Aug 2020 08:37:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24831
Expires: Thu, 03 Sep 2020 07:31:17 GMT

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 152ms
50ms Script
application/javascript 104.111.228.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.228.220 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-228-220.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash: 4353b5e1bb568c2005f7778cda77c52b1c2eb4c026ba698549780e0306b0532e

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
status: 200
last-modified: Tue, 19 May 2020 11:39:04 GMT
server: Microsoft-IIS/8.5
x-powered-by: ARR/2.5, ASP.NET
etag: "0bc219d22dd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=616
accept-ranges: bytes
content-length: 15807

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 65ms
64ms XHR
application/json 54.76.175.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=73094556434333104512172244330151369687&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1599114677723

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.175.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-175-152.eu-west-1.compute.amazonaws.com

Software

Resource Hash

612854d86f09747f3059ad7f6b3d1dbae0b29cf491cd0181d49eafb1220c8b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v079-0c97b071d.edge-irl1.demdex.com 5.77.1.20200812153735 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: pdHDQQVBQjg=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1500
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sp1.html
scdn.cxense.com/ Frame 7E48 0
0 6ms
6ms Document
text/html 2a02:26f0:f1:298::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/sp1.html
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:298::268b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: scdn.cxense.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

Server: Apache
Last-Modified: Wed, 29 Aug 2012 13:33:36 GMT
Accept-Ranges: bytes
Content-Length: 219
Cache-Control: max-age=864000
Expires: Sun, 13 Sep 2020 06:31:17 GMT
Date: Thu, 03 Sep 2020 06:31:17 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H2 200 ts
t.paypal.com/ 42 B
682 B 290ms
201ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1599114677770&g=-120&completeurl=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&ru=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
via: 1.1 varnish, 1.1 varnish
age: 0, 0, 0, 0
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status: 200
x-cache-hits: 0, 0
content-length: 42
x-served-by: cache-lhr7348-LHR, cache-hhn4058-HHN
pragma: no-cache
server: akka-http/10.1.11
x-timer: S1599114678.882552,VS0,VE160
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, no-transform
accept-ranges: bytes, bytes, bytes, bytes
expires: Thu, 03 Sep 2020 06:31:17 GMT

GET
H/1.1 200
OK Cookie set dest5.html
newscorpau.demdex.net/ Frame FF23 0
0 61ms
60ms Document
text/html 54.154.62.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.62.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-62-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=73118517374066549532174625032303807181; dextp=358-1-1599114675465|470-1-1599114675566|481-1-1599114675667|771-1-1599114675768|903-1-1599114675869|19566-1-1599114675969|23728-1-1599114676070|30432-1-1599114676171|30064-1-1599114676272|66757-1-1599114676372|144230-1-1599114676473|144231-1-1599114676574|144232-1-1599114676675
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 13 Aug 2020 10:45:06 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=73118517374066549532174625032303807181;Path=/;Domain=.demdex.net;Expires=Tue, 02-Mar-2021 06:31:17 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: Jbe+l7c6Q1c=
Content-Length: 2785
Connection: keep-alive

GET
H3-Q050 200 pubads_impl_2020083101.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 128ms
82ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

723c2c4708075116cb94201f366fd66584fdd47ee569d962cdb81616f5a70f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 31 Aug 2020 08:38:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94015
x-xss-protection: 0
expires: Thu, 03 Sep 2020 06:31:17 GMT

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 61 B
358 B 844ms
843ms XHR
text/plain 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 12a174500222f25e802175d5cf739d6ed5aeb7ad9812cbfe18b97992d6692a89

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:18 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "f1d1adc077c1f1f826a151ee3db530bc:1594002579.72485"
status: 200
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-type: text/plain
content-length: 61
expires: Thu, 03 Sep 2020 06:31:18 GMT

POST
H2 200 s68969974352459 Show response
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/ 43 B
1 KB 196ms
57ms XHR
image/gif 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/s68969974352459

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
x-content-type-options: nosniff
x-c: master-1346.I9098b4.M0-442
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 04 Sep 2020 06:31:18 GMT
server: jag
xserver: anedge-75d94f685-5hn88
etag: 3434072622367080448-4614227819950001110
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Wed, 02 Sep 2020 06:31:18 GMT

GET
H2 200 storageframe.html
secure-gl.imrworldwide.com/ Frame 5BA3 0
0 107ms
107ms Document
text/html 2600:9000:214f:4000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-gl.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

status: 200
content-type: text/html
vary: Accept-Encoding
date: Thu, 03 Sep 2020 06:31:17 GMT
server: nginx
last-modified: Fri, 28 Aug 2020 19:49:15 GMT
etag: W/"5f495fbb-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: mg2BAq7LdRATbPCmoNzgaNB4kDrLcqqsbiWC8fWBcsQ7WiKRiMIhZQ==

GET
H2 200 storageframe.html
secure-gl.imrworldwide.com/ Frame 76F1 0
0 104ms
104ms Document
text/html 2600:9000:214f:4000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-gl.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

status: 200
content-type: text/html
vary: Accept-Encoding
date: Thu, 03 Sep 2020 06:31:17 GMT
server: nginx
last-modified: Fri, 28 Aug 2020 19:49:15 GMT
etag: W/"5f495fbb-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: -5lK85Ye8I9LT0Kxh5qkgVssim2VjemXk5Fg7XtQAXNgtBvPH8yCew==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 403ms
135ms Image
image/gif 54.85.197.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%3A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&u=bqtggYEkaCCA99b&d=heraldsun.com.au&g=34257&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1263&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&v=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26nk%3Db66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&b=1665&t=B-YosxBheRsFUBDmSDCwTJnBNEOFy&V=120&i=Heraldsun.com.au%20%7C%20Subscribe%20to%20the%20Herald%20Sun%20for%20exclusive%20stories&tz=-120&sn=1&sv=Bx5dj0Dr1A0rB47TjlWywjOJekNH&sr=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.hera&sd=1&im=0e230630&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.197.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-197-32.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 03 Sep 2020 06:31:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2

200

/
www.google.de/pagead/1p-user-list/999005967/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999005967/?value=1.00&label=fBbQCIHUqQgQj76u3AM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/999005967/?value=1.00&label=fBbQCIHUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=2882119399
https://www.google.de/pagead/1p-user-list/999005967/?value=1.00&label=fBbQCIHUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=2882119399&ipr=y

42 B
153 B

20ms
19ms

Image
image/gif

2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/999005967/?value=1.00&label=fBbQCIHUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=2882119399&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/999005967/?value=1.00&label=fBbQCIHUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=2882119399&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/999005967/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999005967/?value=1.00&label=NB48CPnUqQgQj76u3AM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/999005967/?value=1.00&label=NB48CPnUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=53905552
https://www.google.de/pagead/1p-user-list/999005967/?value=1.00&label=NB48CPnUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=53905552&ipr=y

42 B
107 B

21ms
20ms

Image
image/gif

2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/999005967/?value=1.00&label=NB48CPnUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=53905552&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/999005967/?value=1.00&label=NB48CPnUqQgQj76u3AM&guid=ON&script=0&is_vtc=1&random=53905552&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 15 KB
1 KB 135ms
45ms XHR
application/octet-stream 104.111.228.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.228.220 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-228-220.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: a0e385deb57633b18f216145a994e928f44759845534a6676ca1d4c77c0991f8

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: DOS_Rl.vCxXo.gmOu7RjtFUtp8Rq8sBt
content-encoding: gzip
etag: "6611cc1481623ed67be59055be5c8c8b"
x-amz-request-id: 8932DC9E2A017381
status: 200
x-amz-replication-status: COMPLETED
content-length: 1050
x-amz-id-2: +H4idDJf8QGfRG0JhZOEStdpPh5QlAJS9lZQqtxsFYcSCDm4n2BzEcZgX9pMjEhkVz9sJy7anAA=
last-modified: Tue, 04 Aug 2020 07:57:03 GMT
server: ATS/7.1.0
date: Thu, 03 Sep 2020 06:31:18 GMT
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=318
accept-ranges: bytes

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 118 B
689 B 193ms
52ms Script
text/javascript 178.63.12.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22kemfla7zirzi1lxf%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22nv6hyjsmp1wic533fnwg03ri%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22nv6hyjsmp1wic533fnwg03ri%22%7D%5D%2C%22siteId%22%3A%221141858842073183450%22%2C%22location%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B%22%7D&callback=cXJsonpCBkemfladuibthp0mh

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

de715.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

9e459c472ff269270604573939d325a81d430545b0c724f2be7ca1e621820655

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:18 GMT
X-Content-Type-Options: nosniff
Server: Jetty(9.4.28.v20200408)
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/javascript;charset=utf-8
Content-Length: 118
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677971&ci=newscorp&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.co...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677971&ci=newscorp&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.co...

44 B
491 B

110ms
110ms

Image
image/gif

2600:9000:214f:4000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677971&ci=newscorp&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&rp=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26nk%3Db66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&sr=1600x1200&id=lstrg-0078ea5d4145d003b3cb725a2ed933da&tz=2&ja=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:18 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: orvq2R_so4a2-I5AYMEg1q8iyJE2M38oEwL60Tc-kPJknwl-fqdjBg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:18 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
status: 302
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677971&ci=newscorp&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&rp=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26nk%3Db66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&sr=1600x1200&id=lstrg-0078ea5d4145d003b3cb725a2ed933da&tz=2&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: MDgEFErrHa0kKOj7MyudOu5y_waUDbj-4UnJ4AN4ygCqxrbfxMPcFQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677972&ci=news-mobile&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677972&ci=news-mobile&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun...

