urlscan.io logo urlscan.io
SecurityTrails logo

www.itnews.com.au Open in urlscan Pro
203.176.102.69  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Submission: On July 13 via api from TR — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 68 IPs in 10 countries across 65 domains to perform 337 HTTP transactions. The main IP is 203.176.102.69, located in Melbourne, Australia and belongs to VOCUS-VAS-AU Vocus Advanced Services, AU. The main domain is www.itnews.com.au. The Cisco Umbrella rank of the primary domain is 700621.
TLS certificate: Issued by R3 on July 3rd 2023. Valid for: 3 months.
This is the only time www.itnews.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 38 203.176.102.69 38809 (VOCUS-VAS...)
2 142.251.220.200 15169 (GOOGLE)
6 142.251.220.170 15169 (GOOGLE)
3 104.17.24.14 13335 (CLOUDFLAR...)
3 74.125.130.95 15169 (GOOGLE)
28 104.18.16.195 13335 (CLOUDFLAR...)
24 203.176.102.67 38809 (VOCUS-VAS...)
14 142.251.221.34 15169 (GOOGLE)
16 142.251.220.195 15169 (GOOGLE)
5 199.232.192.134 54113 (FASTLY)
2 42.99.140.211 4637 (ASN-TELST...)
9 24 142.251.220.194 15169 (GOOGLE)
1 18.161.111.43 16509 (AMAZON-02)
6 157.240.209.14 32934 (FACEBOOK)
1 104.18.133.59 13335 (CLOUDFLAR...)
3 142.251.221.14 15169 (GOOGLE)
1 216.239.38.181 15169 (GOOGLE)
2 74.125.200.155 15169 (GOOGLE)
7 151.101.128.134 54113 (FASTLY)
1 104.16.120.190 13335 (CLOUDFLAR...)
1 104.18.24.196 13335 (CLOUDFLAR...)
1 104.16.140.206 13335 (CLOUDFLAR...)
2 9 142.251.220.196 15169 (GOOGLE)
1 54.230.112.68 16509 (AMAZON-02)
6 9 13.107.42.14 8068 (MICROSOFT...)
1 54.192.111.48 16509 (AMAZON-02)
1 2 142.251.221.38 15169 (GOOGLE)
29 18.161.111.86 16509 (AMAZON-02)
1 64.233.170.156 15169 (GOOGLE)
12 142.251.220.161 15169 (GOOGLE)
1 104.17.203.204 13335 (CLOUDFLAR...)
1 1 23.76.212.194 16625 (AKAMAI-AS)
2 23.207.190.50 16625 (AKAMAI-AS)
5 9 35.190.60.146 15169 (GOOGLE)
2 4 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
5 5 35.213.12.39 15169 (GOOGLE)
4 9 54.179.153.107 16509 (AMAZON-02)
1 21 142.251.221.33 15169 (GOOGLE)
5 142.251.220.130 15169 (GOOGLE)
3 23.207.189.34 16625 (AKAMAI-AS)
8 157.240.209.35 32934 (FACEBOOK)
2 142.251.220.227 15169 (GOOGLE)
1 142.251.221.46 15169 (GOOGLE)
7 11 69.173.158.64 26667 (RUBICONPR...)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 202.241.208.56 4694 (IDCF IDC ...)
1 124.146.215.4 2514 (INFOSPHER...)
1 1 54.151.187.164 16509 (AMAZON-02)
2 2 52.223.2.229 16509 (AMAZON-02)
2 2 220.150.223.50 4686 (BEKKOAME ...)
1 5 23.58.141.50 16625 (AKAMAI-AS)
5 5 104.254.148.252 29990 (ASN-APPNEX)
2 23.44.0.196 16625 (AKAMAI-AS)
2 67.199.150.81 62713 (AS-PUBMATIC)
1 1 69.173.151.100 26667 (RUBICONPR...)
2 3 67.220.226.234 16509 (AMAZON-02)
1 2 3.0.230.151 16509 (AMAZON-02)
5 5 52.223.40.198 16509 (AMAZON-02)
2 3 52.46.130.91 16509 (AMAZON-02)
1 2 151.101.130.49 54113 (FASTLY)
1 1 198.8.71.131 54312 (ROCKETFUEL)
14 67.199.150.86 3257 (GTT-BACKB...)
1 1 103.229.10.180 16509 (AMAZON-02)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 2 52.74.22.247 16509 (AMAZON-02)
1 1 50.57.31.206 19994 (RACKSPACE)
1 2 119.9.108.180 45187 (RACKSPACE...)
1 1 34.83.125.63 396982 (GOOGLE-CL...)
1 1 51.255.68.171 16276 (OVH)
1 199.232.194.49 54113 (FASTLY)
2 142.251.220.206 15169 (GOOGLE)
3 142.251.220.237 15169 (GOOGLE)
3 67.199.150.85 3257 (GTT-BACKB...)
3 4 185.84.60.21 198622 (ADFORM)
1 182.161.73.146 55569 (CRITEO-AS...)
1 82.145.213.8 39832 (NO-OPERA)
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 54.211.72.252 14618 (AMAZON-AES)
1 1 52.220.229.2 16509 (AMAZON-02)
2 2 35.244.159.8 15169 (GOOGLE)
1 1 13.228.126.19 16509 (AMAZON-02)
1 1 50.116.239.135 6336 (TURN-US-ASN)
2 2 89.207.22.76 399104 (CNVR-APAC)
1 199.232.192.64 ()
2 184.87.193.132 ()
1 54.192.111.108 ()
2 4 18.136.175.78 ()
1 34.242.124.0 ()
337 68
38    203.176.102.69 (Melbourne, Australia)

ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU)
PTR: secure.nextmedia.com.au
www.itnews.com.au
2    142.251.220.200 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s03-in-f8.1e100.net
www.googletagmanager.com
6    142.251.220.170 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s02-in-f10.1e100.net
fonts.googleapis.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    74.125.130.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f95.1e100.net
ajax.googleapis.com
28    104.18.16.195 (None, )

ASN13335 (CLOUDFLARENET, US)
www.dianomi.com
data.dianomi.com
24    203.176.102.67 (Melbourne, Australia)

ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU)
PTR: i.nextmedia.com.au
i.nextmedia.com.au
14    142.251.221.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s03-in-f2.1e100.net
securepubads.g.doubleclick.net
16    142.251.220.195 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s03-in-f3.1e100.net
fonts.gstatic.com
www.google.com.au
5    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
itnewsnext.disqus.com
referrer.disqus.com
2    42.99.140.211 (Central, Hong Kong)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-211.pacnet.net
snap.licdn.com
24    142.251.220.194 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s03-in-f2.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
1    18.161.111.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-43.mrs52.r.cloudfront.net
static.hotjar.com
6    157.240.209.14 (Osaka, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-itm1.fbcdn.net
connect.facebook.net
1    104.18.133.59 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
3    142.251.221.14 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s02-in-f14.1e100.net
www.google-analytics.com
encrypted-tbn2.gstatic.com
1    216.239.38.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net
stats.g.doubleclick.net
7    151.101.128.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
1    104.16.120.190 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    104.18.24.196 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    104.16.140.206 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
9    142.251.220.196 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s03-in-f4.1e100.net
www.google.com
1    54.230.112.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-112-68.mrs52.r.cloudfront.net
cdn.linkedin.oribi.io
9    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    54.192.111.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-111-48.mrs52.r.cloudfront.net
script.hotjar.com
2    142.251.221.38 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s03-in-f6.1e100.net
ad.doubleclick.net
29    18.161.111.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-86.mrs52.r.cloudfront.net
c.disquscdn.com
1    64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net
adservice.google.com
12    142.251.220.161 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s02-in-f1.1e100.net
8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
cdn.ampproject.org
1    104.17.203.204 (None, )

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    23.76.212.194 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-212-194.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.207.190.50 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-190-50.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
ei.rlcdn.com
4    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
5    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
9    54.179.153.107 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-153-107.ap-southeast-1.compute.amazonaws.com
server.prebid.dianomi.com
21    142.251.221.33 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s03-in-f1.1e100.net
tpc.googlesyndication.com
5    142.251.220.130 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s01-in-f2.1e100.net
www.googletagservices.com
3    23.207.189.34 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-189-34.deploy.static.akamaitechnologies.com
a.teads.tv
8    157.240.209.35 (Osaka, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-itm1.facebook.com
www.facebook.com
2    142.251.220.227 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s01-in-f3.1e100.net
www.gstatic.com
1    142.251.221.46 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s03-in-f14.1e100.net
encrypted-tbn0.gstatic.com
11    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    124.146.215.4 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
gdn.socdm.com
1    54.151.187.164 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-187-164.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
2    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
5    23.58.141.50 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-141-50.deploy.static.akamaitechnologies.com
sync.teads.tv
t.teads.tv
5    104.254.148.252 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
ib.adnxs.com
2    23.44.0.196 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-0-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    67.199.150.81 (Singapore)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    3.0.230.151 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-230-151.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
14    67.199.150.86 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
simage2.pubmatic.com
1    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    52.74.22.247 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-22-247.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
1    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
2    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipapac.semasio.net
1    34.83.125.63 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.125.83.34.bc.googleusercontent.com
um.simpli.fi
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
1    199.232.194.49 (United States)

ASN54113 (FASTLY, US)
a.disquscdn.com
2    142.251.220.206 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s03-in-f14.1e100.net
apis.google.com
3    142.251.220.237 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s01-in-f13.1e100.net
accounts.google.com
3    67.199.150.85 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
image4.pubmatic.com
4    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    18.138.18.111 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    54.211.72.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-72-252.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    13.228.126.19 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    89.207.22.76 (Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin01-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
1    199.232.192.64 (None, )

ASN- ()
glitter.services.disqus.com
2    184.87.193.132 (None, )

ASN- ()
ads.stickyadstv.com
1    54.192.111.108 (None, )

ASN- ()
live.rezync.com
4    18.136.175.78 (None, )

ASN- ()
io.narrative.io
1    34.242.124.0 (None, )

ASN- ()
s.cpx.to
Apex Domain
Subdomains		 Transfer
38 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
ad.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
229 KB
38 itnews.com.au
www.itnews.com.au — Cisco Umbrella Rank: 700621
242 KB
37 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 9616
data.dianomi.com — Cisco Umbrella Rank: 10968
server.prebid.dianomi.com — Cisco Umbrella Rank: 19587
60 KB
30 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 4757
a.disquscdn.com — Cisco Umbrella Rank: 13465
504 KB
27 googlesyndication.com
8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
527 KB
24 nextmedia.com.au
i.nextmedia.com.au — Cisco Umbrella Rank: 909222
799 KB
21 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 812
image2.pubmatic.com — Cisco Umbrella Rank: 1036
simage2.pubmatic.com — Cisco Umbrella Rank: 797
simage4.pubmatic.com — Cisco Umbrella Rank: 1338
image4.pubmatic.com — Cisco Umbrella Rank: 1305
30 KB
17 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
384 KB
16 google.com
analytics.google.com — Cisco Umbrella Rank: 235
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 113
apis.google.com — Cisco Umbrella Rank: 195
accounts.google.com — Cisco Umbrella Rank: 67
52 KB
15 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1160
eus.rubiconproject.com — Cisco Umbrella Rank: 616
token.rubiconproject.com — Cisco Umbrella Rank: 652
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1199
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
18 KB
13 disqus.com
itnewsnext.disqus.com
disqus.com — Cisco Umbrella Rank: 1287
glitter.services.disqus.com
referrer.disqus.com
109 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
218 KB
9 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 428
ei.rlcdn.com
1 KB
9 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
www.linkedin.com — Cisco Umbrella Rank: 544
9 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
ajax.googleapis.com — Cisco Umbrella Rank: 433
109 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
391 B
8 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1500
sync.teads.tv — Cisco Umbrella Rank: 1425
t.teads.tv — Cisco Umbrella Rank: 2567
134 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025
s.amazon-adsystem.com — Cisco Umbrella Rank: 333
4 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
460 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 524
1 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 383
3 KB
5 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 469
ib.adnxs.com — Cisco Umbrella Rank: 257
4 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
281 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
3 KB
4 narrative.io
io.narrative.io
1 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
3 KB
4 pippio.com
pippio.com — Cisco Umbrella Rank: 926
4 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1361
uipapac.semasio.net — Cisco Umbrella Rank: 109942
1 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
2 KB
3 google.com.au
www.google.com.au — Cisco Umbrella Rank: 20481
669 B
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
160 KB
2 stickyadstv.com
ads.stickyadstv.com
1 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4489
745 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 496
664 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 955
854 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 796
771 B
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3204
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 422
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1109
gdn.socdm.com — Cisco Umbrella Rank: 87824
2 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6589
970 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 753
script.hotjar.com — Cisco Umbrella Rank: 1081
73 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 914
6 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
170 KB
1 cpx.to
s.cpx.to
945 B
1 rezync.com
live.rezync.com
1 KB
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1067
518 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3655
645 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
928 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 21388
652 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2930
412 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 608
363 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3678
566 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 981
658 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 862
591 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 977
793 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 688
647 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4818
392 B
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3795
1 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031
377 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2425
21 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2438
64 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3599
3 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2680
1 KB
0 a-mo.net Failed
prebid.a-mo.net Failed
337 65
Domain Requested by
38 www.itnews.com.au 9 redirects www.itnews.com.au
29 c.disquscdn.com disqus.com
c.disquscdn.com
itnewsnext.disqus.com
www.itnews.com.au
24 i.nextmedia.com.au www.itnews.com.au
24 www.dianomi.com www.itnews.com.au
www.dianomi.com
data.dianomi.com
21 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
www.itnews.com.au
8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
17 cm.g.doubleclick.net 9 redirects 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
eus.rubiconproject.com
14 securepubads.g.doubleclick.net www.itnews.com.au
www.googletagservices.com
13 fonts.gstatic.com fonts.googleapis.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 server.prebid.dianomi.com 4 redirects www.dianomi.com
ads.pubmatic.com
ads.stickyadstv.com
9 www.google.com 2 redirects www.itnews.com.au
securepubads.g.doubleclick.net
8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
8 simage2.pubmatic.com ads.pubmatic.com
8 www.facebook.com www.itnews.com.au
c.disquscdn.com
8 idsync.rlcdn.com 4 redirects www.dianomi.com
ads.pubmatic.com
www.itnews.com.au
7 px.ads.linkedin.com 4 redirects www.itnews.com.au
eus.rubiconproject.com
7 disqus.com www.itnews.com.au
c.disquscdn.com
6 image2.pubmatic.com ads.pubmatic.com
6 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
6 connect.facebook.net www.itnews.com.au
c.disquscdn.com
connect.facebook.net
6 fonts.googleapis.com www.itnews.com.au
www.dianomi.com
8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
5 pixel.tapad.com 3 redirects ads.pubmatic.com
live.rezync.com
5 match.adsrvr.org 5 redirects
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 www.googletagservices.com securepubads.g.doubleclick.net
8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
5 x.bidswitch.net 5 redirects
4 io.narrative.io 2 redirects www.itnews.com.au
4 c1.adform.net 3 redirects ads.pubmatic.com
4 pagead2.googlesyndication.com 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
www.itnews.com.au
www.googletagservices.com
4 pippio.com 2 redirects c.disquscdn.com
www.itnews.com.au
4 data.dianomi.com www.dianomi.com
data.dianomi.com
eus.rubiconproject.com
4 itnewsnext.disqus.com www.itnews.com.au
3 accounts.google.com apis.google.com
www.itnews.com.au
www.gstatic.com
3 t.teads.tv www.itnews.com.au
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 secure.adnxs.com 3 redirects
3 a.teads.tv securepubads.g.doubleclick.net
www.itnews.com.au
3 www.google.com.au www.itnews.com.au
3 googleads.g.doubleclick.net www.itnews.com.au
3 ajax.googleapis.com www.itnews.com.au
3 cdnjs.cloudflare.com www.itnews.com.au
cdnjs.cloudflare.com
2 ads.stickyadstv.com www.dianomi.com
ads.stickyadstv.com
2 pubmatic-match.dotomi.com 2 redirects
2 us-u.openx.net 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 apis.google.com c.disquscdn.com
apis.google.com
2 uipapac.semasio.net 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 ib.adnxs.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 ads.pubmatic.com www.dianomi.com
ads.pubmatic.com
2 sync.teads.tv 1 redirects 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
2 sync-dsp.ad-m.asia 2 redirects
2 eb2.3lift.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 www.gstatic.com 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
accounts.google.com
2 eus.rubiconproject.com data.dianomi.com
eus.rubiconproject.com
2 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com www.itnews.com.au
2 ad.doubleclick.net 1 redirects www.dianomi.com
2 www.linkedin.com 2 redirects
2 stats.g.doubleclick.net www.googletagmanager.com
www.itnews.com.au
2 www.google-analytics.com www.itnews.com.au
2 snap.licdn.com www.itnews.com.au
2 www.googletagmanager.com www.itnews.com.au
1 ei.rlcdn.com 1 redirects
1 s.cpx.to www.itnews.com.au
1 live.rezync.com c.disquscdn.com
live.rezync.com
1 referrer.disqus.com www.itnews.com.au
1 glitter.services.disqus.com c.disquscdn.com
1 ad.turn.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 t.adx.opera.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 a.disquscdn.com www.itnews.com.au
1 dsp.nrich.ai 1 redirects
1 um.simpli.fi 1 redirects
1 uipglob.semasio.net 1 redirects
1 cms.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 gdn.socdm.com 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
1 tg.socdm.com 1 redirects
1 encrypted-tbn2.gstatic.com 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
1 encrypted-tbn0.gstatic.com 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
1 tags.rd.linksynergy.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 api.hubapi.com www.itnews.com.au
1 adservice.google.com www.itnews.com.au
1 script.hotjar.com www.itnews.com.au
1 cdn.linkedin.oribi.io www.itnews.com.au
1 js.hs-analytics.net www.itnews.com.au
1 js.hs-banner.com www.itnews.com.au
1 js.hsadspixel.net www.itnews.com.au
1 analytics.google.com www.googletagmanager.com
1 js.hs-scripts.com www.itnews.com.au
1 static.hotjar.com www.itnews.com.au
0 prebid.a-mo.net Failed www.dianomi.com
337 104
Subject Issuer Validity Valid
itnews.com.au
R3		 2023-07-03 -
2023-10-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
dianomi.com
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-02		 a year crt.sh
i.nextmedia.com.au
R3		 2023-06-10 -
2023-09-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-21 -
2023-07-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
a.disquscdn.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-10-29		 8 months crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
server.prebid.dianomi.com
Amazon RSA 2048 M01		 2023-04-22 -
2024-05-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-07-11 -
2024-08-11		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-06-20		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-04 -
2023-12-06		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
pippio.com
GTS CA 1D4		 2023-07-13 -
2023-10-11		 3 months crt.sh
*.rezync.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-12-23		 10 months crt.sh

This page contains 42 frames:

Primary Page: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Frame ID: 8F790B4E6F41DB972B634FA07042572C
Requests: 113 HTTP requests in this frame

Frame: https://www.dianomi.com/recirculation.epl?id=119
Frame ID: 3E9449BB885CF502D71D8DE2D41745ED
Requests: 11 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Frame ID: 0EA09D70B650F284D8348F85EEB268AB
Requests: 26 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
Frame ID: C60DDD3F72B25AE71B769381A9B2C786
Requests: 28 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts
Frame ID: 4160EF6F622939B416A8C3BFBF5C9B0E
Requests: 17 HTTP requests in this frame

Frame: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D406903C50CAE4712EBDA5194D40CEF1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Frame ID: EC4446EAA4244BE97428252AF3BC7976
Requests: 12 HTTP requests in this frame

Frame: https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Frame ID: B1A20E6DC1602EBD95A092AF5A46877B
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4f-AECNSheVUS1mZfrIPxWcE6e54CIgZHYuI9dy2awD9Zopg_4xy_DdOrBgHcFzVqxBsMY6LDn6b188HMLdDKBCU3v-18jyU1qoK2niFMe2dXQBKUDET9G0IOkDP_Ay9iXIdI0ThFIR3TQ65P1N47zzB4t9ywXKCzrDNXMOh4fZzoYqylaiLN70SxJAtA7bpXr9MjB3L24SoAdDI3LOesIUz_SPULNpqe4um7bb-ULD2xRqTiD5s1S_oGLY_Q7cSpDLjt0AQ7eeHnwkUKQ1ByYs0O7MWwFCTFMopvU_VYHMD5J_Vm0NhCZoSfBRymWaOyOQg3peLe4ENTIW6xc3RhA61lRi7sbjVs-ARYXg&sai=AMfl-YQ0PoOSMqSeeYjMMK6_y4pbSJa5sVHxpwPI3w59l8GPrbSNJKhRlNb5pIi73s8KMUbHScNBEO9i7dLqodnKMPoUuW6_vgVJbfPKZaNh-LCHERYLzSLfbelkGpf26Y8&sig=Cg0ArKJSzL-XTuL6aql2EAE&uach_m=[UACH]&adurl=
Frame ID: 5E232FBD25B2C98ED6B6FA77C70E911B
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 59D63E011DC42E0C6965D3EE0769E636
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 3CB4E2210D9EC4FA07EAA790FBB4E575
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAvzEF01Ilu8rHqZaV53jrGYOuGHnIY4nA-8-o1iDWh-HtVm5Esxo38s-nlW9RbewGwtdwSN_BYebb7pjUpS9En6GRwie9pesvzjKd6LhI8d6iTbA520o_n6EF0L0Fz-uef3aRf05iQ476HUxfU9-Wff82au4Aobqssq4DxU3MbQ7I_BUKogu4C_RoGSZ_NAEU-EqGA_N0i47CgDM5u9I-sBzcYL1Fc2GLFGJ6i7Hym5O7QYWxcH_bFOs2ZCcj3zFdboNfGRxIl_qXgf_JGMTdSJ2PkScuyRIoJ5Vy0TF0-qmuPOZOXmAZa74IY7JF3lY_AgBOS-M&sai=AMfl-YTxJ9Jy8-BJIRJZh1oBAnUfANkATIzYpFcT2LwTzdZOrKPH_pTjF4OPOULBiYT7OtJ3PiSIU60ts1PROaDaoBpUCDetIbdHAZ3egSxPC87YhMgj9ucdVCnDBebgeKE&sig=Cg0ArKJSzOE6GM_KUwrGEAE&uach_m=[UACH]&adurl=
Frame ID: E48066980CC16459A1F3B87DD43C95F9
Requests: 8 HTTP requests in this frame

Frame: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8461E668508DC2C6399A8EB79D5FD100
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfHaRP6ORxHwu7wpLk36A_ylM9W6c9l0Fqir7VX8hrCcJjHN5TCfsN12f1xPxicO3PQsy2gS1OXzN3ePshrz-v9SSgr_YjUgtZ9ZZfsNVKJre42mwBtVTrkv--ls2LuoFqnYgOirMyxuaT-COZuNhIcd0dJjLIkc7DX_kVPR2LICSX7fl49aIrOh6F64qcge7uiEuIDDMEemTNi_GNlXDMxlr_Gy_ElturxINKgfbMMeRuOKa125M6e64cigbkI57H1oU27NS72hFbHBc_TBahxcMOOVzSdz4GmmrUESFvb-vE5RsHoRIAKOBtcqwEFVoGwul7CvSjcAv7-F9O&sai=AMfl-YQclVpR_prd6LknK591eueSTunwh0qvgvbuxYQy0Zs_C-gspgB2EEbtlPQ4DORmigUuFaaWn0QFy7zxDAeNhTUmoUe7Cg5zEYrWN1sn1c2__llTqd4UfS7rq-wITD4&sig=Cg0ArKJSzJhvCT0yZIMxEAE&uach_m=[UACH]&adurl=
Frame ID: 05880A4BF5583EB500885630C18195E2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_2pt67z22_QfKc0yzIgKMy33W6KRUwC9-pzuYjeBB7vZO-N78BlEjmBRiUspwztAsup4n7FiAUtoQnVCs4GGQoIG7fNIZehIMyI9hk-TamHzEBn5U1gK4Q-1-p9Dm_3IAn34CSoyA_ks_nSHrD7TVo0spOS_VUHknQgqOoB7wo1FvNb5dINoy2S_znPnA8k9158GG13mT0ZUBdg_lqVP_vxUt-eH46B98uwQuacE6dm-WOT3aDXZmWfqsnJxHUUfaQthlt_ureYDtjrs02BRUM9nFgUE1nJQ9eWlzW0J6tB1ZBzO58mjTmubfk0sKeJpsf6vAFw&sai=AMfl-YSi_elp9vv_A-P3i4g1-Vfz3Reo1Mb9hnS1x7e1ERaAn75i5qd8EuHBxxqe6hll-YziDcvjfdauOkeo9x00kSem6s5nd5BeNQ9GYJ5HouOKkFZkC_rB_YoYYQkyFyg&sig=Cg0ArKJSzHtY4ZKVvUlQEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0E24F34562ED33FB1B74CFD270A79F41
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 08D1F60E4354B230851CB45EDDF916B9
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2906FA3A743B1468B6925CEB39373E5D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BFF66B00E4D08F9C244C68F6B8BD7DBF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 515B6C84D1085FB15C694B7E356C2B2A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: BE5FD0199F5745F9E956B7BA982BAE03
Requests: 20 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZK9guAAAAajS2QAN
Frame ID: 69BCBB9C86C51F0B75D7334BE92BB121
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1975180292551097479
Frame ID: 2C99BCDC4EF72C1FC3B61A6CA2988461
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3823821700674007460&gdpr=0&gdpr_consent=
Frame ID: 823E54E016A07A8C08A67B5D9C6F32C2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vtjhHr7c4kCl2LFP7t6tTLzVsR2l1eUd7Nv8UG6g
Frame ID: DB838D919A70CF45D587D16BAF469E9D
Requests: 1 HTTP requests in this frame

Frame: https://server.prebid.dianomi.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
Frame ID: FD961DE179D6EFBD56B2F293CE400D7B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 18309F8009242D5ADD3ED22A30D43F40
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 72717B8D94A8055FD85859E028F1E8F7
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: D27FA0BF3FA2210D75F4E061DB15F1BF
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: BFF00FA0DA173FD3709E68CF1535D2E6
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=
Frame ID: 58E0FBA82756BE57B9D85BE6F58EFF7A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C241A66A6FFF39BE38D46F256CA80EAE
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 7000CDFAE51BA3FFBFA386771C098EBF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=10sk82c0i0nw
Frame ID: EC78B23770A6887C49E1D3AB47A160C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Frame ID: F13BBD87A17BC2D544F359AFDC66CA88
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=126hgrfwl9m9
Frame ID: A03C97FBEA1ACC66CD91DD0339A926C8
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: DF2485CD11D963BF19683E7278BF33F4
Requests: 1 HTTP requests in this frame

Frame: https://server.prebid.dianomi.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
Frame ID: AD978B427B71290571A4085E66FE1997
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7Bviewerid%7D
Frame ID: E86599152AB329683B3EB8AD061C038D
Requests: 1 HTTP requests in this frame

Frame: https://pippio.com/api/sync?pid=1391&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&it=1&iv=c8h6g3vn22rp62v
Frame ID: CA350074958CD3168C9BB089BC641CA2
Requests: 4 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c8h6g3vn22rp62v&pctry=US&referrer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cache_buster=0.216169674558
Frame ID: DCD8A9AD16956B6889EAEB0B14DB28BA
Requests: 4 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?pbs=true
Frame ID: 6A093415140E37263E76B15CD64A7B2C
Requests: 1 HTTP requests in this frame

Frame: https://server.prebid.dianomi.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=40c945fda4df3ef37d42f69aa5b65b5
Frame ID: E314EC904E6ADD13260A9D9AC389AE21
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hackers accessed US gov Exchange Online email accounts - Security - iTnews

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

337
Requests

83 %
HTTPS

0 %
IPv6

65
Domains

104
Subdomains

68
IPs

10
Countries

4684 kB
Transfer

10936 kB
Size

104
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.itnews.com.au/Images/mobile-share-twitter.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-twitter.png
Request Chain 21
  • https://www.itnews.com.au/Images/mobile-share-facebook.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-facebook.png
Request Chain 22
  • https://www.itnews.com.au/Images/mobile-share-linkedin.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-linkedin.png
Request Chain 23
  • https://www.itnews.com.au/Images/mobile-share-whatsapp.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-whatsapp.png
Request Chain 24
  • https://www.itnews.com.au/Images/mobile-share-email.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-email.png
Request Chain 55
  • https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png HTTP 301
  • https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
Request Chain 56
  • https://www.itnews.com.au/Images/itnews-logo-white.png HTTP 301
  • https://www.itnews.com.au/images/itnews-logo-white.png
Request Chain 57
  • https://www.itnews.com.au/Images/search-icon.png HTTP 301
  • https://www.itnews.com.au/images/search-icon.png
Request Chain 58
  • https://www.itnews.com.au/Images/bullet.png HTTP 301
  • https://www.itnews.com.au/images/bullet.png
Request Chain 104
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155275&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155275&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1689215155275%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fhackers-accessed-us-gov-exchange-online-email-accounts-597920%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155275&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cookiesTest=true&liSync=true
Request Chain 117
  • https://ad.doubleclick.net/ddm/trackimp/N6540.576592DIANOMIINC./B29802947.365379550;dc_trk_aid=556525325;dc_trk_cid=192537265;ord=1689215155;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N6540.576592DIANOMIINC./B29802947.365379550;dc_pre=CM-m9OrQioADFSiFZgIdUNMH9A;dc_trk_aid=556525325;dc_trk_cid=192537265;ord=1689215155;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1
Request Chain 122
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155873&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155873&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1689215155873%26conversionId%3D10367540%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fhackers-accessed-us-gov-exchange-online-email-accounts-597920%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155873&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cookiesTest=true&liSync=true
Request Chain 136
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Request Chain 139
  • https://idsync.rlcdn.com/425276.gif?partner_uid=8ad8b96d7a82769de74b6e36194d452b HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CLz6GRIsCigIARDX7wEaIDhhZDhiOTZkN2E4Mjc2OWRlNzRiNmUzNjE5NGQ0NTJiEAAaDQi0wb2lBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0a6eb4bb73308ffdfd4f49aa21f7080bc6e1f0a41bf9b41068cb8c426cbf06dc791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwYTZlYjRiYjczMzA4ZmZkZmQ0ZjQ5YWEyMWY3MDgwYmM2ZTFmMGE0MWJmOWI0MTA2OGNiOGM0MjZjYmYwNmRjNzkxNDI2YjU0MTdkY2UyMRAAGgwItcG9pQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwYTZlYjRiYjczMzA4ZmZkZmQ0ZjQ5YWEyMWY3MDgwYmM2ZTFmMGE0MWJmOWI0MTA2OGNiOGM0MjZjYmYwNmRjNzkxNDI2YjU0MTdkY2UyMRAAGgwItcG9pQYSBAgCEABCAEoA&google_gid=CAESEBfGJw0U0qGwS6FgGVbS35I&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=07a96e76-db06-4797-9a7c-8ede50b131a8
Request Chain 140
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
  • https://data.dianomi.com/frontend/bidswitch?uid=43fc00e5-1d60-4e17-b913-00045c750241&cookie_age=1
Request Chain 193
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://server.prebid.dianomi.com//setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=43fc00e5-1d60-4e17-b913-00045c750241 HTTP 301
  • https://server.prebid.dianomi.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=43fc00e5-1d60-4e17-b913-00045c750241
Request Chain 210
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCgufyWWxDoBxjoBzIIT2vRNzt0_XQ HTTP 301
  • https://tpc.googlesyndication.com/simgad/17210078844069090664
Request Chain 213
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEF6KOYqlHfRQoSxkk2AJVgU&google_cver=1&google_push=AaAOQGGhQtOKyIrUPrOpAvKosHzOsrnbGbSkNSadfVgXUklYVIKIP_TK4MfzVKJTIdd5WLX6aShzg2lV-j-pcFTR-_Moo3qv5nmDTIHSVRdCBDY-QNGhHtnWp02XJ3OSw261XK8FXxKoKGZQg6BnfNbrPw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGGhQtOKyIrUPrOpAvKosHzOsrnbGbSkNSadfVgXUklYVIKIP_TK4MfzVKJTIdd5WLX6aShzg2lV-j-pcFTR-_Moo3qv5nmDTIHSVRdCBDY-QNGhHtnWp02XJ3OSw261XK8FXxKoKGZQg6BnfNbrPw&google_hm=KC7xstdfRgqYHXm2-I0T36E
Request Chain 214
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEOp1yCs2PL-hEsogm4mdAlM&google_cver=1&google_push=AaAOQGHjKp2PAZhZln51a1Ud8Au226d5MIFnlzsgkh-Y5C8zNLzmIEDzd0CQsJC2HOm1gutPycDJu6032OfOhx8T5OxA56eBQ1Jzjp4CEliZv2v5vf67-RvRGLUz_UvcEAfHMYjR8cIPJNY9ZfELuO7Itko HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=Wks5Z3RzQ281dVlBQUpwWmpKNEFBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOp1yCs2PL-hEsogm4mdAlM&google_cver=1
Request Chain 215
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOWBkhJMvR4slBLgOKBMo50&google_cver=1&google_push=AaAOQGHhQhMouLF2_L5OVJFef8EHu0WdeYHTP1IuIAgz2pV1G2h4MpBn9AmlIpW975b8ZaM6TZL6Dp36obqQcetKS9qz9YgcLGs1EEr9Rh6Ww0F-xXH9-fUekmdP8zXNo6CmfxZhXy4XjUfZtqTvsqtuS2o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGHhQhMouLF2_L5OVJFef8EHu0WdeYHTP1IuIAgz2pV1G2h4MpBn9AmlIpW975b8ZaM6TZL6Dp36obqQcetKS9qz9YgcLGs1EEr9Rh6Ww0F-xXH9-fUekmdP8zXNo6CmfxZhXy4XjUfZtqTvsqtuS2o&google_hm=Z2FjZTE5MDI0ZTRmMzJkYWUwOGU=
Request Chain 216
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOJ76XJwhBwVUFNju0e5DSs&google_cver=1&google_push=AaAOQGEUK9y-URJFzoxB-mCSiurPqN5v3KQRy3UP3T56BdUizhDjltoPCLyt4CBIDbbsGZugpM-4Njf8xHCJYHYcj_jEzkiukJwFpfXDNxJ45d7VP8G3GZj40X8BCT9ZCdyTrnxdmXMgYCKnbpemUxhxeXo HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGEUK9y-URJFzoxB-mCSiurPqN5v3KQRy3UP3T56BdUizhDjltoPCLyt4CBIDbbsGZugpM-4Njf8xHCJYHYcj_jEzkiukJwFpfXDNxJ45d7VP8G3GZj40X8BCT9ZCdyTrnxdmXMgYCKnbpemUxhxeXo&google_gid=CAESEOJ76XJwhBwVUFNju0e5DSs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDU1ODk1OTE0MzY1Mjk0MDgyNjc1Mw%3D%3D&google_push=AaAOQGEUK9y-URJFzoxB-mCSiurPqN5v3KQRy3UP3T56BdUizhDjltoPCLyt4CBIDbbsGZugpM-4Njf8xHCJYHYcj_jEzkiukJwFpfXDNxJ45d7VP8G3GZj40X8BCT9ZCdyTrnxdmXMgYCKnbpemUxhxeXo
Request Chain 217
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEESASaTxSgdPnMkRQ3LdhB8&google_cver=1&google_push=AaAOQGFngp-mnyjU4TJQ62v_vhYf7SLFdfCXKY4g07H0DLirPFXBGY8s_da2v41sMvvI7Nb07ktVF8fb3jiCudndL4VAAV6iOL4P7wfnZAMa3_uuE7ZUO8et9XLgNTTDcVYmU78pfqWHdiM2Ex-pjCTHRm0 HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEESASaTxSgdPnMkRQ3LdhB8&google_cver=1&google_push=AaAOQGFngp-mnyjU4TJQ62v_vhYf7SLFdfCXKY4g07H0DLirPFXBGY8s_da2v41sMvvI7Nb07ktVF8fb3jiCudndL4VAAV6iOL4P7wfnZAMa3_uuE7ZUO8et9XLgNTTDcVYmU78pfqWHdiM2Ex-pjCTHRm0&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AaAOQGFngp-mnyjU4TJQ62v_vhYf7SLFdfCXKY4g07H0DLirPFXBGY8s_da2v41sMvvI7Nb07ktVF8fb3jiCudndL4VAAV6iOL4P7wfnZAMa3_uuE7ZUO8et9XLgNTTDcVYmU78pfqWHdiM2Ex-pjCTHRm0&google_hm=MWQxazk4VzdnZTA=&suid-set=1
Request Chain 218
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBHbqB1q9nVia2W0BKjpWgA&google_cver=1&google_push=AaAOQGEKrZFNJub7BzhkPyVLiAYubZRTZLoEGYaruLFuqkIsNZpsvff05eNx7Y8prtSmiVlLxVwKDL6ExlUaFMrUnurUJ2rt5Kqeq11Jo3HB9rQNOApoCxPeDD9Hw9wQJeMQiOHSXFwPW_ipGITMML-av3bs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=Y2NjYWVkYzgtMDc1Ni00NjNkLThjOGYtYzI4ZGZkNjZiNDQ1&google_push=AaAOQGEKrZFNJub7BzhkPyVLiAYubZRTZLoEGYaruLFuqkIsNZpsvff05eNx7Y8prtSmiVlLxVwKDL6ExlUaFMrUnurUJ2rt5Kqeq11Jo3HB9rQNOApoCxPeDD9Hw9wQJeMQiOHSXFwPW_ipGITMML-av3bs HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 219
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKluUWif99bteJ5HbzGW9yI&google_cver=1&google_push=AaAOQGGHrdpkSkl3j5tlMFqQ_HPBEUS1RSpKJpfUyojR7FC8l5_7nfuSSIBhkzFwu4L11ZWP4659hTpPrV2FSjgZScSp4OZpIvzumpzGUdmxCsHtyRZUXuGpfkVNFiPgyf5tEeWNskl1xyG5cKJccq8EHYQ HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKluUWif99bteJ5HbzGW9yI%26google_cver%3D1%26google_push%3DAaAOQGGHrdpkSkl3j5tlMFqQ_HPBEUS1RSpKJpfUyojR7FC8l5_7nfuSSIBhkzFwu4L11ZWP4659hTpPrV2FSjgZScSp4OZpIvzumpzGUdmxCsHtyRZUXuGpfkVNFiPgyf5tEeWNskl1xyG5cKJccq8EHYQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzgyMzgyMTcwMDY3NDAwNzQ2MA%3D%3D&google_gid=CAESEKluUWif99bteJ5HbzGW9yI&google_cver=1&google_push=AaAOQGGHrdpkSkl3j5tlMFqQ_HPBEUS1RSpKJpfUyojR7FC8l5_7nfuSSIBhkzFwu4L11ZWP4659hTpPrV2FSjgZScSp4OZpIvzumpzGUdmxCsHtyRZUXuGpfkVNFiPgyf5tEeWNskl1xyG5cKJccq8EHYQ
Request Chain 227
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 228
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&gdpr=0&gdpr_consent=&gdpr=0&khaos=LK0J3ABN-13-6QK4 HTTP 302
  • https://data.dianomi.com/frontend/rubicon?uid=LK0J3ABN-13-6QK4&gdpr=0
Request Chain 230
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hidDeiinSm2OtK9BPzMOnA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hidDeiinSm2OtK9BPzMOnA&gdpr=0
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEK3t-m9hmZjhfymjEkKc4Q&google_cver=1
Request Chain 232
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEswSjNBQk4tMTMtNlFLNA==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOkSLQYO_bPE94XVjt6WfIE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEswSjNBQk4tMTMtNlFLNA==&google_push=&gdpr=0
Request Chain 233
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK0J3ABN-13-6QK4&gdpr=0
Request Chain 234
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gJnW9tciXX_Vpg_uWmejhsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kr9fXm1E2oIDX7w3ZixQjgTocAaV8b0avLiH1w--~A
Request Chain 235
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3c40cee6-4e35-43bd-b495-fd9a75e77239&gdpr=0&gdpr_consent=&expires=30
Request Chain 236
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tyEBOaUoSmmNmHIZWoBQng&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tyEBOaUoSmmNmHIZWoBQng&gdpr=0
Request Chain 237
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUxMDE3OGZkY2UwYTY0M2VhYTQwY2E2YWI4YTkyYzc3MmRmMTRiNA&gdpr=0
Request Chain 238
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 254
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZK9guAAAAajS2QAN
Request Chain 255
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1975180292551097479
Request Chain 256
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3823821700674007460&gdpr=0&gdpr_consent=
Request Chain 257
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vtjhHr7c4kCl2LFP7t6tTLzVsR2l1eUd7Nv8UG6g
Request Chain 258
  • https://server.prebid.dianomi.com//setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE HTTP 301
  • https://server.prebid.dianomi.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qw7LJGNLTi27kQiHQdaX7g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 260
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=430ECB24-634B-4E2D-BB91-088741D697EE HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=430ECB24-634B-4E2D-BB91-088741D697EE HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0672bcb1-4f0d-4b3a-934a-a9b93b24c498%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3c40cee6-4e35-43bd-b495-fd9a75e77239&ttd_puid=0672bcb1-4f0d-4b3a-934a-a9b93b24c498%2C%2C
Request Chain 261
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=&ct=y
Request Chain 262
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=430ECB24-634B-4E2D-BB91-088741D697EE&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipapac.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=430ECB24-634B-4E2D-BB91-088741D697EE&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=430ECB24-634B-4E2D-BB91-088741D697EE&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDMwRUNCMjQtNjM0Qi00RTJELUJCOTEtMDg4NzQxRDY5N0VF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENsHYyNd3czoSvlxkUBAyQ4&google_cver=1
Request Chain 265
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C9ABB08526444626B8DEF3E3B60F5767
Request Chain 267
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c40cee6-4e35-43bd-b495-fd9a75e77239&gdpr=0&gdpr_consent=
Request Chain 268
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=43fc00e5-1d60-4e17-b913-00045c750241&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=0c902cd2-2323-4ac3-98f4-7e69ccf5eb62&expires=1&user_group=5&ssp=pubmatic&bsw_param=43fc00e5-1d60-4e17-b913-00045c750241&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43fc00e5-1d60-4e17-b913-00045c750241&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 309
  • https://c1.adform.net/serving/cookie/match?party=14&cid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=
Request Chain 312
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=10sk82c0i0nw
Request Chain 313
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Request Chain 314
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=126hgrfwl9m9
Request Chain 316
  • https://server.prebid.dianomi.com//setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE HTTP 301
  • https://server.prebid.dianomi.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
Request Chain 317
  • https://idsync.rlcdn.com/420486.gif?partner_uid=430ECB24-634B-4E2D-BB91-088741D697EE HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=721c8656-76d1-469d-aec8-8610ef12a6a3
Request Chain 318
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=430ECB24-634B-4E2D-BB91-088741D697EE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7pyMWEhE2uWjAhvZdzuyNOZUlcKJlWY-~A&gdpr=0
Request Chain 319
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4459734289226203822
Request Chain 320
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2366828543354711301&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 321
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=796b34cb9ba1207c&is_secure=true&networkId=17100&version=1&nuid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRVWzGjDFRwM0U1VcAAAAAAA&expiration=1689301563&nuid=430ECB24-634B-4E2D-BB91-088741D697EE&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 330
  • https://io.narrative.io/?companyId=1952&id=disqus_id%3Ac8h6g3vn22rp62v&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.546469501838 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=9dd81f31-2124-11ee-9c84-0a2d04f6ac5a&companyId=1952&id=disqus_id%3Ac8h6g3vn22rp62v&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.546469501838
Request Chain 331
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac8h6g3vn22rp62v&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=9dd84640-2124-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Ac8h6g3vn22rp62v&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920
Request Chain 332
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D12037%26url%3Dhttp%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fhackers-accessed-us-gov-exchange-online-email-accounts-597920%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=&pid=12037&url=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&adnxs_uid=3823821700674007460
Request Chain 334
  • https://idsync.rlcdn.com/462246.gif?partner_uid=c8h6g3vn22rp62v HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESENYO1apUtbHyDd9BJsBRpcM&google_cver=1
Request Chain 335
  • https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=1017&cparams=placement%3D1391 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=3c40cee6-4e35-43bd-b495-fd9a75e77239
Request Chain 337
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID%26cache_buster%3D1689215164.8959842 HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=3823821700674007460&cache_buster=1689215164.8959842 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7f66615b-b8bc-4d02-8ca0-d6a3b1d45f7a%3A1689215164.8956895&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc8h6g3vn22rp62v%26_%3D1689215165.6105895&cb=1689215165.6106277 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975180292551097479&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc8h6g3vn22rp62v%26_%3D1689215165.6105895
Request Chain 338
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7f66615b-b8bc-4d02-8ca0-d6a3b1d45f7a%3A1689215164.8956895&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D&cb=1689215164.8960366 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975180292551097479&referrer={encSite}&forward=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D1975180292551097479 HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1975180292551097479
Request Chain 339
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=7f66615b-b8bc-4d02-8ca0-d6a3b1d45f7a%3A1689215164.8956895 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D0672bcb1-4f0d-4b3a-934a-a9b93b24c498%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3823821700674007460&pt=0672bcb1-4f0d-4b3a-934a-a9b93b24c498%2C%2C
Request Chain 341
  • https://server.prebid.dianomi.com//setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=40c945fda4df3ef37d42f69aa5b65b5 HTTP 301
  • https://server.prebid.dianomi.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=40c945fda4df3ef37d42f69aa5b65b5

337 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hackers-accessed-us-gov-exchange-online-email-accounts-597920
www.itnews.com.au/news/ 		109 KB
109 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
efcc8d29dd597ccaf9540e6bbcf643ce23ddb934e141ebe467a682c3c0fe87af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private
content-length
111632
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 02:25:51 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-ua-compatible
IE=edge,chrome=1
gtm.js
www.googletagmanager.com/ 		239 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
aee2c3260a27599a953dfbd62df249aeeda8c0462119d6a1ffd2f7b2eeafa722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85900
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 00:14:02 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jul 2023 02:25:53 GMT
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f10.1e100.net
Software
ESF /
Resource Hash
3c27abdcf0237d7192356b65997d97fd5b102087afdc0349da00f215290f7e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jul 2023 02:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 02:20:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jul 2023 02:25:53 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/ 		56 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3aaf4eb43762eb0a12cb6f9ce8c1743bdbf88a28d8b0fe5026ca098713193fa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itnews.com.au/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5439035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10101
last-modified
Fri, 29 May 2020 16:00:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed131a1-df5e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmpkkFRWJa6CilnX%2Fo8YYrRUamOnkZJ%2FOFq40cfynAd%2BcYgmQ5bpEDfQfjSNwMPCj6nVyaRHXKTXWZ4ZdOTuzFNVtdBsGBppTyZ0RudemXUTGvICZ6iYHrV8PEC80pXzc0qclz05"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e5e13f48841a829-SYD
expires
Tue, 02 Jul 2024 02:25:53 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
sffe /
Resource Hash
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 11:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8060
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 11:52:42 GMT
css_91b5e77a73edffb31b8f4a8e226472df.css
www.itnews.com.au/styles/ 		250 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c6867aca736aa20e0d5898a29c3c57eaf0a14bd0957b836bd56655813f6e6d81

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:51 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 02:10:33 GMT
server
Microsoft-IIS/10.0
etag
W/"80b251342fb5d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
38907
x-ua-compatible
IE=edge,chrome=1
itnews-logo-sticky.png
www.itnews.com.au/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/itnews-logo-sticky.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef3254fb269f0a2b07dea6c4cf9af3276e2e402426a65dc74f22db7c84b91e6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"3277826689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3919
x-ua-compatible
IE=edge,chrome=1
itnews-logo-white.png
www.itnews.com.au/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/itnews-logo-white.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"d7d9846689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3959
x-ua-compatible
IE=edge,chrome=1
recirculation.epl
www.dianomi.com/ Frame 3E94 		2 KB
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/recirculation.epl?id=119
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d05711b652dedd2e80f89378c53be790aae5d47a0f20c0aa2e60b0a0fe81d75d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7e5e13f4082aa7fc-SYD
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 02:25:53 GMT
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
smartads.epl
www.dianomi.com/ Frame 0EA0 		554 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smartads.epl?id=5141
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2cd3a4648d10ee850a3dfac3f8333bf219b896d4636b98581b03ae028a2d7ba
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7e5e13f4082ca7fc-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 02:25:53 GMT
expires
now
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2f2023-07-12T120337Z_1_LYNXMPEJ6B0HW_RTROPTP_4_USA-CHINA-CYBER.JPG&w=350&c=0&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c3648f91add8ca17a1a2e441388efa5ff05ee119af56242280232d2dc57fe424

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="0_0_350_1_70_/News/2023-07-12T120337Z_1_LYNXMPEJ6B0HW_RTROPTP_4_USA-CHINA-CYBER.JPG"
content-length
18266
expires
Sun, 16 Jul 2023 02:25:52 GMT
reuters-logo.png
i.nextmedia.com.au/Assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Assets/reuters-logo.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
df63f3b653e0c0b0e149a3bc9f02d1bf91cc49277e8ee1d7b5ca1eb34cf1c385

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Fri, 26 Mar 2021 07:05:37 GMT
server
Microsoft-IIS/10.0
etag
"a51d776ce22d71:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
4638
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fmirror.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d18b31836899c0982fb6e75700df8ebd702991867e56f3a2c3fb6300ccdbe827

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Features/mirror.png"
content-length
98517
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fnextpacific_Seamless_integration_and_data_sharing_Illustrate_th_12ae4b90-f991-4f59-856c-b25071d238da.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c30c76b3c4eed6bdb072dc65b88c236b74857eeacf6cab3cdc6321520e81aec1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Features/nextpacific_Seamless_integration_and_data_sharing_Illustrate_th_12ae4b90-f991-4f59-856c-b25071d238da.png"
content-length
96794
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fMicrosoftTeams-image_(36).png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ddd688ac9e3605353e4074cbf4e279c64cdad99cba7179240a8959953988551

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Features/MicrosoftTeams-image_(36).png"
content-length
94105
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fHealthcare_pic1.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26637af34ec0692f2b37fbb63d47f0a81ae417e4db5093a1b41913f7e9fb9adb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Videos/Healthcare_pic1.jpg"
content-length
4672
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fRapid7_CloudSecurityBuyersGuide.JPG&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
138fcb54e22d1d45c68f04bdcf8048f3f3618938f010f1ea25444f4d9039738a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/Rapid7_CloudSecurityBuyersGuide.JPG"
content-length
3206
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fRapid7_MDRBuyersGuide.JPG&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dd2a471c9a244edb79af3354718c3968e1f56bcf8b82b6bab20da6aaa971fa3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/Rapid7_MDRBuyersGuide.JPG"
content-length
1742
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fRespondingtoindustrtrendsv3.JPG&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f4d604fe204e8c17b5ffdf044029eee5cbe2ef755af9d7a65aa3182f1d694f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/Respondingtoindustrtrendsv3.JPG"
content-length
2437
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fokta_the_future.png&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff0802dba344edbb3666900f129464ec7cf8f2602e5c32cf2e1ae558d8f78031

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/okta_the_future.png"
content-length
17938
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fsecure_public.png&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cf41c1e9db34748faae7384e86cb0af5bba860e20be40185b5148e6e1e8350d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/secure_public.png"
content-length
29431
expires
Sun, 16 Jul 2023 02:25:52 GMT
mobile-share-twitter.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-twitter.png
  • https://www.itnews.com.au/images/mobile-share-twitter.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/mobile-share-twitter.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
97b4d3aa4022178cfff4362771fab9d523eb8614d8425c9cb4c10690802635f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"62ed926689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2448
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-twitter.png
date
Thu, 13 Jul 2023 02:25:52 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
180
x-ua-compatible
IE=edge,chrome=1
mobile-share-facebook.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-facebook.png
  • https://www.itnews.com.au/images/mobile-share-facebook.png
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/mobile-share-facebook.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3d16b1b85d27a1023b45c661db7103c81076f748e5f6087fe98fae3c3d12de4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"c27c8b6689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
1432
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-facebook.png
date
Thu, 13 Jul 2023 02:25:52 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
181
x-ua-compatible
IE=edge,chrome=1
mobile-share-linkedin.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-linkedin.png
  • https://www.itnews.com.au/images/mobile-share-linkedin.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/mobile-share-linkedin.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
447c44ae9488b24394843e6d134b2976abff7a1690baf2a496674d8b2f7e65fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"b8808a6689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
1733
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-linkedin.png
date
Thu, 13 Jul 2023 02:25:52 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
181
x-ua-compatible
IE=edge,chrome=1
mobile-share-whatsapp.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-whatsapp.png
  • https://www.itnews.com.au/images/mobile-share-whatsapp.png
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/mobile-share-whatsapp.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
309e0d26a2af6e201832b611ddcad3c2d7b33a5ebc17fe4cbc8185d4251da38f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"ea11946689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3541
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-whatsapp.png
date
Thu, 13 Jul 2023 02:25:52 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
181
x-ua-compatible
IE=edge,chrome=1
mobile-share-email.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-email.png
  • https://www.itnews.com.au/images/mobile-share-email.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/mobile-share-email.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2790a4e3cf07505b8a04d30e535c033506def2e29f5f9410d3b866876138f7f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"9798b6689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2375
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-email.png
date
Thu, 13 Jul 2023 02:25:52 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
178
x-ua-compatible
IE=edge,chrome=1
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fventia1.png&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6606ef45f5621f9d044b82f0be880f30a509b38c1222073ebbe1ce8efe4375b8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/ventia1.png"
content-length
138732
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2flegal_tech_lawyers.jpg&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8e1e6ff43c2eebee4be9c27220f2e9efc27495ae0ce01cdd42e8df0f3167a7d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/legal_tech_lawyers.jpg"
content-length
24289
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fdigital_banking.jpg&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a98698c2af0d35517bd499744ffa14938f9a9d23101a72864a4acad8ddc6481e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/digital_banking.jpg"
content-length
15949
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fNo_Yes_No_Ok_Maybe.jpg&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
09f199b2a45feef43499e46f1b665052b016afa8e93e8dc16a68e2573b058d00