44 B
493 B

109ms
109ms

Image
image/gif

2600:9000:214f:4000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677972&ci=news-mobile&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&rp=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26nk%3Db66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&sr=1600x1200&id=lstrg-0078ea5d4145d003b3cb725a2ed933da&tz=2&ja=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:18 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: fPNoITz-gWoPN8dl9W3FfjGqlV5m1RXlWQPj0O6yMgqnWUdd3jx9lw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:18 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
status: 302
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1599114677972&ci=news-mobile&js=1&cg=0&ts=pubads_impl_2020083101.js?21067355&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&rp=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26nk%3Db66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&sr=1600x1200&id=lstrg-0078ea5d4145d003b3cb725a2ed933da&tz=2&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: YBZ4EHQZQA2oVaUB44MXfBuynqmlW7ITZwMMY57CxJGIcdr180piLA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 20 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34871262a47d71019e670cfde72720937d8dbdea98e63bf429048014610cf4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:22:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8226
x-xss-protection: 0
server: cafe
etag: 7701072184570892396
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Sep 2020 07:22:58 GMT

GET
H2 200 s67581597044208
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/ 43 B
780 B 59ms
58ms Image
image/gif 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/s67581597044208?AQB=1&ndh=1&pf=1&t=3%2F8%2F2020%208%3A31%3A17%204%20-120&mid=73094556434333104512172244330151369687&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7C%7C%7Cheraldsun.com.au%20%7C%20subscribe%20to%20the%20herald%20sun%20for%20exclusive%20stories&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a9&cc=AUD&events=event8%2Cevent19&v1=news%20corp%20au&v2=herald%20sun&v3=herald%20sun%20web&v10=D%3DpageName&v11=D%3Dvid&v14=anonymous&v22=4%3A31%20PM%7CThursday&v24=New&v34=D%3Dg&v77=D%3Dmid&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=30c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
x-content-type-options: nosniff
x-c: master-1346.I9098b4.M0-442
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 04 Sep 2020 06:31:18 GMT
server: jag
xserver: anedge-75d94f685-rjrfv
etag: 3434072622367080448-4614403660206064186
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 02 Sep 2020 06:31:18 GMT

GET
H2 200 s68373217960891
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/ 43 B
778 B 61ms
59ms Image
image/gif 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/s68373217960891?AQB=1&ndh=1&pf=1&t=3%2F8%2F2020%208%3A31%3A17%204%20-120&mid=73094556434333104512172244330151369687&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7C%7C%7Cheraldsun.com.au%20%7C%20subscribe%20to%20the%20herald%20sun%20for%20exclusive%20stories&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a9&cc=AUD&events=event8%2Cevent3&v1=news%20corp%20au&v2=herald%20sun&v3=herald%20sun%20web&v10=D%3DpageName&v11=D%3Dvid&v14=anonymous&c21=D%3Dv21&v21=hs-casual-premium-breach-spc-97-b&v22=4%3A31%20PM%7CThursday&v24=New&v34=D%3Dg&v77=D%3Dmid&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=30c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:17 GMT
x-content-type-options: nosniff
x-c: master-1346.I9098b4.M0-442
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 04 Sep 2020 06:31:18 GMT
server: jag
xserver: anedge-75d94f685-hkq9h
etag: 3434072622367080448-4614332520514427041
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 02 Sep 2020 06:31:18 GMT

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 17 KB
5 KB 263ms
66ms Script
text/html 82.199.68.72
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=3584246349394444120&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B$$&activityValues=$$Session%3D3614870878597862755$$&ns=0&rnd=2158297530886466&referrer=$$https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674$$
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 82.199.68.72 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d3ec9a6d35fdd044ed48be764aface7e9237c575a6aa78dc7bcc99fe70286e0f

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:17 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Length: 3879
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 109 B
890 B 38ms
14ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 316 B
526 B 74ms
74ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=543785113506689&correlator=3841631019356412&output=ldjh&impl=fifs&hxva=1&scor=2752244185528373&eid=21067355%2C21067361%2C21066995%2C21067273&vrg=2020083101&co=1&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200903&iu_parts=5129&enc_prev_ius=%2F0%2F&prev_iu_szs=1x1&ists=1&prev_scp=pos%3D1&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26ksgmnt%3D%26siteview%3D1%26adl%3Dfalse%26pvid%3D00000000000000000000000000000000-00000000000000000000000000000000-1599114677633-573899&bc=31&abxe=1&lmt=1599114678&dt=1599114678189&dlt=1599114676759&idt=1255&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=14334197&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26nk%3Db66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&dssz=40&icsg=168&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1262&msz=1x1&ga_vid=66715423.1599114678&ga_sid=1599114678&ga_hid=118896905&fws=132&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

0a129b1c4cde48434a4e593247287610ec4bdf8653cfe29222902e6fc9753fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2578e8765f2ddeef543b49512dd55274.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2578e8765f2ddeef543b49512dd55274.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 6ms
6ms Script
application/javascript 2600:9000:214f:aa00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: __18ln110DzIeDzBUZGawAoUEY8dO7wW
content-encoding: gzip
etag: "931051f801612c3a0e2782961ac3d56c"
age: 3459
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 31 Aug 2020 13:41:33 GMT
server: AmazonS3
date: Thu, 03 Sep 2020 05:33:40 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: rYYeok0pXed73Ce7DmcWarjXVJ5o2m925o0QRmu9XYF-ac4D6zm0mQ==

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 31 KB
7 KB 9ms
9ms Script
application/javascript 2600:9000:214f:aa00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c4a60019a5cf45209624cdbccdc185cd9a886fcdf3c559611e8285c7ad25397

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: CKUjsoPJJ83SxerE9PtTMoAw1un8ynkb
content-encoding: gzip
etag: "7fcf5643fec6e09485f114c668700095"
age: 2779
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Wed, 02 Sep 2020 09:17:55 GMT
server: AmazonS3
date: Thu, 03 Sep 2020 05:45:00 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 3MZJqhrp6BLOScETC2IWluQvtC-t_vRtYyPdL6ztha-n-NNHUS9-wQ==

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 170 KB
49 KB 8ms
7ms Script
application/javascript 2600:9000:214f:aa00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e06775da56ca92d7943167883c849bf3e18425f19a316c54531554254a3ef753

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 5mhKBMVfyDG3meutjv0cTLS334SVXJnL
content-encoding: gzip
etag: "7091e9f855e2e7130746427316d51284"
age: 3462
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 31 Aug 2020 13:41:33 GMT
server: AmazonS3
date: Thu, 03 Sep 2020 05:33:37 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: JbtO5dn2kIY9iRrApzve2IFSiDIiEti_aoJDRiCscfG_TVmqM1_zVg==

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame E60E 0
0 6ms
6ms Document
text/html 2600:9000:214f:aa00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCVER=v1; IMRID=12e4ddb1-edaf-11ea-a398-478e85a750d4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

status: 200
content-type: text/html
date: Thu, 03 Sep 2020 05:33:39 GMT
last-modified: Mon, 31 Aug 2020 13:41:32 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
x-amz-version-id: 8SzOU0T3jq5fDilujOsIQHDXhBBCvnxx
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: R5R5TQkenio0BLPaf7kxk24DvInUu3Ez3c0WkuQiC3adIW68Xu4BJQ==
age: 3460

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
26ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020083101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c58d337dc047789e4b04840914f46abadd149e5fe1fedf90e6adb9f18b43037b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6495
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 40ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020083101.js?21067355

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Thu, 03 Sep 2020 06:31:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 955E 88 KB
35 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-994679518

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c441f52d55b58a405db5e72787b15de6a7702c20718792eb4882d8cbfc6760f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35626
x-xss-protection: 0
last-modified: Thu, 03 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Sep 2020 06:31:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 8BC5 88 KB
35 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930683048

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0cd33b2c0944c7ec47751b2fbce568651853f710a5d7c834916f51d7241fd6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35625
x-xss-protection: 0
last-modified: Thu, 03 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Sep 2020 06:31:18 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 0805 5 KB
2 KB 193ms
89ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: gzip
age: 32345
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4053-HHN
last-modified: Mon, 10 Aug 2020 18:10:59 GMT
x-timer: S1599114678.489448,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame E1ED 3 KB
2 KB 30ms
9ms Script
application/x-javascript 2a02:26f0:10c:48b::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:48b::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 06:31:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=24175
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame FFB8 88 KB
35 KB 42ms
28ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c9a5ba986d073619525d5a14d7ad742121f39349845ec498700f6f614d048a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35626
x-xss-protection: 0
last-modified: Thu, 03 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Sep 2020 06:31:18 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame D572 88 KB
35 KB 36ms
27ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c9a5ba986d073619525d5a14d7ad742121f39349845ec498700f6f614d048a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35626
x-xss-protection: 0
last-modified: Thu, 03 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Sep 2020 06:31:18 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 8B81 4 KB
2 KB 184ms
87ms Script
application/x-javascript 143.204.206.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.206.235 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-206-235.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 16:48:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Aug 2020 16:44:58 GMT
Server: AmazonS3
Age: 49373
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: Dl021iNfZ4bFeHLoQG494Ux4V1mW07nXiWGw5XkQJKurOr8evEXEsA==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame C833 7 KB
3 KB 179ms
82ms Script
application/javascript 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 06:31:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
ETag: "5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 2601
Expires: Fri, 04 Sep 2020 06:31:20 GMT

GET
H2 200 beacon_call.js Show response
r.turn.com/server/ Frame 4247 2 KB
1 KB 268ms
87ms Script
text/javascript 46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to

Full URL: https://r.turn.com/server/beacon_call.js?b2=FZy510x9O42V4aG00mjSfmrJ6Am37gfKhClmr5LxVVqshx9n3v_NQ7FLoMambGCRBZ6uqhatUQk8UWSANt7hkg
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 84afd57608146b2e4ac725c887465bfde69fefc6b7f7fcef7338203eec83aace

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
status: 200
cache-control: public, max-age=172800, must-revalidate
content-type: text/javascript;charset=UTF-8
expires: Sat, 05 Sep 2020 06:31:18 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 00D5 15 KB
6 KB 60ms
27ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 03 Sep 2020 06:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1388
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
content-length: 5573
x-amz-id-2: ZR05nFBZAeAbMk4uNyCSG1MBdaQ5wIO3YYJDhVkebY+Yvde8NOtJQfCw1Gf+F2j4SwfesTTJBO4=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 16 Sep 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 11 Aug 2020 09:21:22 GMT
server: ATS
etag: "4af30fdfb3f25202fae672877237b12e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 1808728ACD73FCD3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: v0T4VwTcSKojm0k.rRPUA2jezlg4p0ZC
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame ABBB 15 KB
5 KB 59ms
29ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 03 Sep 2020 06:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1388
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
content-length: 5573
x-amz-id-2: ZR05nFBZAeAbMk4uNyCSG1MBdaQ5wIO3YYJDhVkebY+Yvde8NOtJQfCw1Gf+F2j4SwfesTTJBO4=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 16 Sep 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 11 Aug 2020 09:21:22 GMT
server: ATS
etag: "4af30fdfb3f25202fae672877237b12e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 1808728ACD73FCD3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: v0T4VwTcSKojm0k.rRPUA2jezlg4p0ZC
accept-ranges: bytes
content-type: application/javascript

GET
H3-Q050

200

activityi;dc_pre=CJu2hLOuzOsCFZX7dwodx1UBeQ;src=8228261;type=invmedia;cat=newsc006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8349476942983.341
8228261.fls.doubleclick.net/ Frame 2BD2
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8349476942983.341?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJu2hLOuzOsCFZX7dwodx1UBeQ;src=8228261;type=invmedia;cat=newsc006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=834947694298...

0
0

119ms
67ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CJu2hLOuzOsCFZX7dwodx1UBeQ;src=8228261;type=invmedia;cat=newsc006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8349476942983.341?

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJu2hLOuzOsCFZX7dwodx1UBeQ;src=8228261;type=invmedia;cat=newsc006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8349476942983.341?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnLrki2UUhwXr6nIFmLdk_yEP1HLpRI9kjcp1dlBWsiBLlTOPyZ127sTtPk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 03 Sep 2020 06:31:18 GMT
expires: Thu, 03 Sep 2020 06:31:18 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 330
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 03 Sep 2020 06:31:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJu2hLOuzOsCFZX7dwodx1UBeQ;src=8228261;type=invmedia;cat=newsc006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8349476942983.341?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

activityi;dc_pre=CPS2hLOuzOsCFUmGdwodvmEHMA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1853303183657.7861
8228261.fls.doubleclick.net/ Frame 12AB
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1853303183657.7861?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPS2hLOuzOsCFUmGdwodvmEHMA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=185330318365...

0
0

190ms
104ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CPS2hLOuzOsCFUmGdwodvmEHMA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1853303183657.7861?