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/No_Yes_No_Ok_Maybe.jpg"
content-length
17364
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2ffive_stars.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e40f7697b20640b631fcc4997de3bbf0841ff4ceda0ed69cf26273ee8c5cca9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/five_stars.jpg"
content-length
2875
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fai_regulation_.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6a3fa85b2d0ef49b17838d809b041ed6df15ccd0d8e3e355080c93ae7fd08eb4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Videos/ai_regulation_.png"
content-length
91499
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fartificial_intelligence.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5153c665981db6dd56da1a567ed2c4490f3c9d596697ee0e4b54eed44559a259

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/artificial_intelligence.jpg"
content-length
4297
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2febay.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2400d3387bcafd3e275084c1f236b9101cb78514a08fd936a0e9266bb51d4d45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/ebay.jpg"
content-length
5370
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fKismet___team_portraitUSE.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
52356fa79424f57d02bf8363483b11939217d604cbd2a08ed29a06b4c1130546

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/Kismet___team_portraitUSE.jpg"
content-length
7994
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fai_regulation_.png&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f69be5262368d3f2867e8eb970af522086d8268830a31e8b0dc17eb311550d10

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/Videos/ai_regulation_.png"
content-length
81640
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fventia1.png&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
87a21a2adb23438f6d6c43cb2b31bc4548c8a77de408f507b9e92c26fc3b1ffa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/News/ventia1.png"
content-length
45134
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fright_to_repair_TCO.jpg&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
348575019698802bed3c19f74802f98acbe55d352c5cf08996d43af5bc6d5536

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/Features/right_to_repair_TCO.jpg"
content-length
3021
expires
Sun, 16 Jul 2023 02:25:52 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fGalleries%2fiot_awards_2023_thumb_v2.jpg&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f33dfe69dd9091f9050d5bbe9c13de44844ed7e0aa14f775cbad8882b47ab0a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/Galleries/iot_awards_2023_thumb_v2.jpg"
content-length
4829
expires
Sun, 16 Jul 2023 02:25:52 GMT
logo_nextmedia.png
www.itnews.com.au/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/logo_nextmedia.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7a695284914af87ab17ff6436de3630cf1bb412dc1d069ab019158d322b5cb03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"f33b876689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3458
x-ua-compatible
IE=edge,chrome=1
interactive-logo.png
www.itnews.com.au/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/interactive-logo.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
51b6929224317237d4e3c7b597a4e20c75ada03b4b2fba2598713033f657e12a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"15ee786689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2819
x-ua-compatible
IE=edge,chrome=1
t.ashx
www.itnews.com.au/ 		70 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/t.ashx?u=&c=597920&s=3&r=&n=%2fnews%2fArticle.aspx&q=id%3d597920
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ua-compatible
IE=edge,chrome=1
pragma
no-cache
date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
no-cache
content-length
70
expires
-1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 11:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33495
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 11:58:00 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 		235 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
sffe /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64481
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 12:02:48 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
0564b0ad086560c94ffe50ea544ee947b6a65bb2ffbacdc2ba44bbe67c9e1cfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27711
x-xss-protection
0
server
cafe
etag
302 / 19551 / 31076084 / config-hash: 4877963498455744203
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 02:25:54 GMT
gdpr.js
www.itnews.com.au/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/scripts/gdpr.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
683add284044c8b01d05f02366eb61327b1b34df5ca8c5425ecf8b7741f3d0ef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:51 GMT
content-encoding
gzip
last-modified
Wed, 14 Jun 2023 02:29:23 GMT
server
Microsoft-IIS/10.0
etag
"8043df7689ed91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1378
x-ua-compatible
IE=edge,chrome=1
itn_70b3e44bf9dcb3d4312af011fa497f76.js
www.itnews.com.au/scripts/ 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/scripts/itn_70b3e44bf9dcb3d4312af011fa497f76.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5c9402a166e7155802c5801bb78b4951ef1288d00f38b190cdd4fc4dd839e009

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:51 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2023 02:10:33 GMT
server
Microsoft-IIS/10.0
etag
W/"80b251342fb5d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
42502
x-ua-compatible
IE=edge,chrome=1
17.css
www.dianomi.com/img/a/pss/2818/ Frame 3E94 		2 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/2818/17.css
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:53 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
828979
cf-polished
origSize=2720
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 09 May 2023 08:00:28 GMT
server
cloudflare
etag
W/"aa0-5fb3e260f6300"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7e5e13f62abda7fc-SYD
expires
Sat, 12 Aug 2023 12:25:53 GMT
100x70.jpg
www.dianomi.com/img/a/url/693584217/1/ Frame 3E94 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/url/693584217/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
756aaadc242f919daec07aa78070c5ac5418b3bd7547025676657817674f6cfd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:53 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
828299
cf-polished
status=not_needed
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Sun, 25 Jun 2023 05:25:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
true
cf-ray
7e5e13f63ac3a7fc-SYD
expires
Thu, 20 Jul 2023 02:25:53 GMT
100x70.jpg
www.dianomi.com/img/a/url/722007919/1/ Frame 3E94 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/url/722007919/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d4878bb1f094d91f937c1cb2ba26a3a730e1d371efdea91bb0cdc3865bd632c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:53 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
98333
cf-polished
qual=85, origFmt=jpeg, origSize=3591
content-disposition
inline; filename="100x70.webp"
content-length
2530
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jul 2023 22:46:28 GMT
server
cloudflare
etag
"e07-6003ddea43b30"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e5e13f63ac6a7fc-SYD
expires
Sat, 12 Aug 2023 12:25:53 GMT
100x70.jpg
www.dianomi.com/img/a/url/722009312/1/ Frame 3E94 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/url/722009312/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b62d30017d03af14b9f6e28b5194b07f24927a8bee03e7efd352641ceba8fe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:53 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
95904
cf-polished
origSize=2145, status=webp_bigger
content-length
2028
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jul 2023 22:41:26 GMT
server
cloudflare
etag
"861-6003dcca6bb60"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e5e13f63ac8a7fc-SYD
expires
Sat, 12 Aug 2023 12:25:53 GMT
100x70.jpg
www.dianomi.com/img/a/url/693642693/1/ Frame 3E94 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/url/693642693/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f54abae7d5b15807a28bcabc4d23bfb84eedde9e04bbbdf8eb82834a5f1ceb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:53 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
826846
cf-polished
degrade=85, origSize=10254, status=webp_bigger
content-length
2842
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 10:27:21 GMT
server
cloudflare
etag
"280e-5f8e4b41eddf8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e5e13f63acca7fc-SYD
expires
Sat, 12 Aug 2023 12:25:53 GMT
100x70.jpg
www.dianomi.com/img/a/url/696656411/1/ Frame 3E94 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/url/696656411/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f41b0b7c6688be31ff49f7eadeba7b02e4879bec8a90aa0660543d0722e230
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:53 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
54978
cf-polished
qual=85, origFmt=jpeg, origSize=6703
content-disposition
inline; filename="100x70.webp"
content-length
3638
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Sat, 22 Apr 2023 21:56:26 GMT
server
cloudflare
etag
"1a2f-5f9f3d8628650"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e5e13f63acfa7fc-SYD
expires
Sat, 12 Aug 2023 12:25:53 GMT
css
fonts.googleapis.com/ Frame 3E94 		4 KB
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f10.1e100.net
Software
ESF /
Resource Hash
0e00e4ee9c109fdd3c08db4702bb64ada5419c2e47fc3259903df28e22b78e97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jul 2023 02:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 02:02:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jul 2023 02:25:53 GMT
css
fonts.googleapis.com/ Frame 3E94 		2 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f10.1e100.net
Software
ESF /
Resource Hash
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jul 2023 02:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 00:29:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jul 2023 02:25:53 GMT
tcfredirector.js
www.dianomi.com/js/contextfeed/ Frame 0EA0 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed/tcfredirector.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05f65b86de1b8b41b8b416e9b3563f41e208dad634932c271cce8d666a5d3bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:54 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 22 Jun 2023 15:41:27 GMT
server
cloudflare
etag
W/"c3f7-5feb9b7b19a20"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7e5e13f71c06a7fc-SYD
expires
Thu, 13 Jul 2023 02:27:54 GMT
breaking-news-header-bkg-40.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png
  • https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
33e6197168e000ef71ef56ae5fad7bc04c9c939dc33d34136d73d31676d1d507

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"94995e6689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2338
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
date
Thu, 13 Jul 2023 02:25:52 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
187
x-ua-compatible
IE=edge,chrome=1
itnews-logo-white.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/itnews-logo-white.png
  • https://www.itnews.com.au/images/itnews-logo-white.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/itnews-logo-white.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"d7d9846689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3959
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/itnews-logo-white.png
date
Thu, 13 Jul 2023 02:25:52 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
177
x-ua-compatible
IE=edge,chrome=1
search-icon.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/search-icon.png
  • https://www.itnews.com.au/images/search-icon.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/search-icon.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94f8ef517a973d33e2bde96d6c170e86e4be553f86bb2b5a07f228efa46e1ee7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"7c99a36689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2259
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/search-icon.png
date
Thu, 13 Jul 2023 02:25:52 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
171
x-ua-compatible
IE=edge,chrome=1
bullet.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/bullet.png
  • https://www.itnews.com.au/images/bullet.png
171 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/bullet.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4bfc84f853864a42446e366637e6a3cc7e7bc9c8563eaae40932cd7fb85b71f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"c5d9656689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
171
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/bullet.png
date
Thu, 13 Jul 2023 02:25:52 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
166
x-ua-compatible
IE=edge,chrome=1
play-btn.png
www.itnews.com.au/images/featured/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/featured/play-btn.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d9cbf98cbeeb8314acb7bf6600855d6d75ae9b56e173a8ad1e46700eaf0aac52

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:22 GMT
server
Microsoft-IIS/10.0
etag
"c7257d7689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2120
x-ua-compatible
IE=edge,chrome=1
article-share-comments.png
www.itnews.com.au/images/ 		981 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/article-share-comments.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a0e7e32cf14caf3c5f5b29e79bd8711348a5bf2137a12104d2cd1b1110b0f272

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"94995e6689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
981
x-ua-compatible
IE=edge,chrome=1
article-share-tw.png
www.itnews.com.au/images/ 		747 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/article-share-tw.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5fa4b9d9a56c65d6f525056d71f4e46b1f2750e86960343402424d88c13772f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"94995e6689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
747
x-ua-compatible
IE=edge,chrome=1
article-share-fb.png
www.itnews.com.au/images/ 		345 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/article-share-fb.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
413dc61acc8e9741b76a34382ddbe3632052fe38d580bd2680d3e9d407ceb6be

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"94995e6689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
345
x-ua-compatible
IE=edge,chrome=1
article-share-li.png
www.itnews.com.au/images/ 		473 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/article-share-li.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1096ae848f7e01f065ce530dcd17bd1a1af503a2c4ae83cbf8972e900446e36a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"fffb606689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
473
x-ua-compatible
IE=edge,chrome=1
article-share-feedback_2.png
www.itnews.com.au/images/ 		678 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/article-share-feedback_2.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
96f1173b3c05e0f7230e3d2b4ac6ebd7d816de5e71ebabfbe20e2b339dba6078

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"94995e6689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
678
x-ua-compatible
IE=edge,chrome=1
article-share-email.png
www.itnews.com.au/images/ 		744 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/article-share-email.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7a7f7b00e22cf33ff4aeef9005ebb800ccad9f67e326142d8ba30c2e801ac719

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"31375c6689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
744
x-ua-compatible
IE=edge,chrome=1
article-share-print.png
www.itnews.com.au/images/ 		709 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/article-share-print.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ea6da8487b903fd84a283d780bede1ae1da97d7f2c364653e790822405505f62

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"fffb606689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
709
x-ua-compatible
IE=edge,chrome=1
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:04:08 GMT
x-content-type-options
nosniff
age
116506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 18:04:08 GMT
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 09 Jul 2023 02:47:41 GMT
x-content-type-options
nosniff
age
344293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Jul 2024 02:47:41 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f7f2e6e9846753468e37d570cf9ce4d674d8d301876035119573279fac1f7a6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:53 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12009998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75852
last-modified
Fri, 29 May 2020 16:00:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed131a1-1284c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvizUGh5O7W%2BsSD%2BTSzGM5Dwk0mIIHm%2Bu%2F2vtBJe%2BFa2W9iOq1lkPm9W204VVO36g4XEduprPrOGxA7WPcEVZC%2B4TgU3X6RINNN2sZK5JlIOhUCEe%2Bxyz3d%2FayPPtf4H2I2SJR8A"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e5e13f74b7ba829-SYD
expires
Tue, 02 Jul 2024 02:25:53 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7754b3b966b7772e3be8792c6dba77b4ffdac9d93019b01af14c20fbd4321b3f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:53 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1751082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76176
last-modified
Fri, 29 May 2020 16:00:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed131a1-12990"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxmpIU5EX2zDpjC218xyKKfl4EHlTFk%2BXw05yHuHfHB91Z7YGs4AfdBSmvA7BmBT8%2Bu0E38KBCxGQuxYwWRz14P0eG9IZZBRYHDeSrCrhOxzvBY2t86Twsld90wSBN%2BsHvHdK5qY"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e5e13f74b7ea829-SYD
expires
Tue, 02 Jul 2024 02:25:53 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:36:21 GMT
x-content-type-options
nosniff
age
118173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:36:21 GMT
PN_yRfK9oXHga0XV5e8qghzW.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV5e8qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
c8dea9bb1169a9455240a9e7aa6f1f7dd922c7160010eb6f2269acbf4acd5ab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 09 Jul 2023 02:43:10 GMT
x-content-type-options
nosniff
age
344564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18820
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Jul 2024 02:43:10 GMT
PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v10/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV3e0qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 08:04:57 GMT
x-content-type-options
nosniff
age
411657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19012
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 08:04:57 GMT
PN_yRfK9oXHga0XVzeoqghzW.woff2
fonts.gstatic.com/s/martel/v10/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XVzeoqghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
2991fa8cfe2986011e6569a578888d8f2e901b17e1959420df70d5c07c5582db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 01:15:18 GMT
x-content-type-options
nosniff
age
263436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19072
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jul 2024 01:15:18 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:29:18 GMT
x-content-type-options
nosniff
age
118596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:29:18 GMT
sponsoredcontent.ashx
www.itnews.com.au/scripts/ 		1 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itnews.com.au/scripts/sponsoredcontent.ashx?type=SponsoredLink&si=Blogs&pa=&sc=32&output=script&ros=True&ord=472116561120332.6
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/plain; charset=utf-8
cache-control
private
content-length
1
x-ua-compatible
IE=edge,chrome=1
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 3E94 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:04:08 GMT
x-content-type-options
nosniff
age
116506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 18:04:08 GMT
PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v10/ Frame 3E94 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV3e0qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 08:04:57 GMT
x-content-type-options
nosniff
age
411657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19012
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 08:04:57 GMT
network-bar-logos.png
www.itnews.com.au/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/network-bar-logos.png?q=20211001
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
82f4a15bfde68af3ba1ab9e557ba6b1c700d6aafe0d9e42561576366662701ba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:52 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"89b1946689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
9407
x-ua-compatible
IE=edge,chrome=1
embed.js
itnewsnext.disqus.com/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itnewsnext.disqus.com/embed.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
2704ae9c8f37a578cc852511f9eecc3700b51fa9163e603f16c2520b022544ef
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:25:54 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
72
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25400
count.js
itnewsnext.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itnewsnext.disqus.com/count.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:25:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
86
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 12 Jul 2023 14:06:07 GMT
Server
nginx
ETag
"64aeb34f-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
beYepxuSLS4WR5PAYpVyHwa624hjoq_EddSf_wj5jQvPbSYylEksCw==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.211 Central, Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-211.pacnet.net
Software
/
Resource Hash
55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jul 2023 13:15:12 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=30352
accept-ranges
bytes
content-length
490
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/?random=1689215154211&cv=11&fst=1689215154211&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&hn=www.googleadservices.com&frm=0&tiba=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts%20-%20Security%20-%20iTnews&auid=1490442805.1689215154&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
89e6b22228a07b2a5ab0bcc9155949f2fcd741e7b913a51afc13a0984ee6424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-2321248.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2321248.js?sv=7
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-43.mrs52.r.cloudfront.net
Software
/
Resource Hash
500dc73526c36890f0f983100a08d823a754f14448710b17c3c004aed79340ca
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 187b5554ca4fd284c496dba11e952c0e.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
etag
W/53e4aaf6c7a51badf195d369674e7b40
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
hfrAndI5jHi5bsvfq9nQB0Zr9nX8dJmTvgyaMpMStoTLoBFnXsdjTw==
fbevents.js
connect.facebook.net/en_US/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-itm1.fbcdn.net
Software
/
Resource Hash
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jul 2023 02:25:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46863
x-xss-protection
0
pragma
public
x-fb-debug
/h4VkNJOmhRJHmoDfvXtzv99HjhgrzMt0sv26MAJKPwG4TXIrh7IXhM1ZADz2NG9Koiyp6QaI5/zoHaz0kZKhA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
21321196.js
js.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/21321196.js?businessUnitId=237470
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.133.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46adb1b02fac122db8ef46a60b932ada5e32112f849d526d1fcbf770de5386c8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:55 GMT
content-encoding
br
cf-cache-status
HIT
x-hubspot-correlation-id
573b6e50-6eaa-46a1-8512-e9610802b39d
x-evy-trace-route-service-name
envoyset-translator
cf-polished
origSize=1469
age
51
x-envoy-upstream-service-time
3
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
573b6e50-6eaa-46a1-8512-e9610802b39d
cf-bgj
minify
last-modified
Thu, 13 Jul 2023 02:25:04 GMT
server
cloudflare
x-trace
2B991B68974AD2C1F13E7AE5FF9D800993BB1D8C63000000000000000000
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.itnews.com.au
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-t5ghn
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
cf-ray
7e5e13ff4896aad8-SYD
expires
Thu, 13 Jul 2023 02:26:55 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 01:13:31 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4344
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 13 Jul 2023 03:13:31 GMT
js
www.googletagmanager.com/gtag/ 		254 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VF4SSPXWVE&l=dataLayer&cx=c
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ce8c06e2e2ff66b1154999a45aa8365f40a15af9525afc9a37af699bb0fbddbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87861
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jul 2023 02:25:54 GMT
collect
analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VF4SSPXWVE&gtm=45je37a0&_p=1143294879&_gaz=1&cid=1979880015.1689215155&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689215154&sct=1&seg=0&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&dt=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts%20-%20Security%20-%20iTnews&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_section=News&ep.site_category=Technology&ep.site_subcategory=Security&ep.site_keywords=%7Cbreach%7Ccybersecurity%7Chack%7Cmicrosoft%7C&ep.article_heading=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VF4SSPXWVE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VF4SSPXWVE&cid=1979880015.1689215155&gtm=45je37a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VF4SSPXWVE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VF4SSPXWVE&cid=1979880015.1689215155&gtm=45je37a0&aip=1&z=2140930203
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
count-data.js
itnewsnext.disqus.com/ 		239 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://itnewsnext.disqus.com/count-data.js?1=597920
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff455df1d22f0b410fb3c986c13062dfcf85c0ed3799b339c98698e79468e680
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:25:55 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
119
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
239
X-XSS-Protection
1; mode=block
recommendations.js
itnewsnext.disqus.com/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itnewsnext.disqus.com/recommendations.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
d8177357f32ea2495f9e36ae5d6c06f253c812a5e96907fc9830997a4d2e7c77
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:25:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
21159
/
disqus.com/embed/comments/ Frame C60D 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3d74639b0561b5035d22436bb68a1cd47720674f0ae8db6479aad7a3f3e2bea4
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3501
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Thu, 13 Jul 2023 02:25:55 GMT
ETag
W/"lounge:view:9771681697.d9730a77e9fd909ca566266e0dcb3ddf.2"
Last-Modified
Thu, 13 Jul 2023 01:31:46 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.211 Central, Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-211.pacnet.net
Software
/
Resource Hash
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jul 2023 13:00:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=64295
accept-ranges
bytes
content-length
4807
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.120.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1874f11501aa7118cdfa7af21a9ef1c87301e917881dc941831b122d82b34a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:55 GMT
x-amz-version-id
tZNqk9JR4hpL4HhK3M1JevHxbsFiShRO
via
1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
299
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.382/bundles/pixels-release.js&cfRay=7e5e0cb2ff24dfc1-SYD
x-cache
Hit from cloudfront
x-hubspot-correlation-id
9968798e-2f5a-4cc1-94c5-e428dee43b37
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9968798e-2f5a-4cc1-94c5-e428dee43b37
last-modified
Tue, 20 Jun 2023 11:26:10 UTC
server
cloudflare
etag
W/"15e730192a32cd4563797f160ff1fd6f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-5c7n7
cf-ray
7e5e14034ecfa961-SYD
x-amz-cf-id
1x8_TO5oFD_Rf5VuQqeJUfu0Ql9W0DV956Hv_P7q-PFXI_wL9RCihQ==
x-hs-target-asset
adsscriptloaderstatic/static-1.382/bundles/pixels-release.js
banner.js
js.hs-banner.com/v2/21321196/ 		209 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/21321196/banner.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140f1fb8af2d84d9a97d2d26372392b4034929da4a8de4412caaaa5942353a75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:55 GMT
x-amz-version-id
VWSCLRaGW2HieUGG0j1WGFHkFPfp9qXc
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
NHH3XTN2Z009NSTC
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
age
80
x-envoy-upstream-service-time
26
x-amz-id-2
jydUVuwZ/XD/qL91IdqQ2xYk2gO7ZBYG7HGeWMNlpzEc2Thx/2gzaLzWB7Wye1AnMfm2R9nHrjc=
x-evy-trace-listener
listener_https
x-request-id
f031bb13-23a3-4252-99ab-9d2b207d9c21
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 22 Jun 2023 19:00:46 GMT
server
cloudflare
etag
W/"6ee368503cb4f800a49a1e686eae6ed7"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.itnews.com.au
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7e5e14039949dfa7-SYD
expires
Thu, 13 Jul 2023 02:29:35 GMT
21321196.js
js.hs-analytics.net/analytics/1689215100000/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1689215100000/21321196.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.140.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82127b663f58b480177b75d5919cbf82973ab138400acb99b640330da5c5f3d6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:55 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
VGEH0T272XDGXD3X
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
f9b6d493-bdae-4587-8f05-90b25d322cac
age
13
x-envoy-upstream-service-time
13
x-amz-id-2
ftI0Ib1Z3h1dYGyWmt4dtEuErNhkA8fCBrFDJfRRnWdnd9WwpqUNt9kTs+mH3SdsoRxx2eOnxuo=
x-evy-trace-listener
listener_https
x-request-id
f9b6d493-bdae-4587-8f05-90b25d322cac
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 15 Jun 2023 15:22:03 GMT
server
cloudflare
etag
W/"243d14d61c69b93f3767432dd8c2e9fd"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ns2gd
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7e5e1403bf3da7ed-SYD
expires
Thu, 13 Jul 2023 02:30:42 GMT
smartads.epl
www.dianomi.com/ Frame 0EA0 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/tcfredirector.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d86f3e8c941b287d553f0bd2ba1e50c5f7e03e97da22142e42239f8467ea2537
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smartads.epl?id=5141
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7e5e14006f01a7fc-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 02:25:55 GMT
expires
now
link
</img/a/pss/2818/17.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.google.com/pagead/1p-user-list/658328797/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/658328797/?random=1689215154211&cv=11&fst=1689213600000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&frm=0&tiba=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts%20-%20Security%20-%20iTnews&fmt=3&is_vtc=1&random=615122567&rmt_tld=0&ipr=y
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/658328797/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/658328797/?random=1689215154211&cv=11&fst=1689213600000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&frm=0&tiba=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts%20-%20Security%20-%20iTnews&fmt=3&is_vtc=1&random=615122567&rmt_tld=1&ipr=y
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/ 		392 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
8b31d53d69faa979838ddc7b0a429905aa68ae17b959feed09d07659fbb32988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 18:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
28183
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127593
x-xss-protection
0
server
cafe
etag
15549820257717213848
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 11 Jul 2024 18:36:12 GMT
token
cdn.linkedin.oribi.io/partner/1503796/domain/itnews.com.au/ 		36 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1503796/domain/itnews.com.au/token
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-68.mrs52.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 01:42:44 GMT
content-encoding
gzip
via
1.1 9c5cc34178b30326464fbee2768215f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-C1
age
2592
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
pk94LcLynHx6B3TQCWw61aBU-uUGqwUCvVhWtQL-kvbv7D38aQvPsw==
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155275&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155275&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cookiesTest=...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1689215155275%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155275&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cookiesTest=...
0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155275&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cookiesTest=true&liSync=true
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:56 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: C419494C6AC7453183CE106B3377661E Ref B: SYD03EDGE0911 Ref C: 2023-07-13T02:25:56Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-lva1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAVQ1h2mVl7eshkjJUjg==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' snap.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 02:25:56 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYAVQ1cxLIocZ+Dnbm/KQ==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: FDE1D3F0480F4417974A0D904BCEFC2C Ref B: SYD03EDGE0911 Ref C: 2023-07-13T02:25:56Z
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155275&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
modules.fba0c9b2e1c5e125e170.js
script.hotjar.com/ 		270 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.fba0c9b2e1c5e125e170.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-48.mrs52.r.cloudfront.net
Software
/
Resource Hash
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 07:23:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 2f60289312992373b517623785f072a2.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
241369
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
70330
last-modified
Mon, 10 Jul 2023 07:22:19 GMT
etag
"0054d18e8d659772b0e915a12ecd8b15"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
eedEd6oo_t6IJbElv6d9mz9GtvmpmYqvxZP6QacYcMWiXUuqryIFlg==
/
disqus.com/recommendations/ Frame 4160 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ada0a91d6ae967ec641f29843f7e4bf5681623fb10fd79788aaffd689c95f512
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
0
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2339
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Thu, 13 Jul 2023 02:25:56 GMT
Last-Modified
Thu, 03 Nov 2022 04:33:51 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1143294879&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&ul=en-us&de=UTF-8&dt=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts%20-%20Security%20-%20iTnews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1512933724&gjid=1551804020&cid=1979880015.1689215155&tid=UA-102830131-1&_gid=840886345.1689215156&_r=1&_slc=1&gtm=45He37a0n81N4K222Q&cd1=News&cd2=Technology&cd3=Security&cd4=%7Cbreach%7Ccybersecurity%7Chack%7Cmicrosoft%7C&z=2075439188
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
991594294528179
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/991594294528179?v=2.9.111&r=stable
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-itm1.fbcdn.net
Software
/
Resource Hash
ba018475fa4a5dd2da3117c2f48bc8617242f2f8f925b2157ffdc4a356611c3f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jul 2023 02:25:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
MwdzkLDOguv5aQOC06YRvPVLu0cRNzzpO2zysWLit3V0KayXae9RHGNFRx2/UOU/1Om0K6sA/gsSOZeO6JkM6w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
17.css
www.dianomi.com/img/a/pss/2818/ Frame 0EA0 		2 KB
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/2818/17.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:55 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
828981
cf-polished
origSize=2720
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 09 May 2023 08:00:28 GMT
server
cloudflare
etag
W/"aa0-5fb3e260f6300"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7e5e14039aaba7fc-SYD
expires
Sat, 12 Aug 2023 12:25:55 GMT
viewability11.js
www.dianomi.com/js/ Frame 0EA0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/viewability11.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:55 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
53
cf-polished
origSize=13022
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 14:33:52 GMT
server
cloudflare
etag
W/"32de-5fa523edf86e0"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7e5e1403aab7a7fc-SYD
expires
Thu, 13 Jul 2023 02:27:55 GMT
dianomi-max-200x38.png
www.dianomi.com/img/ Frame 0EA0 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:55 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
829118
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e5e14044b71a7fc-SYD
expires
Sat, 12 Aug 2023 12:25:55 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/288176/2/ Frame 0EA0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/288176/2/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a8151f14c73587effb5aa2c3617bcededef760383b955b53d2a7cbc511fe3a5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
6902
cf-polished
qual=85, origFmt=jpeg, origSize=10148
content-disposition
inline; filename="100x70.webp"
content-length
1764
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Jun 2023 04:48:01 GMT
server
cloudflare
etag
"27a4-5fd82d72afdc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e5e1405dd31a7fc-SYD
expires
Sat, 12 Aug 2023 12:25:56 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/294744/3/ Frame 0EA0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/294744/3/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e085dfa6b31e256dab6de4dcb92f70ffddd95ed61fe270b02cf0829942cd0374
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1527570
cf-polished
qual=85, origFmt=jpeg, origSize=4038
content-disposition
inline; filename="100x70.webp"
content-length
2248
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Mon, 29 May 2023 23:45:39 GMT
server
cloudflare
etag
"fc6-5fcddaf18e6d0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e5e1405dd35a7fc-SYD
expires
Sat, 12 Aug 2023 12:25:56 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/297053/2/ Frame 0EA0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/297053/2/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6cbc5efe339dd7660160906e462b701bde91790e9d2d3dbbd0f7bc870435bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2224514
cf-polished
qual=85, origFmt=jpeg, origSize=3402
content-disposition
inline; filename="100x70.webp"
content-length
1848
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 06 Jun 2023 21:04:07 GMT
server
cloudflare
etag
"d4a-5fd7c5c290b18"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e5e1405ed3ba7fc-SYD
expires
Sat, 12 Aug 2023 12:25:56 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/281429/2/ Frame 0EA0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/281429/2/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c012f05b2770cbf4529830156233451b5462eab7f5be18240c82304fe7b3397
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
784923
cf-polished
degrade=85, origSize=4754, status=webp_bigger
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 04 Jul 2023 00:20:49 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
true
cf-ray
7e5e1405ed3ca7fc-SYD
expires
Thu, 20 Jul 2023 02:25:56 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/286683/2/ Frame 0EA0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/286683/2/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30fc2a3c7bfeefdc6440753ca908587e2e0afeb63718b1b8209356e1e333b119
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1335681
cf-polished
qual=85, origFmt=jpeg, origSize=3819
content-disposition
inline; filename="100x70.webp"
content-length
2156
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 06 Jun 2023 06:55:33 GMT
server
cloudflare
etag
"eeb-5fd70816f0370"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e5e1405ed3da7fc-SYD
expires
Sat, 12 Aug 2023 12:25:56 GMT
B29802947.365379550;dc_pre=CM-m9OrQioADFSiFZgIdUNMH9A;dc_trk_aid=556525325;dc_trk_cid=192537265;ord=1689215155;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N6540.576592DIANOMIINC./ Frame 0EA0
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N6540.576592DIANOMIINC./B29802947.365379550;dc_trk_aid=556525325;dc_trk_cid=192537265;ord=1689215155;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N6540.576592DIANOMIINC./B29802947.365379550;dc_pre=CM-m9OrQioADFSiFZgIdUNMH9A;dc_trk_aid=556525325;dc_trk_cid=192537265;ord=1689215155;dc_lat=;dc_rdid=;tag_f...
42 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N6540.576592DIANOMIINC./B29802947.365379550;dc_pre=CM-m9OrQioADFSiFZgIdUNMH9A;dc_trk_aid=556525325;dc_trk_cid=192537265;ord=1689215155;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Server
142.251.221.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N6540.576592DIANOMIINC./B29802947.365379550;dc_pre=CM-m9OrQioADFSiFZgIdUNMH9A;dc_trk_aid=556525325;dc_trk_cid=192537265;ord=1689215155;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 0EA0 		4 KB
638 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f10.1e100.net
Software
ESF /
Resource Hash
0e00e4ee9c109fdd3c08db4702bb64ada5419c2e47fc3259903df28e22b78e97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jul 2023 02:25:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 02:17:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jul 2023 02:25:55 GMT
css
fonts.googleapis.com/ Frame 0EA0 		2 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f10.1e100.net
Software
ESF /
Resource Hash
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jul 2023 02:25:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 02:17:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jul 2023 02:25:55 GMT
lounge.load.3c00c65811f2cec80a8903c739975872.js
c.disquscdn.com/next/embed/ Frame C60D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.3c00c65811f2cec80a8903c739975872.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
ae05b8f9cd0f5597f74764396a6e173dccbea0204340a1dc1ce1a5faf1277612
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 10 Jul 2023 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 9e1ca2a082cf3304834fbd01d8598ce4.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
218297
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
624
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Mon, 10 Jul 2023 13:41:14 GMT
server
nginx
etag
"64ac0a7a-270"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
ugIeRp31ttCHROvyGLvR9wFeDBtTfJrFSqtW2iYIO_WDHC4aN1LHDw==
expires
Tue, 09 Jul 2024 13:47:39 GMT
collect
stats.g.doubleclick.net/j/ 		8 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102830131-1&cid=1979880015.1689215155&jid=1512933724&gjid=1551804020&_gid=840886345.1689215156&_u=YADAAEAAAAAAACAAI~&z=982111353
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Jul 2023 02:25:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155873&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accoun...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155873&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accoun...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1689215155873%26conversionId%3D10367540%26url%3Dhttps%253A%252F%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155873&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accoun...
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155873&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cookiesTest=true&liSync=true
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:56 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 659830B20464406191F69268162F5DA7 Ref B: SYD03EDGE0911 Ref C: 2023-07-13T02:25:57Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-lva1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAVQ1jyXhUlyikCyyjYQ==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' snap.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 02:25:56 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYAVQ1eziloASEqWjaKzw==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 34C7D0C36F364AA7919ED7D1B89B9FF7 Ref B: SYD03EDGE0911 Ref C: 2023-07-13T02:25:56Z
x-frame-options
sameorigin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1689215155873&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.itnews.com.au
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
close-white.png
www.itnews.com.au/images/ 		438 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itnews.com.au/images/close-white.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
702f0230b50a8bec8b8ed4268906179470e8088079cd0cca13c5d60578fc801e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_91b5e77a73edffb31b8f4a8e226472df.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:54 GMT
last-modified
Wed, 14 Jun 2023 02:29:20 GMT
server
Microsoft-IIS/10.0
etag
"fb9f6a6689ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
438
x-ua-compatible
IE=edge,chrome=1
ads
securepubads.g.doubleclick.net/gampad/ 		410 KB
71 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2906003666422544&correlator=3992847111617990&eid=31076084&output=ldjh&gdfp_req=1&vrg=202307120202&ptt=17&impl=fifs&iu_parts=1003277%2CiTnews-SuperLeaderboard%2CiTnews-Leaderboard%2CiTnews-MREC%2CiTnews-Button%2CiTnews-inRead%2CiTnews-Interstitial%2CiTnews-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F2%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=1000x100%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x100%2C728x90%2C1x1%2C640x480%2C1x1&ifi=1&adks=667020349%2C2669764438%2C1265387520%2C3406322226%2C2734568407%2C4122735841%2C3533778239%2C727088295%2C964912442&sfv=1-0-40&ists=1&prev_scp=%7Cpos%3Dtopb%7Cpos%3Dsto%7Cpos%3Dsto2%7C%7Cpos%3Dfooter%7C%7C%7C&cust_params=sec%3Dnews%26aid%3D597920%26cat%3Dsecurity%252Csecurity%252Ctechnology%26kwd%3Dbreach%252Ccybersecurity%252Chack%252Cmicrosoft&sc=1&cookie_enabled=1&abxe=1&dt=1689215155953&lmt=1689215155&dlt=1689215152842&idt=3041&adxs=240%2C531%2C1044%2C1002%2C1002%2C240%2C464%2C-12245933%2C0&adys=234%2C80%2C825%2C4192%2C4472%2C4914%2C2835%2C-12245933%2C5615&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C-1%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&frm=20&vis=1&psz=1120x90%7C830x100%7C913x2768%7C373x691%7C373x691%7C1120x4634%7C913x2768%7C640x-1%7C1600x147&msz=1120x0%7C829x0%7C300x250%7C343x250%7C343x0%7C1120x90%7C880x0%7C0x-1%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C640%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1979880015.1689215155&ga_sid=1689215156&ga_hid=1143294879&ga_fc=true
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
89bd811cab041742972ec0ceb48cc560d61e807b2eb1abe17feece17caf4c041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72506
x-xss-protection
0
google-lineitem-id
6342864455,-1,-1,4353873355,-1,4353871435,4675091891,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138438771215,-1,-1,138204811071,-1,138296582165,138233473879,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itnews.com.au
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D406 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 02:25:56 GMT
expires
Fri, 12 Jul 2024 02:25:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		122 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21321196
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.203.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06858ebff3571e21150204c3dd2b8933bfa9f4ad0c8b928f4abb0154e816b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
54d7fcde-3b06-49ca-8a95-de80a432bb0a
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
54d7fcde-3b06-49ca-8a95-de80a432bb0a
server
cloudflare
x-trace
2BFE5F674EBC069B78EFFA9BA7B77C4AAA220CEBFC000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.itnews.com.au
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-spmrr
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCxExaW%2FXwU7YVebOOpHTuH2SpJj59Liu4xPPPlXUub0xY%2FFrbT4MXh1YbQlb%2B2v8yidBCRDZcQbeJ0jNRFApZDIXcsRF9Psmn1dQDZRiOiK1Bnvgix9XpFp9iWv%2B2V%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
7e5e14085f0cdfb3-SYD
access-control-allow-headers
*
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102830131-1&cid=1979880015.1689215155&jid=1512933724&_u=YADAAEAAAAAAACAAI~&z=1160851527
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102830131-1&cid=1979880015.1689215155&jid=1512933724&_u=YADAAEAAAAAAACAAI~&z=1160851527
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixeljs
data.dianomi.com/frontend/ Frame 0EA0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xA1DC96431D9945BF8DC6374C360728F6&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c21707024957102493cf752e4337989f0b317e6aa8653718d85729649ecaa73
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
via
1.1 google
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
7e5e1405ed44a7fc-SYD
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 0EA0 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:04:08 GMT
x-content-type-options
nosniff
age
116508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 18:04:08 GMT
PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v10/ Frame 0EA0 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV3e0qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 08:04:57 GMT
x-content-type-options
nosniff
age
411659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19012
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 08:04:57 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 0EA0 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:36:21 GMT
x-content-type-options
nosniff
age
118175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 17:36:21 GMT
recommendations.load.af5dcff7c80ddb6cb8b656857138adf1.js
c.disquscdn.com/next/recommendations/ Frame 4160 		923 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.af5dcff7c80ddb6cb8b656857138adf1.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
e4cc94b363c56c58b41c39282ca5728110a71e97c1eb51d03a8b6c98536d5727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 16 Jun 2023 20:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 9e1ca2a082cf3304834fbd01d8598ce4.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
2268437
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
450
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Fri, 16 Jun 2023 20:12:30 GMT
server
nginx
etag
"648cc22e-1c2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
YveqCydn4v3x9FgA5hmscWGc5dvASCpp29VC3FY_RdaaVkfUM-lsyA==
expires
Sat, 15 Jun 2024 20:18:39 GMT
470261513615109
connect.facebook.net/signals/config/ 		379 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/470261513615109?v=2.9.111&r=stable
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-itm1.fbcdn.net
Software
/
Resource Hash
99670f0a51f474079c5731c01d5a5fb0e29e8a983664fd83a1ca6dfc7e89553c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jul 2023 02:25:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
xQk+qRkpXSXGZfe1M807Nxgz4dv3avZoYzCql8XQx/LhP72SHb6nRogpLKTVRlZnakmBfpoH92Ts4DdyjduPSA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame EC44
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Requested by
Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xA1DC96431D9945BF8DC6374C360728F6&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.190.50 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-190-50.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.dianomi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Jul 2023 02:25:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 13 Jul 2023 02:25:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
server
AkamaiGHost
cookie_sync.html
www.dianomi.com/prebid/ Frame B1A2 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Requested by
Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xA1DC96431D9945BF8DC6374C360728F6&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec2a96501b91fcaf2db6eb6ae3513dd7a76c9754f623b08c19e80f6d7b5d48a7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7e5e14086890a7fc-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 02:25:56 GMT
last-modified
Tue, 25 Apr 2023 12:24:50 GMT
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
data.dianomi.com/frontend/ Frame 0EA0 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fwww.dianomi.com%2Fsmartads.epl%3Fid%3D5141&can_programmatic=1&geo_country=9&smartad_variant_id=7334&device_type=computer&organization=latitude.sh&referer=https%3A%2F%2Fwww.dianomi.com%2Fsmartads.epl%3Fid%3D5141&geo_state=new%20south%20wales&publisher_id=1339&adgroup_ids=121713%2C101056%2C122993%2C124273%2C105667&impression_id=ZK9gs14lyt6eL3HzeLt8XgAAAEE&adgroup_variant_ids=288176%2C286683%2C294744%2C297053%2C281429&geo_ccod=au&geo_dma=&hosting_facility=0&include_rtb=2&smartad_id=5141&session=8ad8b96d7a82769de74b6e36194d452b
Requested by
Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xA1DC96431D9945BF8DC6374C360728F6&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
content-length
0
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.dianomi.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7e5e1408688ea7fc-SYD
access-control-allow-headers
dianomi-force-dmp
458249.gif
idsync.rlcdn.com/ Frame 0EA0
Redirect Chain
  • https://idsync.rlcdn.com/425276.gif?partner_uid=8ad8b96d7a82769de74b6e36194d452b
  • https://idsync.rlcdn.com/1000.gif?memo=CLz6GRIsCigIARDX7wEaIDhhZDhiOTZkN2E4Mjc2OWRlNzRiNmUzNjE5NGQ0NTJiEAAaDQi0wb2lBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0a6eb4bb73308ffdfd4f49aa21f7080bc6e1f0a41bf9b41068cb8c426cbf06dc791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwYTZlYjRiYjczMzA4ZmZkZmQ0ZjQ5YWEyMWY3MDgwYmM2ZTFmMGE0MWJmOWI0MTA2OGNiOGM0MjZjYmYwNmRjNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwYTZlYjRiYjczMzA4ZmZkZmQ0ZjQ5YWEyMWY3MDgwYmM2ZTFmMGE0MWJmOWI0MTA2OGNiOGM0MjZjYmYwNmRjNzkxNDI2YjU0MTdkY2UyMRAAGgwItcG9pQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=07a96e76-db06-4797-9a7c-8ede50b131a8
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=07a96e76-db06-4797-9a7c-8ede50b131a8
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=07a96e76-db06-4797-9a7c-8ede50b131a8
date
Thu, 13 Jul 2023 02:25:58 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
bidswitch
data.dianomi.com/frontend/ Frame 0EA0
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
  • https://data.dianomi.com/frontend/bidswitch?uid=43fc00e5-1d60-4e17-b913-00045c750241&cookie_age=1
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.dianomi.com/frontend/bidswitch?uid=43fc00e5-1d60-4e17-b913-00045c750241&cookie_age=1
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:57 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
content-length
68
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7e5e140d5e04a7fc-SYD
access-control-allow-headers
dianomi-force-dmp

Redirect headers

Location
https://data.dianomi.com/frontend/bidswitch?uid=43fc00e5-1d60-4e17-b913-00045c750241&cookie_age=1
Date
Thu, 13 Jul 2023 02:25:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame 0EA0 		77 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=288176&smartad_variant_id=7334&device_type=computer&geo_state=new%20south%20wales&impression_id=ZK9gs14lyt6eL3HzeLt8XgAAAEE&adgroup_variant_ids=288176,286683,294744,297053,281429&geo_ccod=au&geo_dma=&smartad_id=5141
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
7e5e14090923a7fc-SYD
content-length
77
x-xss-protection
1; mode=block
expires
Wed, 12 Jul 2023 02:25:56 GMT
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame 0EA0 		77 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=294744&smartad_variant_id=7334&device_type=computer&geo_state=new%20south%20wales&impression_id=ZK9gs14lyt6eL3HzeLt8XgAAAEE&adgroup_variant_ids=288176,286683,294744,297053,281429&geo_ccod=au&geo_dma=&smartad_id=5141
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
7e5e14090924a7fc-SYD
content-length
77
x-xss-protection
1; mode=block
expires
Wed, 12 Jul 2023 02:25:56 GMT
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame 0EA0 		77 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=297053&smartad_variant_id=7334&device_type=computer&geo_state=new%20south%20wales&impression_id=ZK9gs14lyt6eL3HzeLt8XgAAAEE&adgroup_variant_ids=288176,286683,294744,297053,281429&geo_ccod=au&geo_dma=&smartad_id=5141
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
7e5e14090925a7fc-SYD
content-length
77
x-xss-protection
1; mode=block
expires
Wed, 12 Jul 2023 02:25:56 GMT
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame 0EA0 		77 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=281429&smartad_variant_id=7334&device_type=computer&geo_state=new%20south%20wales&impression_id=ZK9gs14lyt6eL3HzeLt8XgAAAEE&adgroup_variant_ids=288176,286683,294744,297053,281429&geo_ccod=au&geo_dma=&smartad_id=5141
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
7e5e14090926a7fc-SYD
content-length
77
x-xss-protection
1; mode=block
expires
Wed, 12 Jul 2023 02:25:56 GMT
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame 0EA0 		77 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=286683&smartad_variant_id=7334&device_type=computer&geo_state=new%20south%20wales&impression_id=ZK9gs14lyt6eL3HzeLt8XgAAAEE&adgroup_variant_ids=288176,286683,294744,297053,281429&geo_ccod=au&geo_dma=&smartad_id=5141
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
7e5e14090927a7fc-SYD
content-length
77
x-xss-protection
1; mode=block
expires
Wed, 12 Jul 2023 02:25:56 GMT
cookie_sync
server.prebid.dianomi.com/ Frame B1A2 		3 KB
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.prebid.dianomi.com/cookie_sync
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.153.107 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-153-107.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b25e6fde28036dba5c27f0bb3bf388725f178bbbfc4ce01b11393ef98b17d53f

Request headers

Referer
https://www.dianomi.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:57 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dianomi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
624
expires
0
586918102853434
connect.facebook.net/signals/config/ 		376 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/586918102853434?v=2.9.111&r=stable
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-itm1.fbcdn.net
Software
/
Resource Hash
cc8270f1e7e6ff155b2f452e26e7e31ff335aa59a1b9fc3c55866f992a97b30c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jul 2023 02:25:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
buwtBWXuGhs1oSVIfKi1Imj5syDbHOxmSfJQASs/aM1EuV7lHVTrVEFGbiovjYhanLJi7aN8Aai4CzjOBjtLuQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
common.bundle.42272221620e218896f3973a3bb140e2.js
c.disquscdn.com/next/embed/ Frame C60D 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.3c00c65811f2cec80a8903c739975872.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
d23fd6a13b657ba55789f4a8b098f72d86e253917a83af15a2e4e6ed23a9e5c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 16 Jun 2023 20:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
2268453
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94141
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Fri, 16 Jun 2023 20:12:30 GMT
server
nginx
etag
"648cc22e-16fbd"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
86jnGU6GYuWkOYEv_IRssNQhGwnMiLkErNFJ_K7EFvqnaLmEmKqL7A==
expires
Sat, 15 Jun 2024 20:18:25 GMT
common.bundle.26820753104bbfb2cc90e573a2447f47.js
c.disquscdn.com/next/recommendations/ Frame 4160 		262 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.af5dcff7c80ddb6cb8b656857138adf1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
bf8b01a15285873abfae001dc9804d07312ad4cbb565784ec31dd82c71d1f94c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 16 Jun 2023 20:18:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
2268444
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
88850
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Fri, 16 Jun 2023 20:12:30 GMT
server
nginx
etag
"648cc22e-15b12"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
8egdfQQwPibr8qafqb-eA214pd_X0bj7eyZ-wir709-5KLd9XLO5Tw==
expires
Sat, 15 Jun 2024 20:18:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5E23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4f-AECNSheVUS1mZfrIPxWcE6e54CIgZHYuI9dy2awD9Zopg_4xy_DdOrBgHcFzVqxBsMY6LDn6b188HMLdDKBCU3v-18jyU1qoK2niFMe2dXQBKUDET9G0IOkDP_Ay9iXIdI0ThFIR3TQ65P1N47zzB4t9ywXKCzrDNXMOh4fZzoYqylaiLN70SxJAtA7bpXr9MjB3L24SoAdDI3LOesIUz_SPULNpqe4um7bb-ULD2xRqTiD5s1S_oGLY_Q7cSpDLjt0AQ7eeHnwkUKQ1ByYs0O7MWwFCTFMopvU_VYHMD5J_Vm0NhCZoSfBRymWaOyOQg3peLe4ENTIW6xc3RhA61lRi7sbjVs-ARYXg&sai=AMfl-YQ0PoOSMqSeeYjMMK6_y4pbSJa5sVHxpwPI3w59l8GPrbSNJKhRlNb5pIi73s8KMUbHScNBEO9i7dLqodnKMPoUuW6_vgVJbfPKZaNh-LCHERYLzSLfbelkGpf26Y8&sig=Cg0ArKJSzL-XTuL6aql2EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 5E23 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:13:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
43962
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jul 2023 14:13:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 5E23 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:04:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
44480
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jul 2023 14:04:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5E23 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s01-in-f2.1e100.net
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 02:25:58 GMT
980024138902671793
tpc.googlesyndication.com/simgad/ Frame 5E23 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/980024138902671793
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
sffe /
Resource Hash
ccbc079df3c11810feb0f2d06c4fd229a382171baefde67bfcd858b40197a35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 23:59:47 GMT
x-content-type-options
nosniff
age
181571
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164247
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 01:46:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 09 Jul 2024 23:59:47 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012306202201000/ Frame 59D6 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 17:10:51 GMT
age
33307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61909
x-xss-protection
0
server
sffe
etag
"f919e19544cf979d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 17:10:51 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 59D6 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 22:29:22 GMT
age
100596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"64cbd7fca0464c6f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 10 Jul 2024 22:29:22 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 59D6 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 06 Jul 2023 08:25:53 GMT
age
583205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28896
x-xss-protection
0
server
sffe
etag
"4dcd9a8c59f0d36a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 05 Jul 2024 08:25:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 59D6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 10:04:42 GMT
age
145276
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1898
x-xss-protection
0
server
sffe
etag
"b82574a955fb50a0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 10 Jul 2024 10:04:42 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 59D6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 08:43:33 GMT
age
63745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
server
sffe
etag
"5e14f2792a869535"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 08:43:33 GMT
truncated
/ Frame 59D6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6788b46255b2529d0a5312321f6375ab5e5e4f817e2398c9e0f241bd3ce33aa9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012306202201000/ Frame 3CB4 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 17:10:51 GMT
age
33307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61909
x-xss-protection
0
server
sffe
etag
"f919e19544cf979d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 17:10:51 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 3CB4 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 22:29:22 GMT
age
100596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"64cbd7fca0464c6f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 10 Jul 2024 22:29:22 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 3CB4 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 06 Jul 2023 08:25:53 GMT
age
583205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28896
x-xss-protection
0
server
sffe
etag
"4dcd9a8c59f0d36a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 05 Jul 2024 08:25:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 3CB4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 10:04:42 GMT
age
145276
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1898
x-xss-protection
0
server
sffe
etag
"b82574a955fb50a0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 10 Jul 2024 10:04:42 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 3CB4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 08:43:33 GMT
age
63745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
server
sffe
etag
"5e14f2792a869535"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 08:43:33 GMT
truncated
/ Frame 3CB4 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe3fc79a88308f48e6e97890f344cf288b945575e6045d0001012638ca52e7f0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E480 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAvzEF01Ilu8rHqZaV53jrGYOuGHnIY4nA-8-o1iDWh-HtVm5Esxo38s-nlW9RbewGwtdwSN_BYebb7pjUpS9En6GRwie9pesvzjKd6LhI8d6iTbA520o_n6EF0L0Fz-uef3aRf05iQ476HUxfU9-Wff82au4Aobqssq4DxU3MbQ7I_BUKogu4C_RoGSZ_NAEU-EqGA_N0i47CgDM5u9I-sBzcYL1Fc2GLFGJ6i7Hym5O7QYWxcH_bFOs2ZCcj3zFdboNfGRxIl_qXgf_JGMTdSJ2PkScuyRIoJ5Vy0TF0-qmuPOZOXmAZa74IY7JF3lY_AgBOS-M&sai=AMfl-YTxJ9Jy8-BJIRJZh1oBAnUfANkATIzYpFcT2LwTzdZOrKPH_pTjF4OPOULBiYT7OtJ3PiSIU60ts1PROaDaoBpUCDetIbdHAZ3egSxPC87YhMgj9ucdVCnDBebgeKE&sig=Cg0ArKJSzOE6GM_KUwrGEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame E480 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:13:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
43962
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jul 2023 14:13:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame E480 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:04:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
44480
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jul 2023 14:04:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E480 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s01-in-f2.1e100.net
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 02:25:58 GMT
3828096999314815856
tpc.googlesyndication.com/simgad/ Frame E480 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3828096999314815856
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
sffe /
Resource Hash
d2407d80b3c0a2874bc1ed5a4f92b74ea9f2dad8f05662b5ee11c86fe6ba0443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44847
x-xss-protection
0
last-modified
Thu, 29 Jun 2017 02:16:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 12 Jul 2024 02:25:58 GMT
l
www.google.com/ads/measurement/ Frame E480 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQbJSvL9Ntkv_8x7FcIpxQxBLJgKkld6mlbZZw2aYNbb_CNj7GZgTPCGiubABNJ96IjjWAbgmRE0OUMXrD_LjjphDtu9A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
14183791454893245418
tpc.googlesyndication.com/daca_images/simgad/ Frame 59D6 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14183791454893245418
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
sffe /
Resource Hash
cc43dbb899e5a589fc289a4f863fdb5b314357c176d2c093573e104fda737930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34201
x-xss-protection
0
last-modified
Sat, 07 Aug 2021 09:23:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 12 Jul 2024 02:25:58 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 59D6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 00:58:46 GMT
x-content-type-options
nosniff
server
cafe
age
5232
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Fri, 14 Jul 2023 00:58:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 59D6 		344 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 03:17:55 GMT
x-content-type-options
nosniff
server
cafe
age
83283
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 13 Jul 2023 03:17:55 GMT
l
www.google.com/ads/measurement/ Frame 59D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlIGUTK2q2d8nlhdzwbUwN0CMbFCoal-cOw2BzXLYnFXxHOACmwxJRL0q49zSIrsN8eiAaF9Wj68eEqSnx63CznXu4mw
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
16908301730314795574
tpc.googlesyndication.com/simgad/ Frame 3CB4 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16908301730314795574?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmWNOJzD16xWGVPKHKoB66-HimqiA
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
sffe /
Resource Hash
a852f24574a5512f677ebcf3c589e9892b4ff6045f65bfca91d3868bddf243dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 10:31:42 GMT
x-content-type-options
nosniff
age
230056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87158
x-xss-protection
0
last-modified
Fri, 09 Jun 2023 10:35:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 09 Jul 2024 10:31:42 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3CB4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 00:58:46 GMT
x-content-type-options
nosniff
server
cafe
age
5232
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Fri, 14 Jul 2023 00:58:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3CB4 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 03:17:55 GMT
x-content-type-options
nosniff
server
cafe
age
83283
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 13 Jul 2023 03:17:55 GMT
l
www.google.com/ads/measurement/ Frame 3CB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6NShbkjG5GUnRbF7wCqNFk7tH2nVO5beh1nihIHzASjxkkQJlCTIjnEYjpZrHIUZRTWB4dDAcfeGEqkB-3vHsWDmMug
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
truncated
/ Frame 5E23 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2442dc274dbdc5336be33fe218635a708ec2ed6458af6f280a9970eee02fcc20