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPS2hLOuzOsCFUmGdwodvmEHMA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1853303183657.7861?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnLrki2UUhwXr6nIFmLdk_yEP1HLpRI9kjcp1dlBWsiBLlTOPyZ127sTtPk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 03 Sep 2020 06:31:18 GMT
expires: Thu, 03 Sep 2020 06:31:18 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 330
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 03 Sep 2020 06:31:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPS2hLOuzOsCFUmGdwodvmEHMA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1853303183657.7861?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 417A 26 KB
8 KB 90ms
82ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref: Ref A: 9714F29B95F54EFE8CED1BD263BBD303 Ref B: FRAEDGE1309 Ref C: 2020-09-03T06:31:18Z
status: 200
etag: "0e0bdafab5bd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8022

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 7FCF 29 KB
11 KB 54ms
51ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

fd63d6a5ec44215e50612d8bea8eff0a12f5d4981ab6745db8d8479f7c102845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11416
x-xss-protection: 0
server: cafe
etag: 7270336119834106254
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Sep 2020 06:31:18 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame D89B 29 KB
11 KB 74ms
73ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

fd63d6a5ec44215e50612d8bea8eff0a12f5d4981ab6745db8d8479f7c102845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11416
x-xss-protection: 0
server: cafe
etag: 7270336119834106254
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Sep 2020 06:31:18 GMT

GET
H2 200 beacon
r.turn.com/r/ Frame B73A 43 B
426 B 96ms
75ms Image
image/gif 46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=p6XQ5Fc0adnznNpXL-pWH4UvNVDMRPMx8zrBFX6RFzv3Fa5NQOlD9S8IcQQSxWc9vEVgdRInyjPO9fW63tV3cg&cid=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:18 GMT
server: Apache-Coyote/1.1
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
status: 200
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43

GET
H2 200 beacon
r.turn.com/r/ Frame F509 43 B
426 B 96ms
76ms Image
image/gif 46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=YaJZyruTXtuOs2Zmj4LResGU5dxqPcSukoaiJ5IEES73Fa5NQOlD9S8IcQQSxWc9nzbZgxYJbBF0Zbp7Nc7AFQ&cid=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:18 GMT
server: Apache-Coyote/1.1
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
status: 200
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame 79C6 43 B
389 B 443ms
306ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_804376&src.rand=[timestamp]&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 1ED7
Redirect Chain

https://secure.adnxs.com/px?id=1171455&seg=19476740&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171455%26seg%3D19476740%26t%3D2

43 B
1 KB

95ms
94ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171455%26seg%3D19476740%26t%3D2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.113:80
AN-X-Request-Uuid: 52ebc194-aa41-4bc1-8ba2-570c37345d37
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.143:80
AN-X-Request-Uuid: 2c8be830-2c43-459d-be2f-8f27cf8214d5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171455%26seg%3D19476740%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame ABA7 43 B
390 B 441ms
306ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_804370&src.rand=[timestamp]&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 2860
Redirect Chain

https://secure.adnxs.com/px?id=1171454&seg=19476739&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171454%26seg%3D19476739%26t%3D2

43 B
1 KB

46ms
46ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171454%26seg%3D19476739%26t%3D2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.238:80
AN-X-Request-Uuid: 59124d2a-89c9-4405-b943-998708f2118c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.147:80
AN-X-Request-Uuid: 06816aac-1869-424d-955c-76abc787624f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1171454%26seg%3D19476739%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 2AD3 43 B
886 B 258ms
68ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10041060&js=no&url=heraldsunsitevisitors020419

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 03 Sep 2020 06:31:19 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 3F63 43 B
886 B 260ms
70ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10041060&js=no&url=heraldsunshopfrontpage020419

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 03 Sep 2020 06:31:19 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame 58E8 43 B
609 B 431ms
300ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 4260
Redirect Chain

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

43 B
1 KB

94ms
93ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.244:80
AN-X-Request-Uuid: 09723d18-3897-4ad0-ad3c-22d1a4a07116
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid: 61354360-f88e-4090-9906-cbbedf56d0a4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame FE3D 43 B
391 B 340ms
303ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_136943&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ 43 B
390 B 340ms
303ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_692212&src.rand=[timestamp]&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ 43 B
391 B 327ms
327ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_691911&src.rand=[timestamp]&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
952 B 132ms
45ms Image
application/javascript 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid: d46341a3-f294-4192-bc93-9c08512c4e45
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
951 B 134ms
48ms Image
application/javascript 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1049969&seg=15374299&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.57:80
AN-X-Request-Uuid: 5d3b6d2a-dcc6-4816-99c8-f15d2cc6ac94
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
886 B 96ms
96ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10041060&js=no&url=%20lpheraldsunconv1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 03 Sep 2020 06:31:19 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 43 B
968 B 47ms
44ms Image
image/gif 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=799441&seg=7424754&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid: d8c7a7ac-76d3-47ac-af79-435230dce850
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 0
1 KB 56ms
56ms Image
application/javascript 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=7575078&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Sep 2020 06:31:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.228:80
AN-X-Request-Uuid: 906087e9-2078-4f8d-8919-444fe1b652ee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 beacon
r.turn.com/r/ Frame 4247 43 B
426 B 54ms
53ms Image
image/gif 46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?&b2=FZy510x9O42V4aG00mjSfmrJ6Am37gfKhClmr5LxVVqshx9n3v_NQ7FLoMambGCRBZ6uqhatUQk8UWSANt7hkg&jsb=1&cid=&rnd=0.7276098992502238
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
server: Apache-Coyote/1.1
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
status: 200
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 7FCF 3 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1599114679188&cv=9&fst=1599114679188&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8348883788db7a1ff7cf758548f044d104edfbc7eb1cb87f11c5e42b8787211a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/ Frame D89B 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/?random=1599114679192&cv=9&fst=1599114679192&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e55b702f08e9d2de810d4665c56e95e1e794b214eab5fd0e7a9cda8bfc72863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1168
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 0A01 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-length: 11302
date: Thu, 03 Sep 2020 06:03:24 GMT
expires: Fri, 03 Sep 2021 06:03:24 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1675
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

collect
px.ads.linkedin.com/ Frame E1ED
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun....
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fsubscribe%252Fnews%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun....

0
58 B

181ms
181ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&time=1599114679203&liSync=true
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: Q6PHKFQyMRaw7u3IQysAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: cO3HI1QyMRbg2LAKLisAAA==
pragma: no-cache
x-li-pop: afd-prod-eda6
x-msedge-ref: Ref A: 262CCD0CD3A249468479AFC3A98A1BA2 Ref B: FRAEDGE1406 Ref C: 2020-09-03T06:31:19Z
x-frame-options: sameorigin
date: Thu, 03 Sep 2020 06:31:19 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&time=1599114679203&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 10041060.json Show response
s.yimg.com/wi/config/ Frame 00D5 2 B
145 B 1074ms
1016ms XHR
application/json 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10041060.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: A04C5776156B4BCC
x-amz-id-2: 8B8C8J3Ug0y5FHcEsLtkPcl3FwAUAZ15sK90Vye8yun/otfXbfGy80gcH3Tq+kVgABCWNkFcd8E=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 10041060.json Show response
s.yimg.com/wi/config/ Frame ABBB 2 B
494 B 1071ms
1015ms XHR
application/json 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10041060.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 156A9B668575FAFA
x-amz-id-2: t8NkOXB06LK1mDUCuL4sTfVvieA0RB5ifrDpEvk5HeFXYOX6LkRNyZiDiSudnHwxEFr7jrTTIfM=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame C833 42 B
353 B 49ms
49ms Image
image/gif 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1599114679215&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&st=1599114679214&et=1599114679215&if=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 06:31:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 10.2.80.148:80
Content-Length: 42
Content-Type: image/gif

GET
H2 204 0
bat.bing.com/action/ Frame 417A 0
214 B 44ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5695672&Ver=2&mid=f79bd8be-5b4d-157d-9389-3d68385b34f7&sid=d6e3ab05d10b815c22cb618796c17f09&vid=fb6ce919c6ac2d0e2a35e350f1fb40cc&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&lt=1&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=382390
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 8C1D5C3DCBC441CE882EF32F20D6BAE4 Ref B: FRAEDGE1309 Ref C: 2020-09-03T06:31:19Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 955E 29 KB
11 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-994679518

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Sep 2020 06:31:19 GMT

GET
H2 200 adsct
t.co/i/ Frame 0805 43 B
448 B 273ms
170ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 121
pragma: no-cache
last-modified: Thu, 03 Sep 2020 06:31:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 0f88bc67c9a8455561c9fbbeb3feeaf8
x-transaction: 00b58b4c00e12884
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 8BC5 29 KB
11 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930683048

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Sep 2020 06:31:19 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame D572 29 KB
11 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Sep 2020 06:31:19 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame FFB8 29 KB
11 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Sep 2020 06:31:19 GMT

GET
H2 200 pack-digital.png
myaccount.news.com.au/bizopsimages/offersets/images/heraldsun/ 3 KB
3 KB 245ms
71ms Image
image/png 104.111.229.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.news.com.au/bizopsimages/offersets/images/heraldsun/pack-digital.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.57 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-229-57.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash: a94add869e61391e7d6c90ed727db73fe988a3447bcf07190eedfa8604a9e048

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
last-modified: Wed, 26 Aug 2020 06:04:43 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
etag: "a8f-5adc1988994c0"
vary: User-Agent
content-type: image/png
status: 200
cache-control: max-age=860251
accept-ranges: bytes
ssl: yes
content-length: 2703
expires: Sun, 13 Sep 2020 05:28:50 GMT

GET
H2 200 icon-digital.png
myaccount.news.com.au/bizopsimages/offersets/images/heraldsun/ 3 KB
3 KB 206ms
62ms Image
image/png 104.111.229.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.news.com.au/bizopsimages/offersets/images/heraldsun/icon-digital.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.57 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-229-57.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash: 1cc89490e949706007a7e3710514529f1caf07fc8c3bdb1236f0cb53a5b90db4

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
last-modified: Wed, 26 Aug 2020 06:04:43 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
etag: "b95-5adc1988994c0"
vary: User-Agent
content-type: image/png
status: 200
cache-control: max-age=977752
accept-ranges: bytes
ssl: yes
content-length: 2965
expires: Mon, 14 Sep 2020 14:07:11 GMT

GET
H2 200 icon-weekend.png
myaccount.news.com.au/bizopsimages/offersets/images/heraldsun/ 5 KB
6 KB 219ms
76ms Image
image/png 104.111.229.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.news.com.au/bizopsimages/offersets/images/heraldsun/icon-weekend.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.57 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-229-57.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash: 04b840d4b4b61b8153da257250e0b14e67a246ade4b61211c0a5cf44293eaa62

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
last-modified: Wed, 26 Aug 2020 06:04:43 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
etag: "1547-5adc1988994c0"
vary: User-Agent
content-type: image/png
status: 200
cache-control: max-age=719455
accept-ranges: bytes
ssl: yes
content-length: 5447
expires: Fri, 11 Sep 2020 14:22:14 GMT

GET
H2 200 icon-7day.png
myaccount.news.com.au/bizopsimages/offersets/images/dailytelegraph/ 7 KB
7 KB 216ms
73ms Image
image/png 104.111.229.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.news.com.au/bizopsimages/offersets/images/dailytelegraph/icon-7day.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.57 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-229-57.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash: 4800ba001476d432248917ff1c8511b203eee5d13bdbf984c0ac053fefd69e3a