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E480 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d5fdec7271faa5b4355ab27e565dc3e360f2724242c650cca99b2581a0e67d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
container.html
8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8461 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 02:25:56 GMT
expires
Fri, 12 Jul 2024 02:25:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0588 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfHaRP6ORxHwu7wpLk36A_ylM9W6c9l0Fqir7VX8hrCcJjHN5TCfsN12f1xPxicO3PQsy2gS1OXzN3ePshrz-v9SSgr_YjUgtZ9ZZfsNVKJre42mwBtVTrkv--ls2LuoFqnYgOirMyxuaT-COZuNhIcd0dJjLIkc7DX_kVPR2LICSX7fl49aIrOh6F64qcge7uiEuIDDMEemTNi_GNlXDMxlr_Gy_ElturxINKgfbMMeRuOKa125M6e64cigbkI57H1oU27NS72hFbHBc_TBahxcMOOVzSdz4GmmrUESFvb-vE5RsHoRIAKOBtcqwEFVoGwul7CvSjcAv7-F9O&sai=AMfl-YQclVpR_prd6LknK591eueSTunwh0qvgvbuxYQy0Zs_C-gspgB2EEbtlPQ4DORmigUuFaaWn0QFy7zxDAeNhTUmoUe7Cg5zEYrWN1sn1c2__llTqd4UfS7rq-wITD4&sig=Cg0ArKJSzJhvCT0yZIMxEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 0588 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:13:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
43962
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jul 2023 14:13:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 0588 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:04:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
44480
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jul 2023 14:04:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0588 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s01-in-f2.1e100.net
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 02:25:58 GMT
2139914314716046135
tpc.googlesyndication.com/simgad/ Frame 0588 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2139914314716046135
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
sffe /
Resource Hash
1e6ccbd432e2a3b18ddeed94336b75b4833fb67be8f4eb806152b9a9125f573c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65529
x-xss-protection
0
last-modified
Wed, 04 Dec 2019 06:43:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 12 Jul 2024 02:25:58 GMT
l
www.google.com/ads/measurement/ Frame 0588 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCc3FWGr5c-bb-42VXsMglU8Yr6A554mVMwmVDY-VrFBkvbSgXKTLtwG7kps5WhX1hdRfO1nzPR8Q9OuLn5W-k2XLJaA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 0E24 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_2pt67z22_QfKc0yzIgKMy33W6KRUwC9-pzuYjeBB7vZO-N78BlEjmBRiUspwztAsup4n7FiAUtoQnVCs4GGQoIG7fNIZehIMyI9hk-TamHzEBn5U1gK4Q-1-p9Dm_3IAn34CSoyA_ks_nSHrD7TVo0spOS_VUHknQgqOoB7wo1FvNb5dINoy2S_znPnA8k9158GG13mT0ZUBdg_lqVP_vxUt-eH46B98uwQuacE6dm-WOT3aDXZmWfqsnJxHUUfaQthlt_ureYDtjrs02BRUM9nFgUE1nJQ9eWlzW0J6tB1ZBzO58mjTmubfk0sKeJpsf6vAFw&sai=AMfl-YSi_elp9vv_A-P3i4g1-Vfz3Reo1Mb9hnS1x7e1ERaAn75i5qd8EuHBxxqe6hll-YziDcvjfdauOkeo9x00kSem6s5nd5BeNQ9GYJ5HouOKkFZkC_rB_YoYYQkyFyg&sig=Cg0ArKJSzHtY4ZKVvUlQEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tag
a.teads.tv/page/84405/ Frame 0E24 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/84405/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.189.34 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-189-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f45a13a60901989d54f571c1ca7bf81ec213be82e6c109c9f0e3f4b2e43e06fa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
1021
expires
Thu, 13 Jul 2023 03:25:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E24 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s01-in-f2.1e100.net
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 02:25:58 GMT
setuid
server.prebid.dianomi.com/ Frame B1A2
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gd...
  • https://server.prebid.dianomi.com//setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=43fc00e5-1d60-4e17-b913-00045c750241
  • https://server.prebid.dianomi.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=43fc00e5-1d60-4e17-b913-00045c750241
86 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server.prebid.dianomi.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=43fc00e5-1d60-4e17-b913-00045c750241
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Server
54.179.153.107 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-153-107.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 13 Jul 2023 02:25:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Accept-Encoding, Origin
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:57 GMT
vary
Accept-Encoding, Origin
content-type
text/html; charset=utf-8
location
/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=43fc00e5-1d60-4e17-b913-00045c750241
cache-control
no-cache, no-store, must-revalidate
content-length
158
expires
0
truncated
/ Frame 0588 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23d217219521e31f2aa01d1cbd3592833e7f2265adf94e22f8b73abc63dbce9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=991594294528179&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&rl=&if=false&ts=1689215157580&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.2.1689215157579.1800924909&cs_est=true&it=1689215155691&coo=false&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.35 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-itm1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Jul 2023 02:25:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=470261513615109&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&rl=&if=false&ts=1689215157585&cd[currency]=AUD&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.2.1689215157579.1800924909&cs_est=true&est_source=248881786549407&it=1689215155691&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.35 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-itm1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Jul 2023 02:25:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=470261513615109&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&rl=&if=false&ts=1689215157586&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.2.1689215157579.1800924909&cs_est=true&it=1689215155691&coo=false&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.35 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-itm1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Jul 2023 02:25:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=586918102853434&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&rl=&if=false&ts=1689215157586&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.2.1689215157579.1800924909&cs_est=true&it=1689215155691&coo=false&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.35 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-itm1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Jul 2023 02:25:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
css
fonts.googleapis.com/ Frame 8461 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f10.1e100.net
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jul 2023 02:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 01:32:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jul 2023 02:25:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8461 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:13:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
43961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jul 2023 14:13:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 8461 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:13:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
43962
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jul 2023 14:13:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8461 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:04:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
44480
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jul 2023 14:04:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 08D1 		1 KB
841 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
81085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 12 Jul 2023 03:54:32 GMT
etag
48472445140208031
expires
Thu, 13 Jul 2023 03:54:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8461 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:04:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
44481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jul 2023 14:04:37 GMT
l
www.google.com/ads/measurement/ Frame 8461 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnJejr-hYCuk2Q-MzeKNjor39N1zuPj-ViEOnnd4RgzVKQPf9zrYBptRhrFcSyVtHUMmRyVg0UBO1eB6QiFe4HPGvQ0A
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8461 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s01-in-f2.1e100.net
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 02:25:58 GMT
2a76cf1338a212cd33ad52adb05195b7.js
www.gstatic.com/mysidia/ Frame 8461 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s01-in-f3.1e100.net
Software
sffe /
Resource Hash
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 05:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14183
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 22:47:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 05:31:21 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 8461 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRVTLdjvoj5sDnZUPpbyntr2ZQnzqQh3SlUPav05ZGO_p0VIxSFQiSlHZmEog&usqp=CAI
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f14.1e100.net
Software
sffe /
Resource Hash
b542306fe3f9e9b55f136dfa9cc2a31c60b53358e203d9c980b7ec896ad60004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 03:05:02 GMT
x-content-type-options
nosniff
age
84056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32791
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 10:54:38 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 11 Jul 2024 03:05:02 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 8461 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSKjJfqdj-eoz4Q4Sn6v6ISqEO1rD6fq1pmA5nNeDuMH3wfVBRelTP0WpH0VQ&usqp=CAI
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s02-in-f14.1e100.net
Software
sffe /
Resource Hash
c74fad907b05feab6f9adb96b655863ab2374661466015de5e0792bebea71ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 04 Dec 2022 11:01:35 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31450
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 12 Jul 2024 02:25:58 GMT
17210078844069090664
tpc.googlesyndication.com/simgad/ Frame 8461
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCgufyWWxDoBxjoBzIIT2vRNzt0_XQ
  • https://tpc.googlesyndication.com/simgad/17210078844069090664
60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17210078844069090664
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.221.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f1.1e100.net
Software
sffe /
Resource Hash
8c013e06c36ec9ec10590c089cd6d91b6eea4f5363cd9da4beb8c9208f9d8240
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 01:51:46 GMT
x-content-type-options
nosniff
age
2053
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61526
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 01:26:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 12 Jul 2024 01:51:46 GMT

Redirect headers

date
Thu, 13 Jul 2023 01:51:46 GMT
x-content-type-options
nosniff
server
cafe
age
2052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/17210078844069090664
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 12 Aug 2023 01:51:46 GMT
usync.js
eus.rubiconproject.com/ Frame EC44 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.190.50 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-190-50.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43e91e8157c58be22b0c4d455503cbdeb9e1dd971124eaf99f1ec55815be26da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:25:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:51:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19539
Connection
keep-alive
Content-Length
10153
Expires
Thu, 13 Jul 2023 07:51:36 GMT
khaos.jpg
token.rubiconproject.com/ Frame EC44 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 08D1
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEF6KOYqlHfRQoSxkk2AJVgU&google_cver=1&google_push=AaAOQGGhQtOKyIrUPrOpAvKosHzOsrnbGbSkNSadfVgXUklYVIKIP_TK4MfzVKJTIdd5WLX6aShzg2l...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGGhQtOKyIrUPrOpAvKosHzOsrnbGbSkNSadfVgXUklYVIKIP_TK4MfzVKJTIdd5WLX6aShzg2lV-j-pcFTR-_Moo3qv5nmDTIHSVRdCBDY-QNGhHtnWp02XJ3OS...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGGhQtOKyIrUPrOpAvKosHzOsrnbGbSkNSadfVgXUklYVIKIP_TK4MfzVKJTIdd5WLX6aShzg2lV-j-pcFTR-_Moo3qv5nmDTIHSVRdCBDY-QNGhHtnWp02XJ3OSw261XK8FXxKoKGZQg6BnfNbrPw&google_hm=KC7xstdfRgqYHXm2-I0T36E
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:58 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGGhQtOKyIrUPrOpAvKosHzOsrnbGbSkNSadfVgXUklYVIKIP_TK4MfzVKJTIdd5WLX6aShzg2lV-j-pcFTR-_Moo3qv5nmDTIHSVRdCBDY-QNGhHtnWp02XJ3OSw261XK8FXxKoKGZQg6BnfNbrPw&google_hm=KC7xstdfRgqYHXm2-I0T36E
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gdn.socdm.com/rtb/ Frame 08D1
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEOp1yCs2PL-hEsogm4mdAlM&google_cver=1&google_push=AaAOQGHjKp2PAZhZln51a1Ud8Au226d5MIFnlzsgkh-Y5C8zNLzmIEDzd0CQsJC2HOm1g...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=Wks5Z3RzQ281dVlBQUpwWmpKNEFBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOp1yCs2PL-hEsogm4mdAlM&google_cver=1
43 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOp1yCs2PL-hEsogm4mdAlM&google_cver=1
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
124.146.215.4 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:25:59 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEOp1yCs2PL-hEsogm4mdAlM&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.161","key":"ZK9gtsCo5uYAAJpZjJ4AAAAA","privacy_sensitive":false,"uid":"ZK9gtsCo5uYAAJpZjJ4AAAAA","upstream_id":"a-ad40029"}
X-SO-Key
ZK9gtsCo5uYAAJpZjJ4AAAAA
X-SO-Upstream-ID
a-ad40029
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40029.dc2p.scaleout.jp
X-SO-UID
ZK9gtsCo5uYAAJpZjJ4AAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
66.203.112.161
X-SO-Cluster-ID
0
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
7
X-SO-LB-Hostname
m-ng11.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOp1yCs2PL-hEsogm4mdAlM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 08D1
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOWBkhJMvR4slBLgOKBMo50&google_cver=1&google_push=AaAOQGHhQhMouLF2_L5OVJFef8EHu0WdeYHTP1IuIAgz2pV1G2h4MpBn9AmlIpW975b8ZaM6TZL6Dp36obqQcetKS9qz9YgcLGs...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGHhQhMouLF2_L5OVJFef8EHu0WdeYHTP1IuIAgz2pV1G2h4MpBn9AmlIpW975b8ZaM6TZL6Dp36obqQcetKS9qz9YgcLGs1EEr9Rh6Ww0F-xXH9-fUekmdP8zXNo6C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGHhQhMouLF2_L5OVJFef8EHu0WdeYHTP1IuIAgz2pV1G2h4MpBn9AmlIpW975b8ZaM6TZL6Dp36obqQcetKS9qz9YgcLGs1EEr9Rh6Ww0F-xXH9-fUekmdP8zXNo6CmfxZhXy4XjUfZtqTvsqtuS2o&google_hm=Z2FjZTE5MDI0ZTRmMzJkYWUwOGU=
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:58 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGHhQhMouLF2_L5OVJFef8EHu0WdeYHTP1IuIAgz2pV1G2h4MpBn9AmlIpW975b8ZaM6TZL6Dp36obqQcetKS9qz9YgcLGs1EEr9Rh6Ww0F-xXH9-fUekmdP8zXNo6CmfxZhXy4XjUfZtqTvsqtuS2o&google_hm=Z2FjZTE5MDI0ZTRmMzJkYWUwOGU=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 08D1
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOJ76XJwhBwVUFNju0e5DSs&google_cver=1&google_push=AaAOQGEUK9y-URJFzoxB-mCSiurPqN5v3KQRy3UP3T56BdUizhDjltoPCLyt4CBIDbbsGZugpM-4Njf8xHCJYHYcj_jEzkiukJ...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGEUK9y-URJFzoxB-mCSiurPqN5v3KQRy3UP3T56BdUizhDjltoPCLyt4CBIDbbsGZugpM-4Njf8xHCJYHYcj_jEzkiukJw...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDU1ODk1OTE0MzY1Mjk0MDgyNjc1Mw%3D%3D&google_push=AaAOQGEUK9y-URJFzoxB-mCSiurPqN5v3KQRy3UP3T56BdUizhDjltoP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDU1ODk1OTE0MzY1Mjk0MDgyNjc1Mw%3D%3D&google_push=AaAOQGEUK9y-URJFzoxB-mCSiurPqN5v3KQRy3UP3T56BdUizhDjltoPCLyt4CBIDbbsGZugpM-4Njf8xHCJYHYcj_jEzkiukJwFpfXDNxJ45d7VP8G3GZj40X8BCT9ZCdyTrnxdmXMgYCKnbpemUxhxeXo
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDU1ODk1OTE0MzY1Mjk0MDgyNjc1Mw%3D%3D&google_push=AaAOQGEUK9y-URJFzoxB-mCSiurPqN5v3KQRy3UP3T56BdUizhDjltoPCLyt4CBIDbbsGZugpM-4Njf8xHCJYHYcj_jEzkiukJwFpfXDNxJ45d7VP8G3GZj40X8BCT9ZCdyTrnxdmXMgYCKnbpemUxhxeXo
date
Thu, 13 Jul 2023 02:25:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 08D1
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEESASaTxSgdPnMkRQ3LdhB8&google_cver=1&google_push=AaAOQGFngp-mnyjU4TJQ62v_vhYf7SLFdfCXKY4g07H0DLirPFXBGY8s_da2v41s...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEESASaTxSgdPnMkRQ3LdhB8&google_cver=1&google_push=AaAOQGFngp-mnyjU4TJQ62v_vhYf7SLFdfCXKY4g07H0DLirPFXBGY8s_da2v41s...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AaAOQGFngp-mnyjU4TJQ62v_vhYf7SLFdfCXKY4g07H0DLirPFXBGY8s_da2v41sMvvI7Nb07ktVF8fb3jiCudndL4VAAV6iOL4P7wfnZAMa3_uuE7ZUO8et9XLgNT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AaAOQGFngp-mnyjU4TJQ62v_vhYf7SLFdfCXKY4g07H0DLirPFXBGY8s_da2v41sMvvI7Nb07ktVF8fb3jiCudndL4VAAV6iOL4P7wfnZAMa3_uuE7ZUO8et9XLgNTTDcVYmU78pfqWHdiM2Ex-pjCTHRm0&google_hm=MWQxazk4VzdnZTA=&suid-set=1
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 02:25:59 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AaAOQGFngp-mnyjU4TJQ62v_vhYf7SLFdfCXKY4g07H0DLirPFXBGY8s_da2v41sMvvI7Nb07ktVF8fb3jiCudndL4VAAV6iOL4P7wfnZAMa3_uuE7ZUO8et9XLgNTTDcVYmU78pfqWHdiM2Ex-pjCTHRm0&google_hm=MWQxazk4VzdnZTA=&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
report
sync.teads.tv/um/ Frame 08D1
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBHbqB1q9nVi...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=Y2NjYWVkYzgtMDc1Ni00NjNkLThjOGYtYzI4ZGZkNjZiNDQ1&google_push=AaAOQGEKrZFNJub7BzhkPyVLiAYubZRTZLoEGYaruLFuqkIsNZpsvff05eNx7Y8prtSmi...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.58.141.50 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-141-50.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 13 Jul 2023 02:25:59 GMT
pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 08D1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKluUWif99bteJ5HbzGW9yI&google_cver=1&google_push=AaAOQGGHrdpkSkl3j...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKluUWif99bteJ5HbzGW9yI%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzgyMzgyMTcwMDY3NDAwNzQ2MA%3D%3D&google_gid=CAESEKluUWif99bteJ5HbzGW9yI&google_cver=1&google_push=AaAOQGGHrdpkSkl3j5tlMFqQ_HPBEUS1RS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzgyMzgyMTcwMDY3NDAwNzQ2MA%3D%3D&google_gid=CAESEKluUWif99bteJ5HbzGW9yI&google_cver=1&google_push=AaAOQGGHrdpkSkl3j5tlMFqQ_HPBEUS1RSpKJpfUyojR7FC8l5_7nfuSSIBhkzFwu4L11ZWP4659hTpPrV2FSjgZScSp4OZpIvzumpzGUdmxCsHtyRZUXuGpfkVNFiPgyf5tEeWNskl1xyG5cKJccq8EHYQ
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:58 GMT
an-x-request-uuid
ac83a989-d3f4-4cec-adb7-9f6f2efc9d32
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzgyMzgyMTcwMDY3NDAwNzQ2MA%3D%3D&google_gid=CAESEKluUWif99bteJ5HbzGW9yI&google_cver=1&google_push=AaAOQGGHrdpkSkl3j5tlMFqQ_HPBEUS1RSpKJpfUyojR7FC8l5_7nfuSSIBhkzFwu4L11ZWP4659hTpPrV2FSjgZScSp4OZpIvzumpzGUdmxCsHtyRZUXuGpfkVNFiPgyf5tEeWNskl1xyG5cKJccq8EHYQ
x-proxy-origin
66.203.112.161; 66.203.112.161; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 08D1 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-Rp063_3tYGwzoWopbvThW46Y8j34EegPPPiK8dfWvRIztXPgPHr5a_4yvZX_coZc1Ddx1FWc
Requested by
Host: 8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
URL: https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.facebook.com/tr/ Frame 2906 		0
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.35 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-itm1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itnews.com.au
Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itnews.com.au
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 02:25:58 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame BFF6 		0
31 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.35 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-itm1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itnews.com.au
Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itnews.com.au
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 02:25:58 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 515B 		0
31 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.35 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-itm1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itnews.com.au
Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itnews.com.au
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 02:25:58 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE5F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.dianomi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=26106
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 13 Jul 2023 02:25:58 GMT
expires
Thu, 13 Jul 2023 09:41:04 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
teads-format.min.js
a.teads.tv/media/format/v3/ 		599 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.189.34 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-189-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
885b1e5d84dd71ad25ccd7e396b1a3a0b52786c79e3e45f61683a384ebfbb753

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:58 GMT
content-encoding
br
last-modified
Wed, 12 Jul 2023 14:23:14 GMT
x-amz-request-id
5RQR6ACD7RDQ9M2F
etag
"7785305f19657469f16afad714ea36fe"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
0
accept-ranges
bytes
content-length
133836
x-amz-id-2
Iaq2K7s5j74FUDpWoFXYRoihUEvEtoAzCSm1nnqAYjtyO2eNfS45wUv0rUxEwkT2V0lzvIp4NYg=
expires
Thu, 13 Jul 2023 02:55:58 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame BE5F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24353995&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
542c2b3efef3a0d3c44b010c25e8044aeb5412fab42a999266af4e174afc1d44

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 02:25:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 59D6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H3
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date
Thu, 13 Jul 2023 02:25:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rubicon
data.dianomi.com/frontend/ Frame EC44
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&gdpr=0&gdpr_consent=&gdpr=0&khaos=LK0J3ABN-13-6QK4
  • https://data.dianomi.com/frontend/rubicon?uid=LK0J3ABN-13-6QK4&gdpr=0
68 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.dianomi.com/frontend/rubicon?uid=LK0J3ABN-13-6QK4&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:01 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
content-length
68
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7e5e1422699da7fc-SYD
access-control-allow-headers
dianomi-force-dmp

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://data.dianomi.com/frontend/rubicon?uid=LK0J3ABN-13-6QK4&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
lounge.dbc47866f009f9d6f1556cd58214d9a3.css
c.disquscdn.com/next/embed/styles/ Frame C60D 		233 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 30 May 2023 18:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
3742359
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
33282
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 30 May 2023 18:28:53 GMT
server
nginx
etag
"64764065-8202"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
7oPe9Xsy39VHCqI7MDky1bAhWaeHuFcw5YnHLQzVLioG3XEIPmjT4g==
expires
Wed, 29 May 2024 18:53:20 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EC44
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hidDeiinSm2OtK9BPzMOnA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hidDeiinSm2OtK9BPzMOnA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hidDeiinSm2OtK9BPzMOnA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 02:26:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QCJRHQH1XHR7C8M21NZ2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hidDeiinSm2OtK9BPzMOnA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EC44
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEK3t-m9hmZjhfymjEkKc4Q&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEK3t-m9hmZjhfymjEkKc4Q&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEK3t-m9hmZjhfymjEkKc4Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EC44
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEswSjNBQk4tMTMtNlFLNA==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOkSLQYO_bPE94XVjt6WfIE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEswSjNBQk4tMTMtNlFLNA==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEswSjNBQk4tMTMtNlFLNA==&google_push=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEswSjNBQk4tMTMtNlFLNA==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
setuid
px.ads.linkedin.com/ Frame EC44
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK0J3ABN-13-6QK4&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK0J3ABN-13-6QK4&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:59 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 98ADB3A9AB2B48E6A091756553C3C590 Ref B: SYD03EDGE0911 Ref C: 2023-07-13T02:25:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAVQ2HBOKkBnZ7yJfWOg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK0J3ABN-13-6QK4&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EC44
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gJnW9tciXX_Vpg_uWmejhsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kr9fXm1E2oIDX7w3ZixQjgTocAaV8b0avLiH1w--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kr9fXm1E2oIDX7w3ZixQjgTocAaV8b0avLiH1w--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 13 Jul 2023 02:26:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kr9fXm1E2oIDX7w3ZixQjgTocAaV8b0avLiH1w--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame EC44
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3c40cee6-4e35-43bd-b495-fd9a75e77239&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3c40cee6-4e35-43bd-b495-fd9a75e77239&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3c40cee6-4e35-43bd-b495-fd9a75e77239&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
s.amazon-adsystem.com/ Frame EC44
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tyEBOaUoSmmNmHIZWoBQng&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tyEBOaUoSmmNmHIZWoBQng&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tyEBOaUoSmmNmHIZWoBQng&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 02:26:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WPXEAMTDE7QTGTNC4GSR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tyEBOaUoSmmNmHIZWoBQng&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EC44
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUxMDE3OGZkY2UwYTY0M2VhYTQwY2E2YWI4YTkyYzc3MmRmMTRiNA&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUxMDE3OGZkY2UwYTY0M2VhYTQwY2E2YWI4YTkyYzc3MmRmMTRiNA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUxMDE3OGZkY2UwYTY0M2VhYTQwY2E2YWI4YTkyYzc3MmRmMTRiNA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3CB4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H3
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date
Thu, 13 Jul 2023 02:25:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
lounge.bundle.9252e8c30002c02fb7a36ab614c3c6ee.js
c.disquscdn.com/next/embed/ Frame C60D 		513 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.9252e8c30002c02fb7a36ab614c3c6ee.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
417412fab0fb1f36d3771b208b38a4342dcef4f9c2fdd9287d7bd7e51d63bd74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 10 Jul 2023 13:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
218299
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
130983
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Mon, 10 Jul 2023 13:41:15 GMT
server
nginx
etag
"64ac0a7b-1ffa7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
wPU4VjPkcMCBMkV7RC4ObXb2eWQpOlGtcPQxsMicpF5dg_O6wJyaaA==
expires
Tue, 09 Jul 2024 13:47:40 GMT
config.js
disqus.com/next/ Frame C60D 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
52a3a3da0b9315d0761e96afd11f6ace725b86dcce0cd40b35eecfe36d936527
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:25:59 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
46
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
18754
X-XSS-Protection
1; mode=block
track
t.teads.tv/ 		23 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=67bca080-095c-463d-99fe-cd357ae89557&pageId=84405&pid=117459&debug_metadata=kN5fGsaB9f&fv=1217&ts=1689215159160&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.141.50 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-141-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:59 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=67bca080-095c-463d-99fe-cd357ae89557&pageId=84405&pid=117459&slot=native&fv=1217&ts=1689215159172&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.141.50 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-141-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 13 Jul 2023 02:25:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
ad
a.teads.tv/page/84405/ 		540 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/84405/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&auctid=67bca080-095c-463d-99fe-cd357ae89557&formatVersion=1217&env=js-web&netBw=9.3&ttfb=113
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.189.34 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-189-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3851948430d26bac0ae2df21369c638c8d7f938d8309c719272defec048a3294

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itnews.com.au
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
383
expires
Thu, 13 Jul 2023 02:25:59 GMT
truncated
/ Frame 0E24 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f05259242dcb86fc0eb3b6a61234194811a131573dce70f24f1183408fd3da89

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0E24 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRao-TnpYfkIYaGAiqQwv4lBxPqNVjzkDGbxx3JSpYlWKOPH22kFBWOf1sQ5EHQtopmS2GTzg-PttCEo00ZT5f0sDfQoJOYyJgaWEQ8Q1bh5N9FGOuYMvLvkvoa_BnM4DsVNS6A7xR7ySXHm3UNbYNvJcBvs1ec0GsXrkivrE3zusA31r3mm1_W9BRpw7N0rsmV3_qDyTsYVCVO-AYiP5gr6qZNOMQadLslC_C128YirHEOh2UIB81oXG94YfChIHbRVZOCBR5QqK9jiUcXBEsDTER8LspryDghuQXO3MJNDZaD2GJKLgHSMI4_XoULHM-ZuFBPtOA&sai=AMfl-YS8KInUJu11J6QwU6ocw1cFu4jCffYmNjtEnz_-Ecv2uQR5QVZB_ot-IKbnjXcFWz1LKgau0KitfK7EwAzViWWlkt5yYEMsM732nY63to8Qq84-QDwOctDG0uqmXTo&sig=Cg0ArKJSzAic5NBuzvsnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 13 Jul 2023 02:26:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5E23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHXhfxZloRApTqD5o-NxJ_ExDuOdGBWUF3FiajsxO28gn8EQfyH0fayns23UlC6EQv9f4Jsl0HKaTg8-VQiX8fThiDOdYvC4m2dg3u8-YK32NK00aapmugImUOmeMu_gyjIQqinViptQlbIeGrUwwxHRHF40-FqOnv83abc5BsxAhAY2BCupkqQ2JvWflyE6DBrMhPmWZX9K0oL8llbz1YOEK_SM5Vc8yLxhOLEQy6ghEAOKJNmNIcQZxPpbAZM0Ets4v201k-gIgcDebeuTXi-1vwfF2GuS1WhIQ-0xPCG1wNmjNcdllrtmRoSv-6LAC5wQsXTLzYJKMlRHFVqEF5MA&sai=AMfl-YSwK360xOpAtYMVWATKes2kWjvw_r-ioxtx_x4QUegG5Y0PBU4HvRIbyLem6WzlXULoOpTt8qzv42t_lPBS9pgbUI7_FOcAXTRxOIIDSMhQ9gl3Pj3Wj9sciaKzIls&sig=Cg0ArKJSzFitidwzTD0wEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 13 Jul 2023 02:26:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E480 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4nGFo4u8-Ao-FWGC0P_Ul4Cmtu-tHD5_LSGf4BTL08RWXRi1nuZjLmtIzU05sC8LqQul5A1dwRkV9Oc2whqgla_Pl7HntrWGGwLsH1D4899nqvzoPXGBf42whx0M3NHWp274ytZpvxOWnla7xGRPiv-RELyKdsfjjcU7EWRYErm__tPoI_XlgMH0Uke5kWDn3T_BBnEAAA-hB36cu2uUXaS7TW0hFxxfFT77gIV8uHXHmWwaoaIiEeXyBGSb9qTDs6MXdXkNCW1f57_tBExjmMIuLSKBKvXrmxR4HQvn8hjVzLU7L8gg-tKNd09XGjH1FMcwjVxAqfg&sai=AMfl-YSZRgUhRz0PpKhImXzpbmdOrQWMXk-Y4mBdTjg2mtrWc2AbEWGWZ5fE1ZK43HwXRNUhsBS8WP9tgtg7NVvFUVp9m-JYBiQeJH9zGlQBHtGQH7cq30wZWqu1SF0iyEE&sig=Cg0ArKJSzIUNQCmrD7U4EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 13 Jul 2023 02:26:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 59D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CaCEytGCvZJScCZ7NjMwPr6KpsAin6fDjb7bg7NmIDdvZHhABIP2ApzpgpYCAgJABoAHLmrHSAsgBAqkCb7g1doTJtT7gAgCoAwHIAwiqBK8CT9AGynVWC3ZaVWXCq-0C5uytJ1WQpCRBneMfkSR_dPybygcKf38lONZJ8KeQZMw0lD4VNuSMY5Uk2xNwgHdal3UU0ihLr1zLPjZjREqIC4jcuFC8VFHJe0Lk75SiFcV_qiuNtBy2wcUFpYK8E67rkv31qvLPirP1Igc7yM85I7MY5Mwcvbjk6VKzgk6LXdE6TmY3uBlkJyY0x2iEcTN8YnN_G9Ea24SMIL6AwzAQjI9iA7ZP-C18cDzFVU8T5kkgAkzjgdlLlMva80sFaF7lVzmIWgFR5KA8C5BuIMSk3_qcno5SzsUJvN1aXm5ySNXA44eV01_mVfDP0f0Ns9qjbhCsj1v4noSduuzP8qyB69OW4SmlkkIgfPUB4erIMVXN4FqSflAJpvVa92s_onOSwATc3sfa1gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHneXOrQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDAvhHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaIMDCoKCgjktLEC7rWxAtgTDdAVAYAXAbIXHgocCAASFHB1Yi0zNDU1ODE2NDkxNTI2MTM5GN3YBQ&sigh=jK1324nUU5c&uach_m=[]&cid=CAQSPABpAlJW0yw1LEa6wt3b0pUbecvXljk4SLv2AK21aGd349fhrl3m0YdrtgHDs02MWtwx344B_jvufFERqBgB&cbvp=2
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 4160 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 11 Sep 2022 02:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
26351251
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2978
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 30 Aug 2022 17:50:39 GMT
server
nginx
etag
"630e4def-ba2"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
EsDdiQ-8260-hzQwf0HM2hkG46auK-q15ABQ_pUmlJ0GqQyebfv7Yw==
expires
Mon, 11 Sep 2023 02:38:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0588 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbWc8SH2aXvWNl9QSojxSANNo2ojsD-TmZ-lYyxjmTvCWxiSAhBttXFc5mDem0DVzsXO_Z1k3xPOFfRdAd3fhn1hUpGr7Fgz_5CeJ0cJLIqPrH3pVBf96yEaDpoJ7Afq4PbyQpIYN-j-4jPrBJOwPgjVxn965DDssHMmMVEV86p1PCOFOd5GfNOzNF1dfQ5JO4TTg4aWdwgnMmD3TCdwKChWFSI1OgwIk4-OHf3mZdwTb6oXBoc-6hbHcM3wgPITmm9a3UPE5gpCVQYTkmQONzzRofcw1fA3cI_4XbysAt3eU_eP2tFwgZTETEoN6L8TWHAa-MBXXeBd4Hu2vL2oE&sai=AMfl-YRSjm0PECdmm59vlvYhVRfvVeiO9QOIIYMt89mmUeXmtZuvq6p82vkC6dmdc4DH4uXo10jxt8JEeaPL2hYf5-kCITLbWEmP7jUT3hvfVZlPv0vIVQpLQgDG9GdoWsM&sig=Cg0ArKJSzCHojQ9wwTj5EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 13 Jul 2023 02:26:00 GMT
recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js
c.disquscdn.com/next/recommendations/ Frame 4160 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 08 Feb 2023 19:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
13330082
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
20326
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 08 Feb 2023 19:27:34 GMT
server
nginx
etag
"63e3f7a6-4f66"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
zjlYgySz13O2fuf_caejc0ChvnxNPMzVSCim5rkIxdJTW6NWX3cAOQ==
expires
Thu, 08 Feb 2024 19:37:57 GMT
config.js
disqus.com/next/ Frame 4160 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
52a3a3da0b9315d0761e96afd11f6ace725b86dcce0cd40b35eecfe36d936527
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:25:59 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
46
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
18754
X-XSS-Protection
1; mode=block
truncated
/ Frame 8461 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ec120a0ebf1e5335993e2da1094fa1ed6f2bc1e4f093ccd3c15b0265b7a7f9a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 69BC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZK9guAAAAajS2QAN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 13 Jul 2023 02:26:00 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-krnt7300097-BFI
x-timer
S1689215160.405305,VS0,VE62

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 13 Jul 2023 02:26:00 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZK9guAAAAajS2QAN
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-krnt7300097-BFI
x-timer
S1689215160.090569,VS0,VE69
Pug
image2.pubmatic.com/AdServer/ Frame 2C99
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1975180292551097479
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1975180292551097479
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 02:25:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 13 Jul 2023 02:26:00 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1975180292551097479
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 823E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3823821700674007460&gdpr=0&gdpr_consent=
42 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3823821700674007460&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 02:25:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
7b60774c-a8ef-48d1-ad88-608445098d8a
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 02:25:59 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3823821700674007460&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
66.203.112.161; 66.203.112.161; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame DB83
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vtjhHr7c4kCl2LFP7t6tTLzVsR2l1eUd7Nv8UG6g
42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vtjhHr7c4kCl2LFP7t6tTLzVsR2l1eUd7Nv8UG6g
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 02:25:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 13 Jul 2023 02:26:00 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vtjhHr7c4kCl2LFP7t6tTLzVsR2l1eUd7Nv8UG6g
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
setuid
server.prebid.dianomi.com/ Frame FD96
Redirect Chain
  • https://server.prebid.dianomi.com//setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
  • https://server.prebid.dianomi.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
0
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://server.prebid.dianomi.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.153.107 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-153-107.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 13 Jul 2023 02:25:59 GMT
expires
0
pragma
no-cache
vary
Accept-Encoding Origin

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
162
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 02:25:59 GMT
expires
0
location
/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
pragma
no-cache
vary
Accept-Encoding Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE5F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qw7LJGNLTi27kQiHQdaX7g%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
23.44.0.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:25:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=26105
accept-ranges
bytes
content-length
5606
expires
Thu, 13 Jul 2023 09:41:04 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame BE5F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=430ECB24-634B-4E2D-BB91-088741D697EE
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=430ECB24-634B-4E2D-BB91-088741D697EE
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0672bcb1-4f0d-4b3a-934a-a9b93b24c498%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3c40cee6-4e35-43bd-b495-fd9a75e77239&ttd_puid=0672bcb1-4f0d-4b3a-934a-a9b93b24c498%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3c40cee6-4e35-43bd-b495-fd9a75e77239&ttd_puid=0672bcb1-4f0d-4b3a-934a-a9b93b24c498%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:00 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3c40cee6-4e35-43bd-b495-fd9a75e77239&ttd_puid=0672bcb1-4f0d-4b3a-934a-a9b93b24c498%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
qmap
sync.crwdcntrl.net/ Frame BE5F
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=&ct=y
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
52.74.22.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-22-247.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.4.141
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.11.65
content-length
0
expires
0
info2
uipapac.semasio.net/pubmatic/1/ Frame BE5F
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=430ECB24-634B-4E2D-BB91-088741D697EE&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipapac.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=430ECB24-634B-4E2D-BB91-088741D697EE&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=430ECB24-634B-4E2D-BB91-088741D697EE&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=430ECB24-634B-4E2D-BB91-088741D697EE&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:42 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:42 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=430ECB24-634B-4E2D-BB91-088741D697EE&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BE5F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDMwRUNCMjQtNjM0Qi00RTJELUJCOTEtMDg4NzQxRDY5N0VF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 02:26:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BE5F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENsHYyNd3czoSvlxkUBAyQ4&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENsHYyNd3czoSvlxkUBAyQ4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 02:26:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENsHYyNd3czoSvlxkUBAyQ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BE5F
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C9ABB08526444626B8DEF3E3B60F5767
42 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C9ABB08526444626B8DEF3E3B60F5767
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 02:26:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 13 Jul 2023 02:26:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C9ABB08526444626B8DEF3E3B60F5767
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 12 Jul 2023 02:26:00 GMT
430ECB24-634B-4E2D-BB91-088741D697EE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BE5F 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/430ECB24-634B-4E2D-BB91-088741D697EE?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.0.230.151 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-230-151.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame BE5F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c40cee6-4e35-43bd-b495-fd9a75e77239&gdpr=0&gdpr_consent=
42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c40cee6-4e35-43bd-b495-fd9a75e77239&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 02:26:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:25:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c40cee6-4e35-43bd-b495-fd9a75e77239&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
Pug
simage2.pubmatic.com/AdServer/ Frame BE5F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=43fc00e5-1d60-4e17-b913-00045c750241&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=0c902cd2-2323-4ac3-98f4-7e69ccf5eb62&expires=1&user_group=5&ssp=pubmatic&bsw_param=43fc00e5-1d60-4e17-b913-00045c750241&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43fc00e5-1d60-4e17-b913-00045c750241&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43fc00e5-1d60-4e17-b913-00045c750241&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 02:26:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=43fc00e5-1d60-4e17-b913-00045c750241&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Thu, 13 Jul 2023 02:26:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 3CB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHu0ttGCvZJWcCZ7NjMwPr6KpsAiUhPe-cP6j6LjBEdvZHhABIP2ApzpgpYCAgJABoAGHg7_3A8gBAuACAKgDAcgDCKoEuAJP0LH8YCxAqqFmgGs3HHQxwRHgVWWkMS-BkVcHzaMsrlP_7xnTSLqmW2o8OznU71zz4HHWRt3ZeqydO76iHZvG3H2XOMNeG-XThJmyobR0AYgMYQavbnaTfFK7iKEzlp6pPMpH827ntGZ767e6zdnLzeV0uoF4bp5LAThHr4lAmKFc5ntwmFmQEtkMBNdjL2ZWs7NwimtqnSeX4I6mCJ8QCdHYD_zyQKgYD2A7vcRPffk6HcRjFegcEil3MaEuEfI8zsStOymV4Gu65HDbKANTFVcjRcHt3J1GrcmSQWvnILqYE-VveUn1w58CMU4ui8xpSwiQTJUDLbRvBZpC2dUeoN0C6GB8yxWwEow7ZP62nCstxC9qMgft5K6LuaX28YkHwClLHJDFjPdww29sIemMgTa0bTb2yrLABIzt4rOkBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeAw_eZAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEIOu0gHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaIMDCoKCgjktLEC7rWxAtgTDNAVAYAXAbIXHgocCAASFHB1Yi0zNDU1ODE2NDkxNTI2MTM5GN3YBQ&sigh=K-YSDC_ANw0&uach_m=[]&cid=CAQSPABpAlJW0yw1LEa6wt3b0pUbecvXljk4SLv2AK21aGd349fhrl3m0YdrtgHDs02MWtwx344B_jvufFERqBgB&cbvp=2
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 8461 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 05:42:41 GMT
x-content-type-options
nosniff
age
592998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jul 2024 05:42:41 GMT
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=67bca080-095c-463d-99fe-cd357ae89557&pageId=84405&pid=117459&slot=native&vid=cccaedc8-0756-463d-8c8f-c28dfd66b445&fv=1217&ts=1689215159516&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.141.50 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-141-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 13 Jul 2023 02:25:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
details
disqus.com/api/3.0/forums/ Frame C60D 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d00ce442f25ce246fc04f54b1660ec52c9323d1bd75c970549a21373ee6e2062
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:25:59 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3110
X-XSS-Protection
1; mode=block
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame C60D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 25 Mar 2023 15:31:57 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
9456842
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Fri, 17 Mar 2023 09:25:43 GMT
server
nginx
etag
"64143217-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
th3qUBN3ola-EDTvy9V_4uKQmfRqxKxVr-KjYfLDYlIgQcpvzYlkMQ==
expires
Sun, 24 Mar 2024 15:31:57 GMT
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame C60D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 21 Aug 2022 05:31:16 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
28155283
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 18 Aug 2022 14:28:43 GMT
server
nginx
etag
"62fe4c9b-b9b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
7JY8TsZq5PadsE0oRSwm0zZKx_t0ors5HZPYgw3-Duauxw2xjwkj2A==
expires
Mon, 21 Aug 2023 05:31:16 GMT
email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame C60D 		840 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 14 Nov 2022 05:36:22 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
20810977
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
840
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Fri, 11 Nov 2022 07:03:00 GMT
server
nginx
etag
"636df3a4-348"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Ybq2tSVVAxlqtDhFuGkz5CX9CkFH5Mk-C0OlFEJTlK-OBQ5Cf9G5XQ==
expires
Tue, 14 Nov 2023 05:36:22 GMT
privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame C60D 		891 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 12 Nov 2022 02:28:02 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
20995077
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
891
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Fri, 11 Nov 2022 07:03:00 GMT
server
nginx
etag
"636df3a4-37b"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
wFIKoimmEvrqxGj9dBYcdzRksbEDSHDmDAsphjLwwXEVdiH0j6hlJw==
expires
Sun, 12 Nov 2023 02:28:02 GMT
warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame C60D 		605 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 04 Dec 2022 10:05:42 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
19066817
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
605
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 01 Dec 2022 19:00:29 GMT
server
nginx
etag
"6388f9cd-25d"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
YS5LHC-17aEphgh3uZy_NcdfvNuBFHHo7SUUsxOmatAl_egWCwPDoQ==
expires
Mon, 04 Dec 2023 10:05:42 GMT
sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame C60D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 20 Sep 2022 11:48:31 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
25540648
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1763
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Fri, 16 Sep 2022 08:34:41 GMT
server
nginx
etag
"63243521-6e3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
mFlcWZgadQLLrF69dyPxY9kCwlXGnqAly4RWrRpLTb8AWj8IZaqdqQ==
expires
Wed, 20 Sep 2023 11:48:31 GMT
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame C60D 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 28 Aug 2022 00:45:29 GMT
via
1.1 9e1ca2a082cf3304834fbd01d8598ce4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
27567630
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Fri, 26 Aug 2022 22:07:42 GMT
server
nginx
etag
"6309442e-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
6pVJ5BLpqq0CfDrirpouKAXDEaHWdRbYGpLz_UNIof7cj7coi6adYA==
expires
Mon, 28 Aug 2023 00:45:29 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8461 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzLiatGCvZJecCZ7NjMwPr6KpsAib6qPzbuPs2PWnD2QQASD9gKc6YKWAgICQAaABv-6osCjIAQmpAunCCh5txKY-4AIAqAMByAPLBKoEswJP0DByFpKT34Z-IIGvZhuiUTnkT6_k-O07SS0uYND3CYWWwp0gtiV1Vdgfaq9uRkO5GrMZyCcnDjnDGvxbJrw1QDQFrxKiYX0PzhXGH6tNkSg6LloRRWq-t4jO3nwyBubuDF34ReoV39kXAupGYQFpYu0YHm-g8hUqIHAi9QKfoTwaWh63jq6lD7dWFoO_eQ6G_UYz8DS-CUaw1MC-kpj49nTvItEDkSxHQ2C3Nu_CCj6a7md7Uvk3mYAETgUDAzqjpGGsTo7rWtjg_wcvdw1TIgTof9UICo7hwV7sBJijhlMUWXE_Vl65_yS0dUucwd9LIY32W62iS5UqG--01_p0M_-JGGPDCOWlVtMTRe8SMokcyR31YCZMyUQxoXaf3D0Q4Ghc--VloA2gg7_NoYMgCBG0wATfgpLZ-QPgBAGSBQQIBBgBkgUECAUYBKAGLoAHv6b5jwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQr8MB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDAwqCgoI5LSxAu61sQLYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzQ1NTgxNjQ5MTUyNjEzORjd2AU&sigh=SEnchtPdGaA&uach_m=[UACH]&cid=CAQSPABpAlJW0yw1LEa6wt3b0pUbecvXljk4SLv2AK21aGd349fhrl3m0YdrtgHDs02MWtwx344B_jvufFERqBgB&template_id=494&cbvp=2&vis=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
follow-v2.411b1215980cdde315e43cc006cfbea6.svg
c.disquscdn.com/next/embed/assets/img/ Frame C60D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/follow-v2.411b1215980cdde315e43cc006cfbea6.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
5ab9af97734b7a1b76e65a6aff767898e4dd763725c46ee56d340a5fd116e6a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 07 Mar 2023 13:43:26 GMT
via
1.1 9e1ca2a082cf3304834fbd01d8598ce4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
11018553
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1557
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 02 Mar 2023 09:36:57 GMT
server
nginx
etag
"64006e39-615"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
wOawjh3co3mxGeePqtG0Lh9onLRYh2ZBpuWXtpJucDFwQAUqlzUjuA==
expires
Wed, 06 Mar 2024 13:43:26 GMT
like.855606fb4e3a7a6448e6c782f3f54e5a.svg
c.disquscdn.com/next/embed/assets/img/ Frame C60D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/like.855606fb4e3a7a6448e6c782f3f54e5a.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
3b8a8d998dd7dc014bdb52a01adea8ec1be82193e7e7c6e0c7067a58435b7c28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 07 Nov 2022 20:38:23 GMT
via
1.1 9e1ca2a082cf3304834fbd01d8598ce4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
21361657
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1655
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Mon, 07 Nov 2022 20:22:25 GMT
server
nginx
etag
"63696901-677"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
YIur9-lJI1Q6K9PWaWQPDF6zdODNYHBUCFKRyxiTAN5_GPTjJTkZtA==
expires
Tue, 07 Nov 2023 20:38:23 GMT
dislike.612d8ba98928c381e4c789c1b309cda1.svg
c.disquscdn.com/next/embed/assets/img/ Frame C60D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/dislike.612d8ba98928c381e4c789c1b309cda1.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
8bd3068a31f037d3d198e40d59ae6acf610e3550c11ebff7b6c66bdf8e8b2e3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 07 Nov 2022 20:38:23 GMT
via
1.1 9e1ca2a082cf3304834fbd01d8598ce4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
21361657
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1796
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 07 Nov 2022 20:22:25 GMT
server
nginx
etag
"63696901-704"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
X-l8c5vpFFysqOO1ZHX8MNgcusg8Bc6ebFLnBpBed-yrDMluxRTo3w==
expires
Tue, 07 Nov 2023 20:38:23 GMT
noavatar92.png
a.disquscdn.com/1687365121/images/ Frame C60D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1687365121/images/noavatar92.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:00 GMT
strict-transport-security
max-age=300; includeSubdomains
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
x-amz-cf-pop
SEA19-C1
age
1652295
etag
"60395f01-66c"
content-type
image/png
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
content-length
1644
x-amz-cf-id
SUoCGPc2YYTmhnFiZs7dTutkvb5yhtn9KRs-w2cebx-J2LKxmYN7dg==
x-xss-protection
1; mode=block
expires
Sun, 23 Jul 2023 23:27:45 GMT
zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
pagead2.googlesyndication.com/bg/ Frame 1830 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
sffe /
Resource Hash
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
115369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jul 2024 18:23:10 GMT
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 7271 		337 B
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 28 Oct 2022 14:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
22248734
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 27 Oct 2022 21:17:31 GMT
server
nginx
etag
"635af56b-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
FjfIdW_dA-DPffKLisRkdR_B6BpD-OmhLes6GyIv5Gnkwn4PRKdQAQ==
expires
Sat, 28 Oct 2023 14:13:46 GMT
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame D27F 		337 B
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 28 Oct 2022 14:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
22248734
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 27 Oct 2022 21:17:31 GMT
server
nginx
etag
"635af56b-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
6D7NgEZ8eQkVLlkZpKRLFpnRtxTR3TiMQSIsVMg7iQcF_lp5u5jYtA==
expires
Sat, 28 Oct 2023 14:13:46 GMT
sdk.js
connect.facebook.net/en_US/ Frame C60D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-itm1.fbcdn.net
Software
/
Resource Hash
c0f4534186b54a7dd07dff4fc9a02a5d44df22ded11c80a6d0c925f05acbf1a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 02:25:59 GMT
content-md5
SsUOyC/6LOBedPUDs60yqA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
FQRD239n6JnJ/SVHJwwKtVFkS7zLCbJoN5OJ2TRnQIovGyjG/nnFh91tnlqKgJSEISecDnkTbnxDNNU3HgORNQ==
x-fb-content-md5
99f8985f28c4eb38a1e91a033c8dfbf7
cross-origin-opener-policy
same-origin-allow-popups
etag
"5a8db3e041631807e009723700b8a3bd"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 13 Jul 2023 02:36:23 GMT
api.js
apis.google.com/js/ Frame C60D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
sffe /
Resource Hash
2ae319ef83098593b6130cb36e08c9c1ed74df461051e85891fddd5be3d52c80
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 02:26:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7115
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"78aea7aa6a6e5ef8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 02:26:00 GMT
details
disqus.com/api/3.0/forums/ Frame 4160 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d00ce442f25ce246fc04f54b1660ec52c9323d1bd75c970549a21373ee6e2062
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:26:00 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3110
X-XSS-Protection
1; mode=block
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame 4160 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=itnewsnext&thread=ident%3A597920&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.26820753104bbfb2cc90e573a2447f47.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f72f12402da7866b822bab7d88dbdd4cdbde0b1b260c9fda3483c72cbf28e1d2
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:26:00 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
860
X-Frame-Options
SAMEORIGIN
Vary
Origin
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
5670
X-XSS-Protection
1; mode=block
sdk.js
connect.facebook.net/en_US/ Frame C60D 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f121caa0467efe2e00cb7045927d1b0b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.14 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-itm1.fbcdn.net
Software
/
Resource Hash
ec47c1cf18820206d7aa936e93b5aeca70505a882091dfbc853fbf386c4cee5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 02:26:01 GMT
content-md5
PI1tkx13PrOFPGcBMzvD4A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88749
x-fb-debug
QoNgtXjB+9Ogk1Vv4fj+3LvqCHYwn/eqAYGXUfkPfuKtxNhISZXxWD7JfxI5Nr/C/s0wAusZpGhkycK0V9lDhg==
x-fb-content-md5
a265820f2681911fc1f75734833707fb
cross-origin-opener-policy
same-origin-allow-popups
etag
"f039e783fc79431b03c0f479e6375d69"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 12 Jul 2024 02:10:39 GMT
get
c.disquscdn.com/ Frame 4160 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Foptus-stores-1.jpg&key=y5lgGhO6v6bJUKv0BXO8Dw&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
e0d1fbc0381aad81d0e7c296dc8aa2990e42a8615399f3e72395c73c632669c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 27 Jun 2023 21:55:15 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
1312245
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
12013
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
2wb3Od8lkTHf8ROr2b_I--IJa3Rt1lpahq_PWxqPAZjgS5uCFsUltA==
expires
Thu, 27 Jul 2023 21:55:15 GMT
get
c.disquscdn.com/ Frame 4160 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F20200211102958_crn-690_canberra_istock.jpg&key=btc0gOFr4dKucUwMKUHyiw&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
12638b1bd5e39ca7c42e74134c480a6c22ceb23b4ae6bfcd3c7aa0c284845c6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 29 Jun 2023 04:14:54 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
1203066
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
11261
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
zUPC3NPqO8BO9A_mn_0rU_-l-1WKSCSmBmaI5Z3DAPK9TbILPV7fqw==
expires
Sat, 29 Jul 2023 04:14:54 GMT
get
c.disquscdn.com/ Frame 4160 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F20200601120921_0_0_0_0_70__News_nbn_140617_018.jpg&key=i83nnQvDR2SQFSdjkBAweA&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
7ea56ed7e3c25c3aa4f5b1929ddebdf5af294901601a74e1a97eef970299bf41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 28 Jun 2023 02:43:43 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
1294937
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
18348
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
GB7WxzrUCSxFyC6q4wL9GMO67WH_WAbTOZ-oyD70rzFY5D1-618axQ==
expires
Fri, 28 Jul 2023 02:43:43 GMT
get
c.disquscdn.com/ Frame 4160 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F20171127123757_nbn.jpg&key=y2hMoPwe5s1nRWC5fSIGng&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
45784720fb4ce289d1d6b13698b3da1071af7a989c0d801040c60d78b64982d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 13 Jun 2023 21:12:03 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
2524437
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
18414
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
CsslVcgl5IAkbo6xw9GJH1dB3Aw43ZQY9zNv2kOWDXgNpDyrL1A_AQ==
expires
Thu, 13 Jul 2023 21:12:03 GMT
get
c.disquscdn.com/ Frame 4160 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F2023-07-03T181813Z_1_LYNXMPEJ620PK_RTROPTP_4_USA-COURT-APPLE-EPIC.JPG&key=arbL4PlbAog3AZiGsuo0Fw&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
fab5c1dd32721f407eaf6ee833aa40bfd3dc6fe1785ac717883456232836f14d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 04 Jul 2023 19:11:01 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
717299
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
6678
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
KztjBbrn0BSI7TpAucNaDWgQOEWH5M3wijl-63jaYHgnGAq9lQziSQ==
expires
Thu, 03 Aug 2023 19:11:01 GMT
get
c.disquscdn.com/ Frame 4160 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fshutterstock_289234346_anonymous_hidden_identity_security_question.jpg&key=Kf6mbm6a8ynYm1pgFGPh7g&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
48c2639f08b895df594a54252659ad1fa6cd8a21270df574b2d3586e23c3217d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 27 Jun 2023 08:37:30 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
1360110
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
9860
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
sg9AfeuFDEy-E_8rGqTSrHAi45rFbh258ez2DmWf8fmEdpdEekwjog==
expires
Thu, 27 Jul 2023 08:37:30 GMT
get
c.disquscdn.com/ Frame 4160 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Foptus-store+iStock_690.jpg&key=__TrS-da0rjPNG46171kXQ&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
get
c.disquscdn.com/ Frame 4160 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fnab-522790626.jpg&key=axcxd0jFewVEdKuCcScxiA&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
8363e010cf88b62a27b8d0c0dccd80ed96a11ca1fa8e9da0a0b4c6f135a881b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 10 Jul 2023 01:39:38 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
261981
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
14185
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
l7g1OJqdYbU7bk-fN9U7aF6cNuULt0gBjLUdUnV4OIbhI9n2Pt-snQ==
expires
Wed, 09 Aug 2023 01:39:38 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5E23 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbfP83PYizRyVGKgcYWHrGbE_DzRYqZQaxVGRcw0saBzWNoIGQQgD_Wr_nb6LjNVuDSaC-1bIc3waWIyiTH52fZ42BkZV8ZtdHCYmvrAse6tT4jb-p&sig=Cg0ArKJSzML3PaghsqtiEAE&id=lidar2&mcvt=1000&p=234,315,484,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=667020349&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689215157406&rpt=1861&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 59D6 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQOrxaD3iNforoDfIQc0wlzJwK5Gu3yYFiCRLjXUJ1WbrTlRzq80qEJjQaRnMRjBQ59yvjLWQl5VmcUfU46kZ8idcgJu0fF16qtFyfHIiwaVmDJbtQySfyRKiQ8q_2JLpNSnWjGZHBQw&sai=AMfl-YRUJQQRUqiHdKbgUcP5IP9d2nFnYDC_dlwZkuCC77Kv6ZqoLK5FLukPhLvDnKs35GY2DFlwutEB4CbxkXeLg4IYwDOMRaaULpOV7siY8wYwBYnbQBnafKKGnGJl&sig=Cg0ArKJSzHajx8AdKtsZEAE&cid=CAQSPABpAlJW0yw1LEa6wt3b0pUbecvXljk4SLv2AK21aGd349fhrl3m0YdrtgHDs02MWtwx344B_jvufFERqBgB&id=ampim&o=531,80&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1912&tls=2912&g=100&h=100&tt=2913&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img-placeholder.df52e7638153b73862008d3d0556fdda.png
c.disquscdn.com/next/recommendations/assets/img/ Frame 4160 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/recommendations/assets/img/img-placeholder.df52e7638153b73862008d3d0556fdda.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-86.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
5215bbed3b3435ed86c93921631e54d9c42ce565d9ec90accbc7ec1fc7832327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 17 Jan 2023 00:30:08 GMT
via
1.1 baaa01540e8048678da317f40119ee06.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P4
age
15299752
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1054
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 12 Jan 2023 21:51:05 GMT
server
nginx
etag
"63c080c9-41e"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Qkt6CBPMfsoaUQtrfWeicsWfeF_LLNCzbclTh_Q6nWHCNR8LFrZx7A==
expires
Wed, 17 Jan 2024 00:30:08 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5o5-TAFr18s.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_qgszOsFrBH7bZ1Rmfwa9Mc03wLQ/ Frame C60D 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5o5-TAFr18s.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_qgszOsFrBH7bZ1Rmfwa9Mc03wLQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s03-in-f14.1e100.net
Software
sffe /
Resource Hash
7ecdcd1378b47621bc3956b581c5fced3950dbbfda269bb90009df8b5725116b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40788
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 15:25:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jul 2024 17:51:15 GMT
iframe
accounts.google.com/o/oauth2/ Frame BFF0 		283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5o5-TAFr18s.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_qgszOsFrBH7bZ1Rmfwa9Mc03wLQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.237 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s01-in-f13.1e100.net
Software
ESF /
Resource Hash
39b15d9615771844f79f781e5af07c1ae822cfe3cdf0b5cbc8bfbe5210f02118
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-VK_zBUXlIEAbA2t3YoqDHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-VK_zBUXlIEAbA2t3YoqDHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 02:26:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
SPug
simage4.pubmatic.com/AdServer/ Frame BE5F 		0
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame BE5F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96532298&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
beed125707f2249826427121d65441df37d9ef7a0c12ec03870fd72f24c6f609