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
last-modified: Wed, 26 Aug 2020 06:04:42 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
etag: "1c15-5adc1987a5280"
vary: User-Agent
content-type: image/png
status: 200
cache-control: max-age=1113309
accept-ranges: bytes
ssl: yes
content-length: 7189
expires: Wed, 16 Sep 2020 03:46:28 GMT

GET
H2 200 localnews
s7ap1.scene7.com/is/image/TargetNewsCorpAU/ 1 KB
1 KB 84ms
37ms Image
image/png 2a02:26f0:10c:481::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7ap1.scene7.com/is/image/TargetNewsCorpAU/localnews?tm=1598831546527&fit=constrain&hei=50&wid=36&fmt=png-alpha
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:481::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Unknown /
Resource Hash: e47aaaeb929a153118a0ba33ee195bf1d4a7d92f1bc8553e9e8dc8410071328f

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
last-modified: Sun, 30 Aug 2020 23:52:35 GMT
server: Unknown
etag: "99622284540afb25c1593e1a9e05d7f8"
status: 200
content-type: image/png
access-control-allow-origin: *
content-length: 1240
expires: Thu, 03 Sep 2020 12:02:25 GMT

GET
H2 200 expert_journalism-1
s7ap1.scene7.com/is/image/TargetNewsCorpAU/ 892 B
1 KB 81ms
35ms Image
image/png 2a02:26f0:10c:481::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7ap1.scene7.com/is/image/TargetNewsCorpAU/expert_journalism-1?tm=1584587450595&fit=constrain&hei=48&wid=52&fmt=png-alpha
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:481::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Unknown /
Resource Hash: 6a49812544f6b69fe09cdbbe8cf4c87cc825bb0faccd75d5ba37b8b379edfefa

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
last-modified: Tue, 21 Apr 2020 22:02:47 GMT
server: Unknown
etag: "b44ba70579ab160107c5072aa7ba643d"
status: 200
content-type: image/png
access-control-allow-origin: *
content-length: 892
expires: Thu, 03 Sep 2020 16:20:04 GMT

GET
H2 200 breaking_news
s7ap1.scene7.com/is/image/TargetNewsCorpAU/ 620 B
783 B 253ms
207ms Image
image/png 2a02:26f0:10c:481::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7ap1.scene7.com/is/image/TargetNewsCorpAU/breaking_news?tm=1584587398095&fit=constrain&hei=23&wid=23&fmt=png-alpha
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:481::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Unknown /
Resource Hash: 38b7bfd097c33dd3cda3958386e6f92fa4e9cde064f6fb13d1b7db9f55e6ffd3

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
last-modified: Tue, 21 Apr 2020 22:02:47 GMT
server: Unknown
etag: "76790d35ab4419f7d1edba73a640929c"
status: 200
content-type: image/png
access-control-allow-origin: *
content-length: 620
expires: Thu, 03 Sep 2020 16:31:19 GMT

GET
H2 200 true_crime
s7ap1.scene7.com/is/image/TargetNewsCorpAU/ 574 B
738 B 82ms
36ms Image
image/png 2a02:26f0:10c:481::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7ap1.scene7.com/is/image/TargetNewsCorpAU/true_crime?tm=1584587437288&fit=constrain&hei=23&wid=23&fmt=png-alpha
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:481::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Unknown /
Resource Hash: e7a1f8b52b70a6bba94cc908884c2da7048aae8e34053d122261853a20bbf879

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
last-modified: Tue, 21 Apr 2020 22:02:47 GMT
server: Unknown
etag: "19053b8a88f864d0b14efe787cbb779b"
status: 200
content-type: image/png
access-control-allow-origin: *
content-length: 574
expires: Thu, 03 Sep 2020 14:52:33 GMT

GET
H2 200 sports
s7ap1.scene7.com/is/image/TargetNewsCorpAU/ 1 KB
2 KB 237ms
236ms Image
image/png 2a02:26f0:10c:481::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7ap1.scene7.com/is/image/TargetNewsCorpAU/sports?tm=1596420365964&fit=constrain&hei=48&wid=48&fmt=png-alpha
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:481::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Unknown /
Resource Hash: 0af6e98f97eb9df21b10f998356951310328277337080ca1084fe70f56bd1114

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
last-modified: Mon, 03 Aug 2020 02:06:13 GMT
server: Unknown
etag: "7b68cdf7fa64e47985dd5d9765189327"
status: 200
content-type: image/png
access-control-allow-origin: *
content-length: 1384
expires: Thu, 03 Sep 2020 16:34:26 GMT

GET
H2 200 entertainment
s7ap1.scene7.com/is/image/TargetNewsCorpAU/ 987 B
1 KB 32ms
32ms Image
image/png 2a02:26f0:10c:481::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7ap1.scene7.com/is/image/TargetNewsCorpAU/entertainment?tm=1596420384309&fit=constrain&hei=50&wid=52&fmt=png-alpha
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:481::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Unknown /
Resource Hash: d350370d842adbd0ef681696c84783285586f4828d743029810452684eae634e

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
last-modified: Mon, 03 Aug 2020 02:06:31 GMT
server: Unknown
etag: "1f315920abf316d26a2320fa78060f7a"
status: 200
content-type: image/png
access-control-allow-origin: *
content-length: 987
expires: Thu, 03 Sep 2020 07:54:55 GMT

GET
H2 200 hero-offer-background.jpg
myaccount.news.com.au/bizopsimages/offersets/images/heraldsun/ 159 KB
160 KB 143ms
50ms Image
image/jpeg 104.111.229.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.news.com.au/bizopsimages/offersets/images/heraldsun/hero-offer-background.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.57 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-229-57.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash: a0aa0ecab85758fe18064e17de36cce9b900addcc38b9e17d63b2fd61117041c

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
last-modified: Wed, 26 Aug 2020 06:08:19 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
etag: "27c2e-5adc1a5697ac0"
vary: User-Agent
content-type: image/jpeg
status: 200
cache-control: max-age=958842
accept-ranges: bytes
ssl: yes
content-length: 162862
expires: Mon, 14 Sep 2020 08:52:01 GMT

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1d551d61f66f3ecd9f9baeeb077d38d9aa39c70941d2f0f0e6db208fa0d5ea9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icon-premium.png
subscriptions.news.com.au/latest/a/common/images/ 392 B
749 B 84ms
84ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-premium.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 593534e421052dbbc32a5ca672a9fe0e53bf69ea69d5f61532c56ee0f5a4f61f

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:14 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22386
etag: "b4862be3092734108b4eb051788fce21"
x-cache: Hit from cloudfront
x-amz-version-id: rfZcFqIp_ZRi_rGz7omLz..5Ds5zdQ23
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 392
x-amz-cf-id: 2KeCK5PjY9qNAHYcYKrq9vEDF3b5iNKVEm4BiU0GcOijLepBQoKCrw==

GET
H2 200 robotocondensed-regular-webfont.woff2
subscriptions.news.com.au/media/fonts/Roboto/ 20 KB
20 KB 77ms
51ms Font
binary/octet-stream 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Roboto/robotocondensed-regular-webfont.woff2
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/Roboto/Roboto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46141672a8d6ab2bebaf47fee06f6cd88cbd56862a990c8143243a6303f4865f

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://subscriptions.news.com.au/media/fonts/Roboto/Roboto.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 01:49:07 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
age: 16933
x-cache: Hit from cloudfront
status: 200
content-length: 20048
last-modified: Tue, 23 Jan 2018 23:29:54 GMT
server: AmazonS3
etag: "939b2dec72cc8951124c579886f5ffe9"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 3vPrNvxvo8.H_MjRfhvxof8bdCV6598A
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: hhLcp1E25NeQmLShYmIW6Qr-syEKSpq8kGbBsCdYquleLc4V0vSDNg==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 0805 31 B
650 B 260ms
166ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Thu, 03 Sep 2020 06:31:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 59ba5dbb63d2f4c84026dcaf2674f57a
x-transaction: 003ea0fc003d8767
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/ Frame 955E 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/?random=1599114679492&cv=9&fst=1599114679492&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fff142bc251ae8d61ad3995a9300a637a8869ddd2035cc7e5bc45e608de6cd42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/994679518/ Frame 955E 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/994679518/?random=1599114679494&cv=9&fst=1599114679494&num=1&label=EgqJCNeJ1tgBEN61ptoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90b038a65b88fda3dd6011d8ba1ab4c650853bc3e46a5ee0180ad5845540b3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1293
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 550F 0
0 184ms
59ms Document
text/html 52.30.152.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&upid=ekg5qxt&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.152.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-152-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&upid=ekg5qxt&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

status: 200
date: Thu, 03 Sep 2020 06:31:19 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930683048/ Frame 8BC5 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930683048/?random=1599114679505&cv=9&fst=1599114679505&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56f61abaa19c538d51675d7e8a43afd21b4d4b105bad1c979c852f63b6781f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1213
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/930683048/ Frame 8BC5 2 KB
1 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/930683048/?random=1599114679506&cv=9&fst=1599114679506&num=1&label=7SdtCKz0xcwBEKix5LsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

862082a62c662d1ae4cf959e8ff07f2e9ac7362ecd36d4c772f7e980fd336ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame 7FCF 42 B
107 B 51ms
46ms Image
image/gif 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1599114679188&cv=9&fst=1599112800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&fmt=3&is_vtc=1&random=2196900685&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859754747/ Frame 7FCF 42 B
107 B 50ms
45ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859754747/?random=1599114679188&cv=9&fst=1599112800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&fmt=3&is_vtc=1&random=2196900685&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/994679518/ Frame D89B 42 B
107 B 49ms
45ms Image
image/gif 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994679518/?random=1599114679192&cv=9&fst=1599112800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&fmt=3&is_vtc=1&random=2381517473&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/994679518/ Frame D89B 42 B
107 B 48ms
44ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/994679518/?random=1599114679192&cv=9&fst=1599112800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&fmt=3&is_vtc=1&random=2381517473&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame D572 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1599114679512&cv=9&fst=1599114679512&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df1f0ff2c5e13dc622216d28c5731e598278b7e069b3b4edef0e3c7ffdf64552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1212
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame FFB8 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1599114679513&cv=9&fst=1599114679513&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5359b4e2bc023155c9edac4f79734702dc067033b65ebd7a06e4bfeb9a4e80f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/707564276/ Frame FFB8 2 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/707564276/?random=1599114679514&cv=9&fst=1599114679514&num=1&label=m9Y5CJ-OmLQBEPSlstEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a82b3d62d88baa0a8d3ec97223a1e4c5486fc20b2207627d70fc6e59b040e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/994679518/ Frame 955E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994679518/?random=963230632&cv=9&fst=*&num=1&label=EgqJCNeJ1tgBEN61ptoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.com/pagead/1p-conversion/994679518/?random=963230632&cv=9&fst=*&num=1&label=EgqJCNeJ1tgBEN61ptoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_c...
https://www.google.de/pagead/1p-conversion/994679518/?random=963230632&cv=9&fst=*&num=1&label=EgqJCNeJ1tgBEN61ptoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd...