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 13 Jul 2023 02:26:01 GMT
content-length
1801
content-type
text/html; charset=UTF-8
status
www.facebook.com/x/oauth/ Frame C60D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.itnews.com.au&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Ditnewsnext%26t_i%3D597920%26t_u%3Dhttp%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fhackers-accessed-us-gov-exchange-online-email-accounts-597920%26t_e%3DHackers%2520accessed%2520US%2520gov%2520Exchange%2520Online%2520email%2520accounts%26t_d%3D%250A%2520%2520%2520%2520%2520%2520%2520%2520Hackers%2520accessed%2520US%2520gov%2520Exchange%2520Online%2520email%2520accounts%26t_t%3DHackers%2520accessed%2520US%2520gov%2520Exchange%2520Online%2520email%2520accounts%26s_o%3Ddefault%23version%3D3c00c65811f2cec80a8903c739975872&sdk=joey&wants_cookie_data=false
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.209.35 Osaka, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-itm1.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 13 Jul 2023 02:26:02 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-fb-debug
KvI8cEM1/dJUfCtXHPIvKCfAAJeqx+sdEb7eX+qqs4USMvz0q3m+F2GexBgq8Y2ogUg6Un+1DnPbQWt3ckIa7g==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://disqus.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 58E0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=
35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 13 Jul 2023 02:26:03 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 13 Jul 2023 02:26:02 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync.aspx
dis.criteo.com/dis/ Frame C241 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 02:26:02 GMT
expires
Thu, 13 Jul 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
741045
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
sync
t.adx.opera.com/pub/ Frame 7000 		0
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 13 Jul 2023 02:26:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame EC78
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=10sk82c0i0nw
1 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=10sk82c0i0nw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 02:26:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Thu, 13 Jul 2023 02:26:02 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=10sk82c0i0nw
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame F13B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 02:26:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jul 2023 02:26:03 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T5JGdZOhWWx9qO_rLbwWkELLcKE&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame A03C
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=126hgrfwl9m9
42 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=126hgrfwl9m9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 02:26:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Thu, 13 Jul 2023 02:26:02 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=126hgrfwl9m9
lws
20
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
cm
ipac.ctnsnet.com/int/ Frame DF24 		43 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 13 Jul 2023 02:26:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
setuid
server.prebid.dianomi.com/ Frame AD97
Redirect Chain
  • https://server.prebid.dianomi.com//setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
  • https://server.prebid.dianomi.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
0
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://server.prebid.dianomi.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.153.107 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-153-107.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 13 Jul 2023 02:26:02 GMT
expires
0
pragma
no-cache
vary
Accept-Encoding Origin

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
162
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 02:26:02 GMT
expires
0
location
/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=430ECB24-634B-4E2D-BB91-088741D697EE
pragma
no-cache
vary
Accept-Encoding Origin
396846.gif
idsync.rlcdn.com/ Frame BE5F
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=430ECB24-634B-4E2D-BB91-088741D697EE
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=721c8656-76d1-469d-aec8-8610ef12a6a3
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=721c8656-76d1-469d-aec8-8610ef12a6a3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:03 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 13 Jul 2023 02:26:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=721c8656-76d1-469d-aec8-8610ef12a6a3
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame BE5F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=430ECB24-634B-4E2D-BB91-088741D697EE&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7pyMWEhE2uWjAhvZdzuyNOZUlcKJlWY-~A&gdpr=0
0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7pyMWEhE2uWjAhvZdzuyNOZUlcKJlWY-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
67.199.150.85 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7pyMWEhE2uWjAhvZdzuyNOZUlcKJlWY-~A&gdpr=0
date
Thu, 13 Jul 2023 02:26:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame BE5F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4459734289226203822
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4459734289226203822
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 02:26:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4459734289226203822
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame BE5F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2366828543354711301&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2366828543354711301&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 01:59:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2366828543354711301&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 13 Jul 2023 02:26:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame BE5F
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=796b34cb9ba1207c&is_secure=true&networkId=17100&version=1&nuid=430ECB24-634B-4E2D-BB91-088741D697EE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRVWzGjDFRwM0U1VcAAAAAAA&expiration=1689301563&nuid=430ECB24-634B-4E2D-BB91-088741D697EE&...
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRVWzGjDFRwM0U1VcAAAAAAA&expiration=1689301563&nuid=430ECB24-634B-4E2D-BB91-088741D697EE&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Jul 2023 02:26:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRVWzGjDFRwM0U1VcAAAAAAA&expiration=1689301563&nuid=430ECB24-634B-4E2D-BB91-088741D697EE&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.01wm_RL784Q.es5.O/d=1/rs=AOaEmlGTYMkXxSSnD_ouA06oEFMsfnreMA/ Frame BFF0 		102 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.01wm_RL784Q.es5.O/d=1/rs=AOaEmlGTYMkXxSSnD_ouA06oEFMsfnreMA/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s01-in-f3.1e100.net
Software
sffe /
Resource Hash
6e4245540e21ab80f057c1d61176855cd821e8e13799e80da355e4bb227bc93f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 19:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36106
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 02:40:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Jul 2024 19:32:31 GMT
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame BFF0 		2 KB
916 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.237 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s01-in-f13.1e100.net
Software
GSE /
Resource Hash
9a4e2b38fbd2319e7655bde8d2f9027d14a2ac928bb441b2a38cc4f3ca1b7b64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame BFF0 		49 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.01wm_RL784Q.es5.O/d=1/rs=AOaEmlGTYMkXxSSnD_ouA06oEFMsfnreMA/m=base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.237 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s01-in-f13.1e100.net
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-ez0u3Ve8_nm3D0Y9QqY50w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-ez0u3Ve8_nm3D0Y9QqY50w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 01:28:09 GMT
content-encoding
gzip
age
3473
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 13 Jul 2023 02:28:09 GMT
/
glitter.services.disqus.com/urls/ Frame C60D 		1 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=itnewsnext&thread_id=9771681697&referer=&tc=
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
a183b5920eff1458eabb8214e775a290971afc670d88136703586f36a09a6d21
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:26:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
X-Frame-Options
DENY
Vary
Accept-Encoding, Cookie
Content-Type
application/javascript
transfer-encoding
chunked
Cache-Control
no-cache
X-Service
glitter
Content-Disposition
attachment; filename=f.txt
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
event.gif
referrer.disqus.com/juggler/ Frame C60D 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=4100&event=init_embed&thread=9771681697&forum=itnewsnext&forum_id=2865237&imp=8h6g3tg11f7vkv&prev_imp&thread_slug=hackers_accessed_us_gov_exchange_online_email_accounts&user_type=anon&referrer=https%3A%2F%2Fwww.itnews.com.au%2F&theme=next&dnt=0&tracking_enabled=1&experiment=prebidbidisrequired_hidden&variant=active&service=dynamic&promoted_enabled=false&max_enabled=false
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:26:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
pbs-user-sync
ads.stickyadstv.com/ Frame E865 		351 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7Bviewerid%7D
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.132 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
970a590cc6116e29a3ba6e958ae9adeca84888dcb40dff85b56151c4feab059f

Request headers

Referer
https://www.dianomi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
351
Date
Thu, 13 Jul 2023 02:26:05 GMT
Expires
Thu, 13 Jul 2023 02:26:05 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1689215165393045-66
sync
pippio.com/api/ Frame CA35 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pippio.com/api/sync?pid=1391&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&it=1&iv=c8h6g3vn22rp62v
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
997952f597f8bff220575f8ec8eca582a530014bf6a25df2db7afd4c8b32bc4e

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store
content-type
text/html
date
Thu, 13 Jul 2023 02:26:04 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
timing-allow-origin
*
via
1.1 google
pixel.html
live.rezync.com/ Frame DCD8 		745 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c8h6g3vn22rp62v&pctry=US&referrer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cache_buster=0.216169674558
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.42272221620e218896f3973a3bb140e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.108 -, , ASN (),
Reverse DNS
Software
lighttpd/1.4.59 /
Resource Hash
416d07b6ce2118f3f4ca5b732a8fc9e8bd4499b733f3c2320626c962c50ff45c

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
745
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 02:26:04 GMT
server
lighttpd/1.4.59
vary
Cookie
via
1.1 e3964230e2f6e90d463d5500cb5c136c.cloudfront.net (CloudFront)
x-amz-cf-id
sbkqHj5P25oe4ZZK1l6hbFuD8Xk3tKcxqwrWfM-sbMsmzWXpbREmFg==
x-amz-cf-pop
MRS52-P2
x-cache
Miss from cloudfront
/
io.narrative.io/ Frame C60D
Redirect Chain
  • https://io.narrative.io/?companyId=1952&id=disqus_id%3Ac8h6g3vn22rp62v&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.546469501838
  • https://io.narrative.io/?io.narrative.guid.v2=9dd81f31-2124-11ee-9c84-0a2d04f6ac5a&companyId=1952&id=disqus_id%3Ac8h6g3vn22rp62v&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puui...
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=9dd81f31-2124-11ee-9c84-0a2d04f6ac5a&companyId=1952&id=disqus_id%3Ac8h6g3vn22rp62v&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.546469501838
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
HTTP/1.1
Server
18.136.175.78 -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:26:04 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=9dd81f31-2124-11ee-9c84-0a2d04f6ac5a&companyId=1952&id=disqus_id%3Ac8h6g3vn22rp62v&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.546469501838
Date
Thu, 13 Jul 2023 02:26:04 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
/
io.narrative.io/ Frame C60D
Redirect Chain
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac8h6g3vn22rp62v&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920
  • https://io.narrative.io/?io.narrative.guid.v2=9dd84640-2124-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Ac8h6g3vn22rp62v&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-u...
35 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=9dd84640-2124-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Ac8h6g3vn22rp62v&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
HTTP/1.1
Server
18.136.175.78 -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 02:26:04 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=9dd84640-2124-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Ac8h6g3vn22rp62v&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920
Date
Thu, 13 Jul 2023 02:26:04 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
ca.png
s.cpx.to/ Frame C60D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D12037%26url%3Dhttp%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fhackers-accessed-us-gov-exchange-online-email-accounts-5...
  • https://s.cpx.to/ca.png?ref=&pid=12037&url=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&adnxs_uid=3823821700674007460
95 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=&pid=12037&url=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&adnxs_uid=3823821700674007460
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
HTTP/1.1
Server
34.242.124.0 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=597920&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&t_e=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_d=%0A%20%20%20%20%20%20%20%20Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&t_t=Hackers%20accessed%20US%20gov%20Exchange%20Online%20email%20accounts&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache, no-cache
Date
Thu, 13 Jul 2023 02:26:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
image/png
p3p
CP="NOI DEV ADM"
cache-control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95
expires
Thu, 13 Jul 2023 02:26:05 UTC

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:04 GMT
an-x-request-uuid
af5969f0-74ce-4b7b-aabd-f55c3dedea0f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.cpx.to/ca.png?ref=&pid=12037&url=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&adnxs_uid=3823821700674007460
x-proxy-origin
66.203.112.161; 66.203.112.161; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame BE5F 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
362358.gif
idsync.rlcdn.com/ Frame CA35
Redirect Chain
  • https://idsync.rlcdn.com/462246.gif?partner_uid=c8h6g3vn22rp62v
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESENYO1apUtbHyDd9BJsBRpcM&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENYO1apUtbHyDd9BJsBRpcM&google_cver=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENYO1apUtbHyDd9BJsBRpcM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362588.gif
idsync.rlcdn.com/ Frame CA35
Redirect Chain
  • https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=1017&cparams=placement%3D1391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=3c40cee6-4e35-43bd-b495-fd9a75e77239
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=3c40cee6-4e35-43bd-b495-fd9a75e77239
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://idsync.rlcdn.com/362588.gif?partner_uid=3c40cee6-4e35-43bd-b495-fd9a75e77239
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
liveramp.com
pippio.com/api/ Frame CA35 		108 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/liveramp.com
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/hackers-accessed-us-gov-exchange-online-email-accounts-597920
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
212a2d2e355cec068c4c4f041281aa42b663d3defcb647b11974f362712159fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:04 GMT
cache-control
private, no-store
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
pixel
live.rezync.com/ Frame DCD8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID%26cache_buster%3D1689215164.8959842
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=3823821700674007460&cache_buster=1689215164.8959842
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7f66615b-b8bc-4d02-8ca0-d6a3b1d45f7a%3A1689215164.8956895&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc8h6g3vn22rp62v%26_%3D168921516...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975180292551097479&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc8h6g3vn22rp62v%26_%3...
0
0
sync
live.rezync.com/ Frame DCD8
Redirect Chain
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7f66615b-b8bc-4d02-8ca0-d6a3b1d45f7a%3A1689215164.8956895&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a95405...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975180292551097479&referrer={encSite}&forward=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3...
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1975180292551097479
0
0
receive
pixel.tapad.com/idsync/ex/ Frame DCD8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=7f66615b-b8bc-4d02-8ca0-d6a3b1d45f7a%3A1689215164.8956895
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D0672bcb1-4f0d-4b3a-934a-a9b93b24c498%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3823821700674007460&pt=0672bcb1-4f0d-4b3a-934a-a9b93b24c498%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3823821700674007460&pt=0672bcb1-4f0d-4b3a-934a-a9b93b24c498%2C%2C
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c8h6g3vn22rp62v&pctry=US&referrer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fhackers-accessed-us-gov-exchange-online-email-accounts-597920&cache_buster=0.216169674558
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 02:26:05 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:26:05 GMT
an-x-request-uuid
883840a1-bb05-43ac-82cf-063963d66cdc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3823821700674007460&pt=0672bcb1-4f0d-4b3a-934a-a9b93b24c498%2C%2C
x-proxy-origin
66.203.112.161; 66.203.112.161; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auto-user-sync
ads.stickyadstv.com/ Frame 6A09 		43 B
518 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?pbs=true
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7Bviewerid%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.132 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7Bviewerid%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Jul 2023 02:26:05 GMT
Expires
Thu, 13 Jul 2023 02:26:05 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1689215165580075-77
setuid
server.prebid.dianomi.com/ Frame E314
Redirect Chain
  • https://server.prebid.dianomi.com//setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=40c945fda4df3ef37d42f69aa5b65b5
  • https://server.prebid.dianomi.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=40c945fda4df3ef37d42f69aa5b65b5
0
603 B 		Document
General
Check archive.org
Download Go to
Full URL
https://server.prebid.dianomi.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=40c945fda4df3ef37d42f69aa5b65b5
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7Bviewerid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.153.107 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-153-107.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 13 Jul 2023 02:26:05 GMT
expires
0
pragma
no-cache
vary
Accept-Encoding Origin

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
161
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 02:26:05 GMT
expires
0
location
/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=40c945fda4df3ef37d42f69aa5b65b5
pragma
no-cache
vary
Accept-Encoding Origin
0
prebid.a-mo.net/cchain/ Frame B1A2 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
live.rezync.com
URL
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975180292551097479&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc8h6g3vn22rp62v%26_%3D1689215165.6105895
Domain
live.rezync.com
URL
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1975180292551097479
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/0?gdpr=0&us_privacy=&cb=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 boolean| credentialless object| onbeforetoggle object| onscrollend object| NREUM object| newrelic function| __nr_require object| dataLayer number| ord function| $ function| jQuery function| $JssorObject$ function| $JssorAnimator$ function| $JssorPlayerClass$ object| $JssorDebug$ object| $JssorEasing$ object| $JssorDirection$ object| $JssorKeyCode$ object| $Jssor$ function| $JssorCaptionSliderBase$ object| $JssorSlideshowFormations$ function| $JssorSlideshowRunner$ function| $JssorSlider$ function| $JssorSlideo$ function| $JssorCaptionSlider$ function| $JssorCaptionSlideo$ object| $JssorNavigatorEvents$ function| $JssorBulletNavigator$ function| $JssorArrowNavigator$ function| $JssorThumbnailNavigator$ function| getParameterByName string| disqus_shortname undefined| disqus_developer number| disqus_identifier string| disqus_title string| disqus_url function| disqus_config function| RegisterNewsletterAjaxSignupEventHandler function| LoadTooltips function| makeWYSIWYG function| pushWYSIWYG function| ResizeIFrame function| ResizeIFrameHelper function| PushAds function| LoadAds function| RecenterModals function| ResizeInterstitial function| Resize function| toggleMenuIcon function| startCountDown function| setShareBoxStickyLimits function| AdBlockEnabled string| _searchUrl string| _registrationUrl string| _statesUrl string| _pollAjaxUrl string| _moreUrl string| _latestCommentsUrl boolean| _skinPushed boolean| _interstitialPushed string| _moreTagUrl object| gptAdSlots string| _orientation boolean| _hasResize undefined| _resizeEvent boolean| _isMobile boolean| _leaderMoved number| _skinWidthThreshold number| _shareBoxStickerMax boolean| _showAds number| _initialInterstitialWidth undefined| _interstitialAspectRatio boolean| _doneInitialPass string| _loginUrl undefined| _username undefined| _password undefined| _rememberMe undefined| _loginValidation undefined| _loginResponse object| html5 object| Modernizr object| Foundation object| googletag object| jQuery111206224776741236142 object| $leader object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id object| GooglebQhCsO function| hj object| _hjSettings function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| DISQUSWIDGETS undefined| disqus_domain object| DISQUS function| disqus_recommendations_config object| _hsp object| ggeac object| google_js_reporting_queue function| lintrk boolean| _already_called_lintrk object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| DISQUS_RECOMMENDATIONS object| gaplugins object| gaData boolean| PIXELS_RAN object| enabledEventSettings object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded undefined| google_measure_js_timing function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id boolean| _hspb_loaded boolean| _hspb_ran object| teadsscript object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| teads