42 B
65 B

24ms
23ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/994679518/?random=963230632&cv=9&fst=*&num=1&label=EgqJCNeJ1tgBEN61ptoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX_jgHuKg7_UPtsWPqAg&cid=CAQSKQCNIrLM-MeEZnfqd_qfCABcmER8-YUpqhkqhZsHyIZY1_YwGIEYyfvN&random=208753679&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/994679518/?random=963230632&cv=9&fst=*&num=1&label=EgqJCNeJ1tgBEN61ptoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX_jgHuKg7_UPtsWPqAg&cid=CAQSKQCNIrLM-MeEZnfqd_qfCABcmER8-YUpqhkqhZsHyIZY1_YwGIEYyfvN&random=208753679&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/994679518/ Frame 955E 42 B
477 B 26ms
20ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994679518/?random=1599114679492&cv=9&fst=1599112800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&async=1&fmt=3&is_vtc=1&random=4164120730&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/994679518/ Frame 955E 42 B
88 B 28ms
22ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/994679518/?random=1599114679492&cv=9&fst=1599112800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&async=1&fmt=3&is_vtc=1&random=4164120730&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/930683048/ Frame 8BC5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930683048/?random=1399868638&cv=9&fst=*&num=1&label=7SdtCKz0xcwBEKix5LsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u...
https://www.google.com/pagead/1p-conversion/930683048/?random=1399868638&cv=9&fst=*&num=1&label=7SdtCKz0xcwBEKix5LsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_...
https://www.google.de/pagead/1p-conversion/930683048/?random=1399868638&cv=9&fst=*&num=1&label=7SdtCKz0xcwBEKix5LsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_c...

42 B
65 B

24ms
22ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/930683048/?random=1399868638&cv=9&fst=*&num=1&label=7SdtCKz0xcwBEKix5LsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX5DNH7C07_UPsuO_-AM&cid=CAQSKQCNIrLMsSVaRtuzxtWZWoGpFlh41Azz0-GYy-On1vBJGCWPGEM1zlBa&random=1190449342&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/930683048/?random=1399868638&cv=9&fst=*&num=1&label=7SdtCKz0xcwBEKix5LsD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX5DNH7C07_UPsuO_-AM&cid=CAQSKQCNIrLMsSVaRtuzxtWZWoGpFlh41Azz0-GYy-On1vBJGCWPGEM1zlBa&random=1190449342&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/930683048/ Frame 8BC5 42 B
95 B 23ms
20ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930683048/?random=1599114679505&cv=9&fst=1599112800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&async=1&fmt=3&is_vtc=1&random=2617461909&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/930683048/ Frame 8BC5 42 B
65 B 26ms
22ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930683048/?random=1599114679505&cv=9&fst=1599112800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&async=1&fmt=3&is_vtc=1&random=2617461909&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/707564276/ Frame FFB8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1291309507&cv=9&fst=*&num=1&label=m9Y5CJ-OmLQBEPSlstEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u...
https://www.google.com/pagead/1p-conversion/707564276/?random=1291309507&cv=9&fst=*&num=1&label=m9Y5CJ-OmLQBEPSlstEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_...
https://www.google.de/pagead/1p-conversion/707564276/?random=1291309507&cv=9&fst=*&num=1&label=m9Y5CJ-OmLQBEPSlstEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_c...

42 B
65 B

23ms
23ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/707564276/?random=1291309507&cv=9&fst=*&num=1&label=m9Y5CJ-OmLQBEPSlstEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX4D0H8DE7_UP7duE8AU&cid=CAQSKQCNIrLM1HjNBz02CqjodpKpSSS_m2EAWD2waF49Ayh-jIn2UN8-Ym0e&random=4003919880&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/707564276/?random=1291309507&cv=9&fst=*&num=1&label=m9Y5CJ-OmLQBEPSlstEC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https://www.heraldsun.com.au/subscribe/news/1/%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=t41QX4D0H8DE7_UP7duE8AU&cid=CAQSKQCNIrLM1HjNBz02CqjodpKpSSS_m2EAWD2waF49Ayh-jIn2UN8-Ym0e&random=4003919880&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame D572 42 B
65 B 24ms
21ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1599114679512&cv=9&fst=1599112800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&async=1&fmt=3&is_vtc=1&random=555378344&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/707564276/ Frame D572 42 B
65 B 25ms
23ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707564276/?random=1599114679512&cv=9&fst=1599112800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&async=1&fmt=3&is_vtc=1&random=555378344&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame FFB8 42 B
65 B 22ms
20ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1599114679513&cv=9&fst=1599112800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&async=1&fmt=3&is_vtc=1&random=1929544951&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/707564276/ Frame FFB8 42 B
65 B 30ms
28ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707564276/?random=1599114679513&cv=9&fst=1599112800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&async=1&fmt=3&is_vtc=1&random=1929544951&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
113 B 41ms
40ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020083101&jk=543785113506689&bg=!sbKlsqpYYaVGpHxsJLwCAAAAdlIAAAANCgIOZtdO0m5V9W6xqSkRFT2zjJHz-erklbG-m4QK3eaAEFq35VcrQxwaszoC-ScIwLD6ztKxaDLUCQkFGcvgk8y-q_4Qgn5-swBS78HVLx9QTMZzq_wiMZK3ZgNvSYXItmDmbdGJ1mPhd3097X2gRrVIzcbS8tox7OKlxKdxpblobr8O4jwlGNCd0nUHbSqxXjS5Jvz61Ic06KlXvF2GBEWAvoRyPvdDh4Xlz-MeGOnY1fH57B8lrb3hK6UUB5pjwwdo2qPpp5MOWQD0x0wo4YAfptTXb5TGBuFe-A3w1INb-3g3Ddptp8hH65dKwcfNRDnotnkX13z898XoUUj1c-EZTr4gvOIZ3wrMGO0NSgKT8VhES-o_0FUzmqwPyXvbNOVItEwwAhJ8DQzONDVWIlAEzZOdyjvISXEkj-uejn8yHzANOh0R60SZXOJWT1-ZMLR7bXqqJ9yIFLy102q2HprQ_KlKlpc28w3gmMEBjmFMFdG-Oe7kMvwcQQZRVCxn8SUSuiac-xvipa7P33zfxGob97qObcjVBZDQAZH-rg3P7TwXG5-9o7nKbVH7T9jAdkJmpqIeQjJ4DcumTeF0AprRr1Jv1CMf_T-t4lbOjgbKtlHyPolzudcj8Om2SvT-G3hiSz8rgBJ_FzgkW9xp4Imcfn2AIbI186N8SZBxMLZ-C0RRlIIAwGggeLDO_phWvJkBrToHqB0OhSdYvABB0HFbiHbt4Wg4g2k534KrxdOObbIKP1lBufmsQYRptEuBN0lyZXGimRFgAptu72su64QbODYluHfrg_ElHc8EZ2NIJhx3o95GkSwTV3MBflja3RRXJmU48WEOHIri65vwxZNKKWgBY-2M1REhk8AIdlISHI0KLux4yycpntR8CuTm4aOqVZIw84-rrwu9hGhEvMOOl5_9210KOx7rLz6ne9z78mrcp595KRHjuxfxuDJVnHI_4yiontqRV9D3DIcom5OVYo34njgPVAD4-WfnxtK-YWRS0zMH0O7iXGHKEK_FXN91E0iPZyTT5IGYGj0tSPDgkC_Zbi1JSwlBaAplB04FAL2FKFdL5FlpDToLISxz7GaLBk_0283H-gl5kZMWqk22lVA_ixsgz22RseVn321y8GxZyIuM-7GBGThXGxkpQXJmgJkrvpMi3Zg7jiRVAsytbvidihtygwvv0Zkt_bDR7xxUAv6BD0E-sw8NzYllqCBWd5jiioiFNmyM2NsM0WEJ_8CtiCpZwWRPtpGuHkBIKfyRdkzls5JVpsUaHtHi1A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 HS_SDO_P1016AW04
commerceapi.news.com.au/offersapi/offers/ Frame 0
0 920ms
919ms Other
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commerceapi.news.com.au/offersapi/offers/HS_SDO_P1016AW04
Protocol: H2
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.heraldsun.com.au
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 1
x-amzn-requestid: 5d890aa1-c345-4769-a16c-a01154cfed74
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: SRsU3HyqSwMF1xg=
access-control-allow-methods: OPTIONS,GET
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: pu_iyAr2-N_yiqX3HYaBlRmKLfz2A1_ZWYLMm-DY6MB-fVl0OmWpig==
date: Thu, 03 Sep 2020 06:31:20 GMT

GET
H2 200 HS_SDO_P1016AW04 Show response
commerceapi.news.com.au/offersapi/offers/ 28 KB
9 KB 1335ms
1334ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commerceapi.news.com.au/offersapi/offers/HS_SDO_P1016AW04
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/js/caas.js?v=2.1.6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ee53708ec4b1dc4aa79d2dfc0f13f902b03cd92cb383bde67e5b5bdfd082c55a

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-api-key: 0iwH8Iq4KC9UZKpkJJn6B8SpM7MCC3tl35vR1WF9

Response headers

date: Thu, 03 Sep 2020 06:31:22 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
status: 200
x-amzn-requestid: bd31d8e8-6e3b-4b05-a4df-9f918185da59
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f508db9-b1f77e524239a7f052496c10;Sampled=0
x-amz-apigw-id: SRsVAG3fSwMFkrg=
content-length: 8340
x-amz-cf-id: -GGJeX5ZrZlDBkloVs2zqhZwRD31iUd04Jqv10gPRXC3a68NPP0efg==

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ Frame ABBB 0
857 B 70ms
69ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2003%20Sep%202020%2006%3A31%3A20%20GMT&n=-2d&.yp=10041060&f=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&enc=UTF-8&isIframe=1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 06:31:20 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 03 Sep 2020 06:31:20 GMT

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ Frame 00D5 0
857 B 65ms
64ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Sep 2020 06:31:20 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 03 Sep 2020 06:31:20 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
528 B 64ms
63ms Image
image/gif 54.73.180.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_subscribe_S&asn=subscribe&sessionId=lTMrvlJOOqyxkUy9A7ULeXleKWBuI1599114678&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,subscription&c33=segB,customer%20details&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,iWe2BNJ1h6FnEDcUyI00JwBtc3FJr1599114678&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,15991146782558203&c30=bldv,6.0.0.537&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1599114678208&c3=st,c&c64=starttm,1599114680&adid=1599114678208&c58=isLive,false&c59=sesid,&c61=createtm,1599114681&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a930c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&c66=mediaurl,&c62=sendTime,1599114681&rnd=47837
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.180.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Sep 2020 06:31:21 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 story-preview-6bc933fa2a930c5e708e543c3759d35a Show response
a.tcog.news.com.au/component/article/ 22 KB
4 KB 399ms
398ms Fetch 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tcog.news.com.au/component/article/story-preview-6bc933fa2a930c5e708e543c3759d35a?t_product=consumer-commerce&t_template=s3/consumercommerce-articles-default/article&t_contentType=json&esi=true
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/subscription-form-template.js?v=2.1.6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 / Express
Resource Hash: cf91f82016e8b5e58f7720a24ba846bf740cb5f05cf2f65852ac031bcf0eaa8b

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:22 GMT
x-correlation-id: efc7bcfd-51df-43ec-9931-0cfc4636fc3e
x-powered-by: Express
status: 200
content-encoding: gzip
content-length: 3816
server: nginx/1.18.0
etag: W/"26651910"
vary: Accept, Accept-Encoding
x-varnish: 11372594 13272034
access-control-allow-origin: *
expires: Thu, 03 Sep 2020 06:31:54 GMT
cache-control: max-age=32
content-type: json; charset=utf-8
x-cache-tags: C:6bc933fa2a930c5e708e543c3759d35a
x-cache-hits: 12

GET
H2 200 icon-digital.png
myaccount.news.com.au/bizopsimages/offersets/images/heraldsun/ 3 KB
3 KB 48ms
48ms Image
image/png 104.111.229.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.news.com.au/bizopsimages/offersets/images/heraldsun/icon-digital.png
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/common/components/subscription-form/subscription-form.js?v=2.1.6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.57 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-229-57.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash: 1cc89490e949706007a7e3710514529f1caf07fc8c3bdb1236f0cb53a5b90db4

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:22 GMT
last-modified: Wed, 26 Aug 2020 06:04:43 GMT
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
etag: "b95-5adc1988994c0"
vary: User-Agent
content-type: image/png
status: 200
cache-control: max-age=977749
accept-ranges: bytes
ssl: yes
content-length: 2965
expires: Mon, 14 Sep 2020 14:07:11 GMT

GET
H3-Q050 200 api.js Show response
www.google.com/recaptcha/ 708 B
681 B 17ms
17ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ

Requested by

Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/a/mastheads/heraldsun/components/subscription-form/subscription-form-template.js?v=2.1.6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7766619bc047cbc993509d8983e166068447d1d00c1b1e45b7591c73ac9e3314

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 477
x-xss-protection: 1; mode=block
expires: Thu, 03 Sep 2020 06:31:22 GMT

GET
H2 200 did-you-know.png
subscriptions.news.com.au/latest/a/common/images/ 36 KB
36 KB 52ms
51ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/did-you-know.png
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e50994ce0b07664bc133f8c6663a5a54e851d6b9cdae218eef5f3dcf01cbdd53

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22391
etag: "1311dc4829db75aaa494bd3ca091c4b3"
x-cache: Hit from cloudfront
x-amz-version-id: 3eKJWZ0Rfsfg6m2uD_fOrJJ1I_0GRv5s
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 36400
x-amz-cf-id: BKh-Gl3nr5zYCbAiQ38F3TgiagmPAq8WnA6smV8pqbclKBUqNcjM0Q==

GET
H2 200 icon-error.png
subscriptions.news.com.au/latest/a/common/images/ 517 B
874 B 50ms
49ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-error.png
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 791f125adb9c6f01bab87026daf956b41ff8fbd3d33e44048f7ceaa3768e6009

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22391
etag: "04c8d1f9a388e83cac7736053c0be189"
x-cache: Hit from cloudfront
x-amz-version-id: NvBCrYxJjWlJY5XhjDA0MedIe8J.iEdP
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 517
x-amz-cf-id: AW5PfFTe0UYL1AmZFRsAClqj5jBa7py1MkJmzqdL4lmRHXGP3eJh-w==

GET
H2 200 controller-b3629fa4714c84944b88a393914ccbf4.html
js.stripe.com/v3/ Frame 422E 0
0 51ms
51ms Document
text/html 99.86.2.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-b3629fa4714c84944b88a393914ccbf4.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.2.78 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-2-78.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-b3629fa4714c84944b88a393914ccbf4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 299
x-amz-id-2: +bgxpFPzPtaY4fxeSXK3jxSVCUAFkDmFlTOgxSguGTcf/v+tiq/S9uY/Qt6nSLwtsnZsz5QG7AU=
x-amz-request-id: F55FA5C882104710
last-modified: Wed, 02 Sep 2020 15:42:29 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
date: Thu, 03 Sep 2020 06:30:45 GMT
etag: "b3629fa4714c84944b88a393914ccbf4"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: heAr7KMtpd8TjidjTkNesL-h8raT_-b3NW3EpYK6QfKrqnuM0zdpEQ==
age: 51

GET
H2 200 payment-request-inner-browser-f0dfbb803355dfe356cf32b68cea2e58.html
js.stripe.com/v3/ Frame DCCF 0
0 50ms
50ms Document
text/html 99.86.2.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-f0dfbb803355dfe356cf32b68cea2e58.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.2.78 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-2-78.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-browser-f0dfbb803355dfe356cf32b68cea2e58.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 320
x-amz-id-2: KO0ygIynlaLPr5EVBN7kmdWQKVOvXxu6dULTkgCF/+vTj2Bqyzz4Ao+M+rFAw+I4SLdgYLWFWGs=
x-amz-request-id: B9BBB4CD135308AD
last-modified: Wed, 02 Sep 2020 15:42:31 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
date: Thu, 03 Sep 2020 06:28:08 GMT
etag: "f0dfbb803355dfe356cf32b68cea2e58"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: sp-qoo6M_bm2fwpgu2tOkvXA4jrV4cEaWrHNkCvXbBUTDMezZhF8vg==
age: 248

GET
H2 200 question.png
subscriptions.news.com.au/latest/a/common/images/ 662 B
1 KB 45ms
45ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/question.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03dfaa63678e1f13accd9a1ea7a4fe612cacc1d21a4b279622da2f743eb12051

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:15 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22387
etag: "f7df5f1ea34831afde776ae39da6b61e"
x-cache: Hit from cloudfront
x-amz-version-id: gpg4_qVv4ohFzAnuMKFhkFltJGjT8L7w
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 662
x-amz-cf-id: AvI-s8amhufVqpnDdY9WQrdlBqIIE5f19DLkbz9dgmUpQQP3ZFQ47A==

GET
H2 200 icon-arrow-down.png
subscriptions.news.com.au/latest/a/common/images/ 380 B
745 B 46ms
46ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-arrow-down.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9de2d40f129dba7b2d0163b820d695c7376bf43ccd85f8858b93e10e3e225cfc

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:16 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22387
etag: "7088401490721472c0dba7138a6c8e6e"
x-cache: Hit from cloudfront
x-amz-version-id: 7OJhIIUi2papb4t1dEoqN8Tn4p3JGIX8
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 380
x-amz-cf-id: 28k7_THOuGzwT1QkVlmo-mlslz9TrJ6F6rsJ2NwQHf0n3gT7sELZTw==

GET
H2 200 icon-green-tick.png
subscriptions.news.com.au/latest/a/common/images/ 352 B
709 B 43ms
43ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-green-tick.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76276d89d273e4f479e6a7d4c0766c2a5cb4c1d4a3971202ea0a24aae8c33edb

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:20 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22383
etag: "1685df414b679e630ad0820966851fc7"
x-cache: Hit from cloudfront
x-amz-version-id: lxBrwnG5_cRp5JCl7aw77JRMJQobCH0t
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 352
x-amz-cf-id: CMNrJ5TIAMyicYaJKix3koGcFt2vaGerWIfpHeL0l2laIKcsqpA8TQ==

GET
H2 200 btn-close-grey.png
subscriptions.news.com.au/latest/a/common/images/ 639 B
997 B 49ms
49ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/btn-close-grey.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6ead1caaf5206663bc771e932785d8b2ddf63c2fb8465952527a27a3781d5bd

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&nk=b66ffddc07ccfb9df7bce2fd5c6343c3-1599114674&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:15 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22387
etag: "eece25358b3c3b3fd548fecba40ecc74"
x-cache: Hit from cloudfront
x-amz-version-id: qxBgmaxC5BWQ83cA_AKwAK7zM1cC0A1w
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 639
x-amz-cf-id: UwzL8wlHyffNhep82qpieTQq0CEBsZEx6BZXFJwh2YfK6mUVoUZR1w==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/ 337 KB
132 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

919ce225464d5e8d79944356fcaa74323a12f8fc847eec6c7a877f9e752f7fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 21:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Aug 2020 04:38:28 GMT
server: sffe
age: 204865
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135073
x-xss-protection: 0
expires: Tue, 31 Aug 2021 21:36:57 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 8F8A 0
0 29ms
29ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdTo0NDM.&hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&size=invisible&cb=snviv0icd8fr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Mnk139fzDzRSnwcijh5f/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdTo0NDM.&hl=en&v=QVh-Tz10ahidjrORgXOS1oB0&size=invisible&cb=snviv0icd8fr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 03 Sep 2020 06:31:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-Mnk139fzDzRSnwcijh5f/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9540
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 icon-error.png
subscriptions.news.com.au/latest/a/common/images/ 517 B
873 B 77ms
76ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-error.png
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 791f125adb9c6f01bab87026daf956b41ff8fbd3d33e44048f7ceaa3768e6009

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:12 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22391
etag: "04c8d1f9a388e83cac7736053c0be189"
x-cache: Hit from cloudfront
x-amz-version-id: NvBCrYxJjWlJY5XhjDA0MedIe8J.iEdP
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 517
x-amz-cf-id: f6xOk_B34oNvUWlvPL9Mz0SgaWGzhdzft94s0plK18hXJoJ6P1cdIQ==

GET
H2 200 question.png
subscriptions.news.com.au/latest/a/common/images/ 662 B
1021 B 76ms
76ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/question.png
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03dfaa63678e1f13accd9a1ea7a4fe612cacc1d21a4b279622da2f743eb12051

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:15 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22387
etag: "f7df5f1ea34831afde776ae39da6b61e"
x-cache: Hit from cloudfront
x-amz-version-id: gpg4_qVv4ohFzAnuMKFhkFltJGjT8L7w
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 662
x-amz-cf-id: 1DITOVjCpLEwSt6YLn4rbP_BuQkEWrXDF8HmjcxDn2L6rBIxa56NBQ==

GET
H2 200 icon-arrow-down.png
subscriptions.news.com.au/latest/a/common/images/ 380 B
737 B 76ms
75ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-arrow-down.png
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/latest/js/webcomponents-lite.min.js?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9de2d40f129dba7b2d0163b820d695c7376bf43ccd85f8858b93e10e3e225cfc

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:16 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22387
etag: "7088401490721472c0dba7138a6c8e6e"
x-cache: Hit from cloudfront
x-amz-version-id: 7OJhIIUi2papb4t1dEoqN8Tn4p3JGIX8
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 380
x-amz-cf-id: YoqHUBKyv57_FSXw4moOp2xUGeNdlW8An9J-OLj7GejMikMTzNLfow==

GET
H2 200 s63308284075096
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/ 43 B
208 B 72ms
71ms Image
image/gif 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.17.0/s63308284075096?AQB=1&ndh=1&pf=1&t=3%2F8%2F2020%208%3A31%3A22%204%20-120&mid=73094556434333104512172244330151369687&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7C%7C%7Cheraldsun.com.au%20%7C%20subscribe%20to%20the%20herald%20sun%20for%20exclusive%20stories&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DHSWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fcoronavirus%252Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%252Fnews-story%252F6bc933fa2a9&cc=AUD&events=event8&v1=news%20corp%20au&v2=herald%20sun&v3=herald%20sun%20web&v10=D%3DpageName&v11=D%3Dvid&c13=D%3Dv13&v13=HSWEB_WRE170_a&v14=anonymous&v22=4%3A31%20PM%7CThursday&v24=New&v34=D%3Dg&v36=new%20subscriber&v37=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&v38=HS_SDO_P1016AW04&v77=D%3Dmid&v125=gp&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=30c5e708e543c3759d35a%26memtype%3Danonymous%26mode%3Dpremium%26v21suffix%3D97-B&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&lrt=67&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:22 GMT
x-content-type-options: nosniff
x-c: master-1346.I9098b4.M0-442
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 04 Sep 2020 06:31:22 GMT
server: jag
xserver: anedge-75d94f685-hhtqr
etag: 3434072630957015040-4614261324452460109
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 02 Sep 2020 06:31:22 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88641804179ca6d14134f9c4ae904f672f24af374aee53e4026a2cc3bc722836

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 payment-request-inner-browser-f0dfbb803355dfe356cf32b68cea2e58.html
js.stripe.com/v3/ Frame E165 0
0 51ms
50ms Document
text/html 99.86.2.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-f0dfbb803355dfe356cf32b68cea2e58.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.2.78 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-2-78.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-browser-f0dfbb803355dfe356cf32b68cea2e58.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 320
x-amz-id-2: KO0ygIynlaLPr5EVBN7kmdWQKVOvXxu6dULTkgCF/+vTj2Bqyzz4Ao+M+rFAw+I4SLdgYLWFWGs=
x-amz-request-id: B9BBB4CD135308AD
last-modified: Wed, 02 Sep 2020 15:42:31 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
date: Thu, 03 Sep 2020 06:28:08 GMT
etag: "f0dfbb803355dfe356cf32b68cea2e58"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: lGQb1LIXfOh6eRdtuvP0LHNMzrPYwNP8Br4oMhnrJmfX5tIC1IANTQ==
age: 248

GET
H2 200 3f3711ab9d0c2feb204336a46fc36eac
cdn.newsapi.com.au/image/v1/ 168 KB
169 KB 132ms
130ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsapi.com.au/image/v1/3f3711ab9d0c2feb204336a46fc36eac
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6ff7815f7a1158270cfd1f68bca823675200882ece4922fa10092edf26d367b8

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 06:31:22 GMT
last-modified: Thu, 03 Sep 2020 00:54:12 GMT
server: Akamai Image Manager
etag: 78f0a25a46130ebbe6d79233f668bb0a-3f3711ab9d0c2feb204336a46fc36eac-0
access-control-allow-methods: POST, GET, DELETE, PUT, PATCH, OPTIONS
content-type: image/webp
status: 200
x-hobit: 2B
cache-control: private, no-transform, max-age=604800
access-control-allow-headers: x-newsapi-api-key
content-length: 172002
expires: Thu, 10 Sep 2020 06:31:22 GMT

GET
H2 200 icon-premium-sml.png
subscriptions.news.com.au/latest/a/common/images/ 385 B
743 B 45ms
45ms Image
image/png 143.204.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscriptions.news.com.au/latest/a/common/images/icon-premium-sml.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-97.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 388c46e5d698504cb3bee08afd98c90228ea8d5702d64f282f689190f7ce5e9d

Request headers

Referer: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fsecret-documents-reveal-victorian-restrictions-to-be-eased-first-as-part-of-roadmap-out-of-lockdown%2Fnews-story%2F6bc933fa2a930c5e708e543c3759d35a&memtype=anonymous&mode=premium&v21suffix=97-B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 00:18:17 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Wed, 05 Aug 2020 04:28:59 GMT
server: AmazonS3
age: 22386
etag: "b184786d47903ebded42b10b829bcd9e"
x-cache: Hit from cloudfront
x-amz-version-id: i0F5C7f4Lc2rY3AbbXC_IVcv5UXZiKTY
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 385
x-amz-cf-id: jy_WU4mSBnVgucq9WAkaGBiOCOk7NHsOceqcahZ04Q__nQJJH7DLsw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: commerceapi.news.com.au
URL: https://commerceapi.news.com.au/offersapi/offersets?offersetName=hs_premium&masthead=heraldsun&pkgDef=&sourceCode=HSWEB_WRE170_a&isCaasLite=false

Domain: tags.news.com.au
URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=15991146757880.7586038727249353

Domain: tags.news.com.au
URL: https://tags.news.com.au/prod/mitas/mitas.js

Domain: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.664.js?utv=ut4.46.201912020329

Domain: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.665.js?utv=ut4.46.201912020329

Domain: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/Roboto/robotocondensed-bold-webfont.woff2

Domain: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/Roboto/roboto-regular-webfont.woff2

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger

Domain: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/Roboto/robotocondensed-bold-webfont.woff

Domain: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/Roboto/roboto-regular-webfont.woff

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.heraldsun.com.au/	1970-01-19 12:11:56	Name: com.auth0.auth.i9mcZjyowVdHVXZPVropMQvfCq3.xSJI Value: {%22nonce%22:%22KG9FOnX0z~pPZpvu3xLc-vaA9ZXwuj22%22%2C%22state%22:%22i9mcZjyowVdHVXZPVropMQvfCq3.xSJI%22}
.heraldsun.com.au/	1970-01-20 05:43:06	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: 77933605%7CMCIDTS%7C18509%7CMCMID%7C73094556434333104512172244330151369687%7CMCAAMLH-1599719474%7C6%7CMCAAMB-1599719474%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1599121875s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18516%7CvVersion%7C4.5.1
.heraldsun.com.au/	1970-01-19 12:11:56	Name: mboxEdgeCluster Value: 37
.heraldsun.com.au/	1970-01-20 05:45:59	Name: mbox Value: session#dfec523b82c04592bca178d4258e3055#1599116535\|PC#dfec523b82c04592bca178d4258e3055.37_0#1662359476
.heraldsun.com.au/	1970-01-19 20:57:30	Name: utag_main Value: v_id:017452a989ff001d8a8d8ae1b6bd00078016207000b08$_sn:1$_se:1$_ss:1$_st:1599116476737$ses_id:1599114676737%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
.heraldsun.com.au/	1969-12-31 23:59:59	Name: n_regis Value: 123456789
.heraldsun.com.au/	1969-12-31 23:59:59	Name: check Value: true
www.heraldsun.com.au/	1970-01-19 12:21:59	Name: AWSALBCORS Value: EftyosphBbjlQlKfyymMC42UkQuCAqU95h2CjSk0E2rGGS9OWTnWI78/UT1wWkg30Oo3pI3DsLqfZJLuYLaDr48l6/jFJdksYtWtsOVxDvDmsJ7p9Re6IQ2amZfz
www.heraldsun.com.au/	1970-01-19 12:21:59	Name: AWSALB Value: EftyosphBbjlQlKfyymMC42UkQuCAqU95h2CjSk0E2rGGS9OWTnWI78/UT1wWkg30Oo3pI3DsLqfZJLuYLaDr48l6/jFJdksYtWtsOVxDvDmsJ7p9Re6IQ2amZfz
.heraldsun.com.au/	1970-01-19 13:38:18	Name: anonymous_token Value: {%22entitlements%22:anon}

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://tags.tiqcdn.com/utag/newsltd/hwt.sops/prod/utag.js(Line 10) Message: UTRACK loaded (from tealium)
console-api	log	(Line 115) Message: Duration Change

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2578e8765f2ddeef543b49512dd55274.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
a.tcog.news.com.au
a248.e.akamai.net
acdn.adnxs.com
adservice.google.com
adservice.google.pl
analytics.twitter.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
bat.bing.com
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.newsapi.com.au
cdn.polyfill.io
cm.everesttech.net
commerceapi.news.com.au
dpm.demdex.net
googleads.g.doubleclick.net
ib.adnxs.com
id.cxense.com
insight.adsrvr.org
js.adsrvr.org
js.stripe.com
login.newscorpaustralia.com
mboxedge37.tt.omtrdc.net
metrics.heraldsun.com.au
myaccount.news.com.au
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
newslimited.tt.omtrdc.net
pagead2.googlesyndication.com
ping.chartbeat.net
px.ads.linkedin.com
r.turn.com
s.yimg.com
s7ap1.scene7.com
scdn.cxense.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
subscriptions.news.com.au
t.co
t.paypal.com
tags.news.com.au
tags.tiqcdn.com
tpc.googlesyndication.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.heraldsun.com.au
www.linkedin.com
www.paypal.com
www.paypalobjects.com
commerceapi.news.com.au
subscriptions.news.com.au
tags.news.com.au
tags.tiqcdn.com
www.paypal.com
104.111.215.136
104.111.228.123
104.111.228.220
104.111.229.57
104.244.42.133
104.244.42.67
143.204.201.97
143.204.206.235
15.188.154.177
15.236.9.100
151.101.112.157
151.101.114.133
151.101.129.35
172.217.16.198
172.217.18.162
178.63.12.147
185.33.220.145
2.18.233.169
2.18.233.28
212.82.100.181
216.58.206.2
23.210.249.83
23.62.98.32
2600:9000:214f:4000:1e:a43d:b640:93a1
2600:9000:214f:aa00:2:42d9:3100:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2008
2a00:1450:4001:808::2004
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:816::2004
2a00:1450:4001:817::2002
2a00:1450:4001:819::2002
2a00:1450:4001:819::2003
2a00:1450:4001:81b::2003
2a00:1450:4001:81f::2001
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2001
2a02:26f0:10c:481::9b6
2a02:26f0:10c:48b::25ea
2a02:26f0:f1:298::268b
2a04:4e42:1b::621
2a05:f500:10:101::b93f:9105
34.254.167.184
35.227.202.26
46.228.164.11
52.30.152.201
54.154.62.31
54.73.180.117
54.76.175.152
54.85.197.32
66.117.28.86
82.199.68.72
99.86.2.32
99.86.2.78
00824d015ae55ae9d054f5b275d51dea712f85b9d285be896989244fe3fafe16
03b3308669f1e3f7d9318ec7cb4a23e2fc935bbabee3fff22cd92081a736d0eb
03dfaa63678e1f13accd9a1ea7a4fe612cacc1d21a4b279622da2f743eb12051
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04b840d4b4b61b8153da257250e0b14e67a246ade4b61211c0a5cf44293eaa62
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0a129b1c4cde48434a4e593247287610ec4bdf8653cfe29222902e6fc9753fbb
0af6e98f97eb9df21b10f998356951310328277337080ca1084fe70f56bd1114
0c6d42d0979ec5bb886d140abc26adf460b8af819f11c728092344ebcf19598a
0cd33b2c0944c7ec47751b2fbce568651853f710a5d7c834916f51d7241fd6af
0d88fbced651c5e1d90cd83b3fa8e7e656ba06ab0ae4370c14d971b5c43c8d11
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e9d0602b6595d3ec4443e76a0c1af5747c3600160d429c0427730d10e6d72af
12a174500222f25e802175d5cf739d6ed5aeb7ad9812cbfe18b97992d6692a89
16af5171092c14e376cfda8ac1f39086f5f9b712cdae14eb7133555970a9e0d8
1a82b3d62d88baa0a8d3ec97223a1e4c5486fc20b2207627d70fc6e59b040e01
1bc3625c4e923d79a85677113b548e5444129ead716d43e10e2a6e9d56939143
1c9a5ba986d073619525d5a14d7ad742121f39349845ec498700f6f614d048a3
1cc89490e949706007a7e3710514529f1caf07fc8c3bdb1236f0cb53a5b90db4
2329433568e2a7b14ad9325461c936dfba814c17928b09d21430a32c6ebce83e
240dc57f9dd78cd71b0036a365d7b4fc969ecdc7dd36af9f097daa266d086560
2e37e870d0f649c2477bd14b7591e0f6d0ec0aa64bcbe5c990383791f35c3484
34871262a47d71019e670cfde72720937d8dbdea98e63bf429048014610cf4f3
36728a086a7c0d5852faea6f7ee1c4402574ce445389e1b4f72c87ef86cd8943
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
388c46e5d698504cb3bee08afd98c90228ea8d5702d64f282f689190f7ce5e9d
38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924
38b7bfd097c33dd3cda3958386e6f92fa4e9cde064f6fb13d1b7db9f55e6ffd3
38ea1ac9fd49ff712334df32aa5b7b7ff0e0c4f0eae531d66db3a710134fe146
398e4d36ca67dffc51bdeba0b450355bdc9452600e8d767f3f5c1d986f27d600
3c4a60019a5cf45209624cdbccdc185cd9a886fcdf3c559611e8285c7ad25397
40a1e67dfd231122e56a56dc459d9b2ae9b13a60305764a216b1f2ec99532a6a
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
42326c665ee3a7127e53a2d57b781f90cdf7fb642e877637fd4c4ad6186c3b28
4353b5e1bb568c2005f7778cda77c52b1c2eb4c026ba698549780e0306b0532e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44aced147172b0857f4dc31dfdc2833978efed8beefa71c4af07dcffd31b6005
46141672a8d6ab2bebaf47fee06f6cd88cbd56862a990c8143243a6303f4865f
469fef89f9e262fa0f3bea650824fd824abbef4ba73036788d17b0d9621e73aa
47829b37dfa278e375151af83846259e3b02fc51630a6790802396dbc2380eea
4800ba001476d432248917ff1c8511b203eee5d13bdbf984c0ac053fefd69e3a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ae7580c5daf68ec255719d51401946da2ccf5272f88d5e5bec37174f9cc9e5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7ef7bf1d02e99b77e82435d71f551afc5614a399c963fbb5e14d2921bc792f
4d8daea900a16fb19a3f2b66f3e57dd34a49749934bb404691865b9e28ca1190
5359b4e2bc023155c9edac4f79734702dc067033b65ebd7a06e4bfeb9a4e80f8
54f6d2970d4ad8b7f22ccfa889293b29acf0edd2a21802aa481a9c9364d5b70e
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
56f61abaa19c538d51675d7e8a43afd21b4d4b105bad1c979c852f63b6781f9c
593534e421052dbbc32a5ca672a9fe0e53bf69ea69d5f61532c56ee0f5a4f61f
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
5cf049ca68b7965ef6de1e966003a7ac176412394f9989f5198df15f8503fa16
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
612854d86f09747f3059ad7f6b3d1dbae0b29cf491cd0181d49eafb1220c8b90
63c02e1886055823813b9ff0d685f370412b5b82402c6516886e555a57955b2c
64a0570e7a08a80b4e13e598d66de603e83213b695eb3fb3f46530c76997f87f
657d0926095e68a9c4e897f2c58f5b085461cc40d8089a12770633eac06be7c5
67893f9fe3995a99d5cdf1296da71d57f8bf7186cf8cea81e22313f048abe412
69db8b2a48ae184507608101447b27c415dadec9f5c7265aec3c2633da5c6128
6a49812544f6b69fe09cdbbe8cf4c87cc825bb0faccd75d5ba37b8b379edfefa
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f525f91a7a413820bd68cc8978e7d92c21b00c9db45be510972ec96c2218e6d
6ff7815f7a1158270cfd1f68bca823675200882ece4922fa10092edf26d367b8
716b170a37df0b3e60269439f97779ec22a0d0ee5ea18bc01c5dc6958dfb5eda
71ee286347ef8df59a18fecb7ad98a405c951c965dd3feaaff6a05eec9997ae2
723c2c4708075116cb94201f366fd66584fdd47ee569d962cdb81616f5a70f36
728c49a2c9cae48f12242565437f2e0f7b3edffb1085ab28b28c03cb123561ae
76276d89d273e4f479e6a7d4c0766c2a5cb4c1d4a3971202ea0a24aae8c33edb
7766619bc047cbc993509d8983e166068447d1d00c1b1e45b7591c73ac9e3314
791f125adb9c6f01bab87026daf956b41ff8fbd3d33e44048f7ceaa3768e6009
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
7ebc75ee9a4ddb37de836d42f65d318b33c6efb47d17ad37e189a549556949a9
8224a8520a725cfbcebe4a7873622dc98fb7b64eefa3d202970e0bb3181d098a
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8348883788db7a1ff7cf758548f044d104edfbc7eb1cb87f11c5e42b8787211a
84afd57608146b2e4ac725c887465bfde69fefc6b7f7fcef7338203eec83aace
862082a62c662d1ae4cf959e8ff07f2e9ac7362ecd36d4c772f7e980fd336ba4
88641804179ca6d14134f9c4ae904f672f24af374aee53e4026a2cc3bc722836
88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32
8a24003f95d56ba84223ad3c68cdb8b982bc04dafdffef6010fb13492d302f3c
8d8017dcf0215335c597e2a4fb3b1d49aa74002d020078689b5c7f6dbf2fd5a7
8e274a3634a724091fc4f0d9414b7ea92811d97fe3abef1fa2991c21e078f742
90b038a65b88fda3dd6011d8ba1ab4c650853bc3e46a5ee0180ad5845540b3cf
919ce225464d5e8d79944356fcaa74323a12f8fc847eec6c7a877f9e752f7fb9
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
99f2f90604e94f947df4602ad481fceda0b0694c8ef82a3253b606a46843805f
9c4a4f3ecd9442a2cdf9916934ddfd912fa7e852c7b64e7a2d57dc0e2e3ec12e
9de2d40f129dba7b2d0163b820d695c7376bf43ccd85f8858b93e10e3e225cfc
9e459c472ff269270604573939d325a81d430545b0c724f2be7ca1e621820655
9e55b702f08e9d2de810d4665c56e95e1e794b214eab5fd0e7a9cda8bfc72863
9efc0d466ce947838b31b9704464cdfcb0c62d689631fe987c3b4d04129ccb40
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09886e2fa4c170d3f5dc029b0aab4fba8306ff3c09cc70513408eb5386a2db0
a0aa0ecab85758fe18064e17de36cce9b900addcc38b9e17d63b2fd61117041c
a0e385deb57633b18f216145a994e928f44759845534a6676ca1d4c77c0991f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2661ea184dd0f138a8056dd760ed2883b1cc5b19bf8c21f3023082a19d74b3d
a5b97e4c32aef871602fd377e1097dcd411590a07e899db9d7abf8d76338cdde
a94add869e61391e7d6c90ed727db73fe988a3447bcf07190eedfa8604a9e048
aa470cdbe83c5968a4f5832dda90934799759b7680d013a476eea5ef1712fbd4
abe23ee1968e6b4d601df4f547cd7ace646b15d520f171d4cd6e5d4ad895e127
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ae5572698a5d08167e0432c8ce4ccf6fca7916ea0ad796e947b8fa3d520663e2
b28168e2c953ea94b326fd9b995a5ca8f7625da9b69bd41808e7371d69f0c955
b9094c6391ef30ed52d0524c3e46cef45deea94f1b7b20aaefbc5d18b9281b67
bc55f44e6ca90afdf4df5325f7021b77f8e89bb8fad03b59b4401ea02dba8057
c0f0d91d4822f932943383056a7ece530de55eca480df5c59cb8ce22c8f6d985
c1d551d61f66f3ecd9f9baeeb077d38d9aa39c70941d2f0f0e6db208fa0d5ea9
c441f52d55b58a405db5e72787b15de6a7702c20718792eb4882d8cbfc6760f9
c58d337dc047789e4b04840914f46abadd149e5fe1fedf90e6adb9f18b43037b
c63660722c0610de88e2426dd6098719cb3697a516f46ecf55f2779c2557597a
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
ce070ec2d399c394617ddf108a177139d6ae908ab788d35a5bf7abfe9a09da9d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7e44cea05be4da13f39efe29ce7b39f516a0e5633a0077ba4f6c26d1c0a5ec
cf91f82016e8b5e58f7720a24ba846bf740cb5f05cf2f65852ac031bcf0eaa8b
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d350370d842adbd0ef681696c84783285586f4828d743029810452684eae634e
d3ec9a6d35fdd044ed48be764aface7e9237c575a6aa78dc7bcc99fe70286e0f
d4337259b432dc43956bf63501cd001bb86056126594de3814f27ce1a7770805
d6ead1caaf5206663bc771e932785d8b2ddf63c2fb8465952527a27a3781d5bd
d781d9975c78e39fbb8c3b65f95587b8560621a1f458414201d95953661af70c
d8b0cc239d456bcac305aa4462153ba23876bae16e94003cd3dc13ba724449bc
dbe47d35e470c59b404ad7abf6048ced3c7a941d6a19ae904fe423e9d8ed6f46
df1f0ff2c5e13dc622216d28c5731e598278b7e069b3b4edef0e3c7ffdf64552
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e06775da56ca92d7943167883c849bf3e18425f19a316c54531554254a3ef753
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47aaaeb929a153118a0ba33ee195bf1d4a7d92f1bc8553e9e8dc8410071328f
e50994ce0b07664bc133f8c6663a5a54e851d6b9cdae218eef5f3dcf01cbdd53
e7a1f8b52b70a6bba94cc908884c2da7048aae8e34053d122261853a20bbf879
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee53708ec4b1dc4aa79d2dfc0f13f902b03cd92cb383bde67e5b5bdfd082c55a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05457da67cefc39122d84c1a6d6fd562350ad4ddb35efb3d0db64d2e49b16cb
f16a6c6ac8b3cfc6fc9680e555f18636e0ed2e858af1f8b476f09bc9fcc6591b
f5f8fc266756e934dba9555c11ea89132c3ca6b25b26e9a498e0c96be304a35a
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f70ad01b77c844be8f9b2f3312bc97c57e192e0b0feafcb03f788379b1f51e60
fd63d6a5ec44215e50612d8bea8eff0a12f5d4981ab6745db8d8479f7c102845
fff142bc251ae8d61ad3995a9300a637a8869ddd2035cc7e5bc45e608de6cd42

www.heraldsun.com.au Open in urlscan Pro 2.18.233.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

283 Requests

96 %HTTPS

39 %IPv6

39 Domains

62 Subdomains

56 IPs

8 Countries

2697 kBTransfer

8990 kBSize

11 Cookies

8 Outgoing links

Page URL History

Redirected requests

283 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Screenshot
Live screenshot

Full Image

283
Requests

96 %
HTTPS

39 %
IPv6

39
Domains

62
Subdomains

56
IPs

8
Countries

2697 kB
Transfer

8990 kB
Size

11
Cookies

283 HTTP transactions
2 data transactions