104 Cookies

Domain/Path Name / Value
www.itnews.com.au/ Name: RegoSource
Value: ITN_597920_ArticleRego
.itnews.com.au/ Name: _gcl_au
Value: 1.1.1490442805.1689215154
.itnews.com.au/ Name: _ga_VF4SSPXWVE
Value: GS1.1.1689215154.1.0.1689215154.60.0.0
.itnews.com.au/ Name: _ga
Value: GA1.3.1979880015.1689215155
.itnews.com.au/ Name: _gid
Value: GA1.3.840886345.1689215156
.itnews.com.au/ Name: _gat_UA-102830131-1
Value: 1
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2667:u=1:x=1:i=1689215156:t=1689301556:v=2:sig=AQHfNUfB-syeRulYNoqzQ1Jwzpr6UjH-"
.dianomi.com/ Name: session
Value: 8ad8b96d7a82769de74b6e36194d452b
www.itnews.com.au/ Name: ln_or
Value: eyIxNTAzNzk2IjoiZCJ9
.linkedin.com/ Name: li_sugr
Value: 9d083c50-e75b-4b25-a495-58c2910e518f
.linkedin.com/ Name: UserMatchHistory
Value: AQJ007TxlZrfowAAAYlNEcENMk881Ib5KlwG4tpkHclVn2HMTFhMtA9T6LVFv3jW8tbMzKgT8KIkJw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLy-XRLb81k5wAAAYlNEcENEv2YReuknc5cNQzyggJIn5zFudcI7X0ImYbLsLu_FZtnuS6tmxVdpFfXm8fvHg
.linkedin.com/ Name: bcookie
Value: "v=2&f970b72c-e4c6-4f4d-819e-302aa4e7b9f1"
.www.linkedin.com/ Name: bscookie
Value: "v=1&2023071302255635f3a61c-4984-4654-824b-12e7a5723698AQF0oHFIkoh4zPulRhEo5Ce67SZRJwWf"
.doubleclick.net/ Name: APC
Value: Aa3gxNpIsYA-637h4C3tYie2IZKI55xlvo-urLi8GYm1Qy2PWTm2pg
.itnews.com.au/ Name: _hjSessionUser_2321248
Value: eyJpZCI6IjlkODUxODVhLTRmMDktNWJlZS05MzNhLTAxODRmNjQxOTAyMyIsImNyZWF0ZWQiOjE2ODkyMTUxNTcwNjQsImV4aXN0aW5nIjpmYWxzZX0=
.itnews.com.au/ Name: _hjFirstSeen
Value: 1
.itnews.com.au/ Name: _hjIncludedInSessionSample_2321248
Value: 0
.itnews.com.au/ Name: _hjSession_2321248
Value: eyJpZCI6IjllZDE5MmFjLTNkYjUtNGM2YS04NjgwLWIwYWVjODcyZjE5NiIsImNyZWF0ZWQiOjE2ODkyMTUxNTcwNzgsImluU2FtcGxlIjpmYWxzZX0=
.itnews.com.au/ Name: _hjAbsoluteSessionInProgress
Value: 0
.bidswitch.net/ Name: tuuid
Value: 43fc00e5-1d60-4e17-b913-00045c750241
.bidswitch.net/ Name: c
Value: 1689215156
.bidswitch.net/ Name: tuuid_lu
Value: 1689215157
.doubleclick.net/ Name: IDE
Value: AHWqTUkzBgXcpqKB-BnpEhURjzDEUS1VznLUR1jFUsRJlKMNpd_cuG9WUHxJBdbZMKM
.itnews.com.au/ Name: __gads
Value: ID=f2191d859508dc37:T=1689215156:RT=1689215156:S=ALNI_MZkM_3AjoZj9-zyNHiPSH51M6yJ7w
.itnews.com.au/ Name: __gpi
Value: UID=00000cb69b712a87:T=1689215156:RT=1689215156:S=ALNI_MbAMhEDL14AcyrbUKLC6ncEVB8lCg
.itnews.com.au/ Name: _fbp
Value: fb.2.1689215157579.1800924909
.pippio.com/ Name: did
Value: 9BLZpwgTQ1AkT8lv
.pippio.com/ Name: didts
Value: 1689215157
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CLbBvaUGEgQIAhAAEgYI7OsBEAA=
.ctnsnet.com/ Name: gid_CAESEF6KOYqlHfRQoSxkk2AJVgU
Value: 1
.3lift.com/ Name: tluid
Value: 4558959143652940826753
.linksynergy.com/ Name: rmuid
Value: 07a96e76-db06-4797-9a7c-8ede50b131a8
.linksynergy.com/ Name: icts
Value: 2023-07-13T02:25:58Z
.socdm.com/ Name: SOC
Value: ZK9gtsCo5uYAAJpZjJ4AAAAA
.yieldmo.com/ Name: yieldmo_id
Value: gace19024e4f32dae08e%7C1689215158500%7C0%7C
.adnxs.com/ Name: uuid2
Value: 3823821700674007460
.rubiconproject.com/ Name: khaos
Value: LK0J3ABN-13-6QK4
.teads.tv/ Name: tt_viewer
Value: cccaedc8-0756-463d-8c8f-c28dfd66b445
.ad-m.asia/ Name: uid
Value: Ccy18oVxa0
.adsrvr.org/ Name: TDID
Value: 3c40cee6-4e35-43bd-b495-fd9a75e77239
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 430ECB24-634B-4E2D-BB91-088741D697EE
.doubleclick.net/ Name: DSID
Value: NO_DATA
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY4OTIxNTE1OX0
.disqus.com/ Name: disqus_unique
Value: 8h6g3vn22rp62v
.tapad.com/ Name: TapAd_TS
Value: 1689215159801
.tapad.com/ Name: TapAd_DID
Value: 0672bcb1-4f0d-4b3a-934a-a9b93b24c498
disqus.com/ Name: __jid
Value: 8h6fprj2krnn9n
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3823821700674007460&KRTB&23339-3823821700674007460
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-3c40cee6-4e35-43bd-b495-fd9a75e77239&KRTB&22918-3c40cee6-4e35-43bd-b495-fd9a75e77239&KRTB&23031-3c40cee6-4e35-43bd-b495-fd9a75e77239
.simpli.fi/ Name: suid
Value: C9ABB08526444626B8DEF3E3B60F5767
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFpZGhqaGZgYGkCACUFh0YQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzW0MDCyNDI1NTSwNDcxtxTiM9TVDQ5PMXDxNotP9S0EAG1YYGolAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzW0MDCyNDI1NTSwNDcxtxTiM9TVDQ5PMXDxNotP9S0EAG1YYGolAAAA
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 9d79981194ab2a2c1d0ad5f237a6a651
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCL76yPXQ1IE8EAUSFAoFdGFwYWQSCwic2cb90NSBPBAFGAEgASgCMgsInNHJqufUgTwQBTgBWgV0YXBhZGAC
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZK9guAAAAajS2QAN
.quantserve.com/ Name: d
Value: ENMBCwG6KfijAA
.quantserve.com/ Name: mc
Value: 64af60b8-417f2-4491e-9eed7
.yahoo.com/ Name: A3
Value: d=AQABBLhgr2QCEP46GMfj2cJKUsXnfLeo8OIFEgEBAQGysGS5ZAAAAAAA_eMAAA&S=AQAAAgcD2RiQh79IR7MtTPcC30Y
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:C9ABB08526444626B8DEF3E3B60F5767&KRTB&23489-uid:C9ABB08526444626B8DEF3E3B60F5767
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENsHYyNd3czoSvlxkUBAyQ4&KRTB&16514-CAESENsHYyNd3czoSvlxkUBAyQ4&KRTB&23025-CAESENsHYyNd3czoSvlxkUBAyQ4&KRTB&23386-CAESENsHYyNd3czoSvlxkUBAyQ4
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1975180292551097479
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4658
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-vtjhHr7c4kCl2LFP7t6tTLzVsR2l1eUd7Nv8UG6g&KRTB&19420-vtjhHr7c4kCl2LFP7t6tTLzVsR2l1eUd7Nv8UG6g&KRTB&22979-vtjhHr7c4kCl2LFP7t6tTLzVsR2l1eUd7Nv8UG6g&KRTB&23403-vtjhHr7c4kCl2LFP7t6tTLzVsR2l1eUd7Nv8UG6g
.nrich.ai/ Name: _nauid
Value: 0c902cd2-2323-4ac3-98f4-7e69ccf5eb62
.amazon-adsystem.com/ Name: ad-id
Value: Ax7FbwB0fkMyoinUyq2PlAY
.dianomi.com/ Name: session2
Value: B=1689215157&BUID=43fc00e5-1d60-4e17-b913-00045c750241&L=1&N=1&NT=&R=1689215160&RUID=LK0J3ABN-13-6QK4
.rubiconproject.com/ Name: audit
Value: 1|dLNs3lBplSX5mj0v+a3oysrqvPzYgEMXx7prtXfJ5xhrLxq/6nQ6FSmnuYssNTavoDNl5giCptPqFTrNE4+z9k1id1yxWjzFHm0QlslGhrY=
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-43fc00e5-1d60-4e17-b913-00045c750241
.ads.pubmatic.com/ Name: KCCH
Value: YES
.semasio.net/ Name: SEUNCY
Value: 3972ABBFF814F5DC
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1689811200%3A248_164%7C1690416000%3A197_201_245_226
.pubmatic.com/ Name: SyncRTB3
Value: 1689811200%3A15_2_223%7C1690416000%3A214_13_247_71_22_46_233_220_21_56_264_254_3_54_8%7C1690070400%3A63%7C1690502400%3A35
.ctnsnet.com/ Name: cid
Value: 282ef1b2d75f460a981d79b6f88d13df
.rlcdn.com/ Name: pxrc
Value: CLXBvaUGEgUI6AcQABIFCOhHEAASBgi46wEQBQ==
.dianomi.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJncmlkIjp7InVpZCI6IjQzZmMwMGU1LTFkNjAtNGUxNy1iOTEzLTAwMDQ1Yzc1MDI0MSIsImV4cGlyZXMiOiIyMDIzLTA3LTI3VDAyOjI1OjU4LjA2ODUyNDAxNFoifSwicHVibWF0aWMiOnsidWlkIjoiNDMwRUNCMjQtNjM0Qi00RTJELUJCOTEtMDg4NzQxRDY5N0VFIiwiZXhwaXJlcyI6IjIwMjMtMDctMjdUMDI6MjY6MDIuMzg5Mzg2NDUzWiJ9fSwiYmRheSI6IjIwMjMtMDctMTNUMDI6MjU6NTguMDY4NTE1OTgxWiJ9
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 10sk82c0i0nw
.gammaplatform.com/ Name: _aGeoIp
Value: MX|Mexico_City
.gammaplatform.com/ Name: _aUID
Value: 126hgrfwl9m9
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2cqq
.openx.net/ Name: i
Value: f476c669-1211-4f0a-ab67-ce0bb2aef486|1689215162
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-10sk82c0i0nw
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-126hgrfwl9m9&KRTB&23446-126hgrfwl9m9&KRTB&23465-126hgrfwl9m9
.pubmatic.com/ Name: SPugT
Value: 1689215162
.adform.net/ Name: C
Value: 1
.adx.opera.com/ Name: UID
Value: OPU0016f4813f94431c8740b0f0bbd3c028
.adform.net/ Name: uid
Value: 4459734289226203822
.rlcdn.com/ Name: rlas3
Value: eadPg/w9CXHtecsEOTx7d2/8lPMpisQrGGPmNcZ6PZ8=
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4f924675-93a1-596c-7da8-efeb2dbc1690.8S6NTx51zXfmrng2kA7Gz1FHLMWcmx3RD44TlEbytLo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AT5JGdZOhWWx9qO_rLbwWkELLcKE.aLAJ5k7N9KWx0YwG8MGLGFm8427KGOqlyLZu7oHttao
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AT5JGdZOhWWx9qO_rLbwWkELLcKE.aLAJ5k7N9KWx0YwG8MGLGFm8427KGOqlyLZu7oHttao
.turn.com/ Name: uid
Value: 2366828543354711301
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4459734289226203822&KRTB&23263-4459734289226203822&KRTB&23481-4459734289226203822
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-T5JGdZOhWWx9qO_rLbwWkELLcKE&KRTB&23334-T5JGdZOhWWx9qO_rLbwWkELLcKE&KRTB&23417-T5JGdZOhWWx9qO_rLbwWkELLcKE&KRTB&23426-T5JGdZOhWWx9qO_rLbwWkELLcKE
.dotomi.com/ Name: DotomiTest
Value: 796b34cb9ba1207c
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2366828543354711301&KRTB&23150-2366828543354711301
.pubmatic.com/ Name: PugT
Value: 1689213595

8 Console Messages

Source Level URL
Text
security error URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=(Line 14)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.itnews.com.au').
security error URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=(Line 17)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.itnews.com.au').
network error URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Foptus-store+iStock_690.jpg&key=__TrS-da0rjPNG46171kXQ&h=200
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pippio.com/api/liveramp.com
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8a5307d3365575b3421ad01079a34aea.safeframe.googlesyndication.com
a.disquscdn.com
a.teads.tv
aax-eu.amazon-adsystem.com
accounts.google.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
ajax.googleapis.com
analytics.google.com
api.hubapi.com
apis.google.com
c.disquscdn.com
c1.adform.net
cdn.ampproject.org
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
data.dianomi.com
dis.criteo.com
disqus.com
dsp.nrich.ai
eb2.3lift.com
ei.rlcdn.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gdn.socdm.com
glitter.services.disqus.com
googleads.g.doubleclick.net
i.nextmedia.com.au
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
io.narrative.io
ipac.ctnsnet.com
itnewsnext.disqus.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
live.rezync.com
match.adsrvr.org
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
referrer.disqus.com
s.amazon-adsystem.com
s.cpx.to
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.prebid.dianomi.com
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
sync.teads.tv
t.adx.opera.com
t.teads.tv
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
uipapac.semasio.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.itnews.com.au
www.linkedin.com
x.bidswitch.net
live.rezync.com
prebid.a-mo.net
103.229.10.180
104.16.120.190
104.16.140.206
104.17.203.204
104.17.24.14
104.18.133.59
104.18.16.195
104.18.24.196
104.254.148.252
107.178.254.65
119.9.108.180
124.146.215.4
13.107.42.14
13.228.126.19
142.251.220.130
142.251.220.161
142.251.220.170
142.251.220.194
142.251.220.195
142.251.220.196
142.251.220.200
142.251.220.206
142.251.220.227
142.251.220.237
142.251.221.14
142.251.221.33
142.251.221.34
142.251.221.38
142.251.221.46
151.101.128.134
151.101.130.49
157.240.209.14
157.240.209.35
18.136.175.78
18.138.18.111
18.161.111.43
18.161.111.86
182.161.73.146
184.87.193.132
185.84.60.21
198.8.71.131
199.232.192.134
199.232.192.64
199.232.194.49
202.241.208.56
203.176.102.67
203.176.102.69
216.239.38.181
220.150.223.50
23.207.189.34
23.207.190.50
23.44.0.196
23.58.141.50
23.76.212.194
3.0.230.151
34.111.113.62
34.242.124.0
34.83.125.63
34.98.67.3
35.186.193.173
35.190.60.146
35.213.12.39
35.244.159.8
42.99.140.211
50.116.239.135
50.57.31.206
51.255.68.171
52.220.229.2
52.223.2.229
52.223.40.198
52.46.130.91
52.74.22.247
54.151.187.164
54.179.153.107
54.192.111.108
54.192.111.48
54.211.72.252
54.230.112.68
64.233.170.156
67.199.150.81
67.199.150.85
67.199.150.86
67.220.226.234
69.173.151.100
69.173.158.64
74.125.130.95
74.125.200.155
82.145.213.8
89.207.22.76
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
0564b0ad086560c94ffe50ea544ee947b6a65bb2ffbacdc2ba44bbe67c9e1cfb
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
09f199b2a45feef43499e46f1b665052b016afa8e93e8dc16a68e2573b058d00
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e00e4ee9c109fdd3c08db4702bb64ada5419c2e47fc3259903df28e22b78e97
0f4d604fe204e8c17b5ffdf044029eee5cbe2ef755af9d7a65aa3182f1d694f7
1096ae848f7e01f065ce530dcd17bd1a1af503a2c4ae83cbf8972e900446e36a
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
12638b1bd5e39ca7c42e74134c480a6c22ceb23b4ae6bfcd3c7aa0c284845c6e
12b62d30017d03af14b9f6e28b5194b07f24927a8bee03e7efd352641ceba8fe
138fcb54e22d1d45c68f04bdcf8048f3f3618938f010f1ea25444f4d9039738a
13f41b0b7c6688be31ff49f7eadeba7b02e4879bec8a90aa0660543d0722e230
140f1fb8af2d84d9a97d2d26372392b4034929da4a8de4412caaaa5942353a75
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00
19f54abae7d5b15807a28bcabc4d23bfb84eedde9e04bbbdf8eb82834a5f1ceb
1c21707024957102493cf752e4337989f0b317e6aa8653718d85729649ecaa73
1e6ccbd432e2a3b18ddeed94336b75b4833fb67be8f4eb806152b9a9125f573c
212a2d2e355cec068c4c4f041281aa42b663d3defcb647b11974f362712159fc
2400d3387bcafd3e275084c1f236b9101cb78514a08fd936a0e9266bb51d4d45
2442dc274dbdc5336be33fe218635a708ec2ed6458af6f280a9970eee02fcc20
26637af34ec0692f2b37fbb63d47f0a81ae417e4db5093a1b41913f7e9fb9adb
26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b
2704ae9c8f37a578cc852511f9eecc3700b51fa9163e603f16c2520b022544ef
2790a4e3cf07505b8a04d30e535c033506def2e29f5f9410d3b866876138f7f1
2991fa8cfe2986011e6569a578888d8f2e901b17e1959420df70d5c07c5582db
2ae319ef83098593b6130cb36e08c9c1ed74df461051e85891fddd5be3d52c80
2c012f05b2770cbf4529830156233451b5462eab7f5be18240c82304fe7b3397
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2ddd688ac9e3605353e4074cbf4e279c64cdad99cba7179240a8959953988551
2e40f7697b20640b631fcc4997de3bbf0841ff4ceda0ed69cf26273ee8c5cca9
2ec120a0ebf1e5335993e2da1094fa1ed6f2bc1e4f093ccd3c15b0265b7a7f9a
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde
309e0d26a2af6e201832b611ddcad3c2d7b33a5ebc17fe4cbc8185d4251da38f
30fc2a3c7bfeefdc6440753ca908587e2e0afeb63718b1b8209356e1e333b119
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33e6197168e000ef71ef56ae5fad7bc04c9c939dc33d34136d73d31676d1d507
348575019698802bed3c19f74802f98acbe55d352c5cf08996d43af5bc6d5536
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3851948430d26bac0ae2df21369c638c8d7f938d8309c719272defec048a3294
39b15d9615771844f79f781e5af07c1ae822cfe3cdf0b5cbc8bfbe5210f02118
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3b8a8d998dd7dc014bdb52a01adea8ec1be82193e7e7c6e0c7067a58435b7c28
3c27abdcf0237d7192356b65997d97fd5b102087afdc0349da00f215290f7e63
3d4878bb1f094d91f937c1cb2ba26a3a730e1d371efdea91bb0cdc3865bd632c
3d74639b0561b5035d22436bb68a1cd47720674f0ae8db6479aad7a3f3e2bea4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
413dc61acc8e9741b76a34382ddbe3632052fe38d580bd2680d3e9d407ceb6be
416d07b6ce2118f3f4ca5b732a8fc9e8bd4499b733f3c2320626c962c50ff45c
417412fab0fb1f36d3771b208b38a4342dcef4f9c2fdd9287d7bd7e51d63bd74
43e91e8157c58be22b0c4d455503cbdeb9e1dd971124eaf99f1ec55815be26da
447c44ae9488b24394843e6d134b2976abff7a1690baf2a496674d8b2f7e65fe
45784720fb4ce289d1d6b13698b3da1071af7a989c0d801040c60d78b64982d5
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46adb1b02fac122db8ef46a60b932ada5e32112f849d526d1fcbf770de5386c8
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c2639f08b895df594a54252659ad1fa6cd8a21270df574b2d3586e23c3217d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a8151f14c73587effb5aa2c3617bcededef760383b955b53d2a7cbc511fe3a5
4bfc84f853864a42446e366637e6a3cc7e7bc9c8563eaae40932cd7fb85b71f7
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
4f6cbc5efe339dd7660160906e462b701bde91790e9d2d3dbbd0f7bc870435bc
500dc73526c36890f0f983100a08d823a754f14448710b17c3c004aed79340ca
5153c665981db6dd56da1a567ed2c4490f3c9d596697ee0e4b54eed44559a259
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
51b6929224317237d4e3c7b597a4e20c75ada03b4b2fba2598713033f657e12a
5215bbed3b3435ed86c93921631e54d9c42ce565d9ec90accbc7ec1fc7832327
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
52356fa79424f57d02bf8363483b11939217d604cbd2a08ed29a06b4c1130546
52a3a3da0b9315d0761e96afd11f6ace725b86dcce0cd40b35eecfe36d936527
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
542c2b3efef3a0d3c44b010c25e8044aeb5412fab42a999266af4e174afc1d44
55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
5ab9af97734b7a1b76e65a6aff767898e4dd763725c46ee56d340a5fd116e6a3
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27
5c9402a166e7155802c5801bb78b4951ef1288d00f38b190cdd4fc4dd839e009
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5fa4b9d9a56c65d6f525056d71f4e46b1f2750e86960343402424d88c13772f6
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
6606ef45f5621f9d044b82f0be880f30a509b38c1222073ebbe1ce8efe4375b8
6788b46255b2529d0a5312321f6375ab5e5e4f817e2398c9e0f241bd3ce33aa9
683add284044c8b01d05f02366eb61327b1b34df5ca8c5425ecf8b7741f3d0ef
6a3fa85b2d0ef49b17838d809b041ed6df15ccd0d8e3e355080c93ae7fd08eb4
6d5fdec7271faa5b4355ab27e565dc3e360f2724242c650cca99b2581a0e67d3
6e4245540e21ab80f057c1d61176855cd821e8e13799e80da355e4bb227bc93f
702f0230b50a8bec8b8ed4268906179470e8088079cd0cca13c5d60578fc801e
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
756aaadc242f919daec07aa78070c5ac5418b3bd7547025676657817674f6cfd
7754b3b966b7772e3be8792c6dba77b4ffdac9d93019b01af14c20fbd4321b3f
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7a695284914af87ab17ff6436de3630cf1bb412dc1d069ab019158d322b5cb03
7a7f7b00e22cf33ff4aeef9005ebb800ccad9f67e326142d8ba30c2e801ac719
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7ea56ed7e3c25c3aa4f5b1929ddebdf5af294901601a74e1a97eef970299bf41
7ecdcd1378b47621bc3956b581c5fced3950dbbfda269bb90009df8b5725116b
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
82127b663f58b480177b75d5919cbf82973ab138400acb99b640330da5c5f3d6
82f4a15bfde68af3ba1ab9e557ba6b1c700d6aafe0d9e42561576366662701ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8363e010cf88b62a27b8d0c0dccd80ed96a11ca1fa8e9da0a0b4c6f135a881b5
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
87a21a2adb23438f6d6c43cb2b31bc4548c8a77de408f507b9e92c26fc3b1ffa
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
885b1e5d84dd71ad25ccd7e396b1a3a0b52786c79e3e45f61683a384ebfbb753
89bd811cab041742972ec0ceb48cc560d61e807b2eb1abe17feece17caf4c041
89e6b22228a07b2a5ab0bcc9155949f2fcd741e7b913a51afc13a0984ee6424b
8b31d53d69faa979838ddc7b0a429905aa68ae17b959feed09d07659fbb32988
8bd3068a31f037d3d198e40d59ae6acf610e3550c11ebff7b6c66bdf8e8b2e3f
8c013e06c36ec9ec10590c089cd6d91b6eea4f5363cd9da4beb8c9208f9d8240
8e1e6ff43c2eebee4be9c27220f2e9efc27495ae0ce01cdd42e8df0f3167a7d4
8f7f2e6e9846753468e37d570cf9ce4d674d8d301876035119573279fac1f7a6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94f8ef517a973d33e2bde96d6c170e86e4be553f86bb2b5a07f228efa46e1ee7
96f1173b3c05e0f7230e3d2b4ac6ebd7d816de5e71ebabfbe20e2b339dba6078
970a590cc6116e29a3ba6e958ae9adeca84888dcb40dff85b56151c4feab059f
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
97b4d3aa4022178cfff4362771fab9d523eb8614d8425c9cb4c10690802635f6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99670f0a51f474079c5731c01d5a5fb0e29e8a983664fd83a1ca6dfc7e89553c
997952f597f8bff220575f8ec8eca582a530014bf6a25df2db7afd4c8b32bc4e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4e2b38fbd2319e7655bde8d2f9027d14a2ac928bb441b2a38cc4f3ca1b7b64
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e7e32cf14caf3c5f5b29e79bd8711348a5bf2137a12104d2cd1b1110b0f272
a183b5920eff1458eabb8214e775a290971afc670d88136703586f36a09a6d21
a2cd3a4648d10ee850a3dfac3f8333bf219b896d4636b98581b03ae028a2d7ba
a3d16b1b85d27a1023b45c661db7103c81076f748e5f6087fe98fae3c3d12de4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a852f24574a5512f677ebcf3c589e9892b4ff6045f65bfca91d3868bddf243dd
a98698c2af0d35517bd499744ffa14938f9a9d23101a72864a4acad8ddc6481e
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ada0a91d6ae967ec641f29843f7e4bf5681623fb10fd79788aaffd689c95f512
ae05b8f9cd0f5597f74764396a6e173dccbea0204340a1dc1ce1a5faf1277612
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee2c3260a27599a953dfbd62df249aeeda8c0462119d6a1ffd2f7b2eeafa722
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b25e6fde28036dba5c27f0bb3bf388725f178bbbfc4ce01b11393ef98b17d53f
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b542306fe3f9e9b55f136dfa9cc2a31c60b53358e203d9c980b7ec896ad60004
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
ba018475fa4a5dd2da3117c2f48bc8617242f2f8f925b2157ffdc4a356611c3f
beed125707f2249826427121d65441df37d9ef7a0c12ec03870fd72f24c6f609
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf8b01a15285873abfae001dc9804d07312ad4cbb565784ec31dd82c71d1f94c
c0f4534186b54a7dd07dff4fc9a02a5d44df22ded11c80a6d0c925f05acbf1a5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c30c76b3c4eed6bdb072dc65b88c236b74857eeacf6cab3cdc6321520e81aec1
c3648f91add8ca17a1a2e441388efa5ff05ee119af56242280232d2dc57fe424
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c6867aca736aa20e0d5898a29c3c57eaf0a14bd0957b836bd56655813f6e6d81
c74fad907b05feab6f9adb96b655863ab2374661466015de5e0792bebea71ebc
c8dea9bb1169a9455240a9e7aa6f1f7dd922c7160010eb6f2269acbf4acd5ab8
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
cc43dbb899e5a589fc289a4f863fdb5b314357c176d2c093573e104fda737930
cc8270f1e7e6ff155b2f452e26e7e31ff335aa59a1b9fc3c55866f992a97b30c
ccbc079df3c11810feb0f2d06c4fd229a382171baefde67bfcd858b40197a35c
ce8c06e2e2ff66b1154999a45aa8365f40a15af9525afc9a37af699bb0fbddbe
cf41c1e9db34748faae7384e86cb0af5bba860e20be40185b5148e6e1e8350d4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00ce442f25ce246fc04f54b1660ec52c9323d1bd75c970549a21373ee6e2062
d05711b652dedd2e80f89378c53be790aae5d47a0f20c0aa2e60b0a0fe81d75d
d18b31836899c0982fb6e75700df8ebd702991867e56f3a2c3fb6300ccdbe827
d23d217219521e31f2aa01d1cbd3592833e7f2265adf94e22f8b73abc63dbce9
d23fd6a13b657ba55789f4a8b098f72d86e253917a83af15a2e4e6ed23a9e5c9
d2407d80b3c0a2874bc1ed5a4f92b74ea9f2dad8f05662b5ee11c86fe6ba0443
d8177357f32ea2495f9e36ae5d6c06f253c812a5e96907fc9830997a4d2e7c77
d86f3e8c941b287d553f0bd2ba1e50c5f7e03e97da22142e42239f8467ea2537
d9cbf98cbeeb8314acb7bf6600855d6d75ae9b56e173a8ad1e46700eaf0aac52
dd2a471c9a244edb79af3354718c3968e1f56bcf8b82b6bab20da6aaa971fa3a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df63f3b653e0c0b0e149a3bc9f02d1bf91cc49277e8ee1d7b5ca1eb34cf1c385
e05f65b86de1b8b41b8b416e9b3563f41e208dad634932c271cce8d666a5d3bc
e085dfa6b31e256dab6de4dcb92f70ffddd95ed61fe270b02cf0829942cd0374
e0d1fbc0381aad81d0e7c296dc8aa2990e42a8615399f3e72395c73c632669c4
e3aaf4eb43762eb0a12cb6f9ce8c1743bdbf88a28d8b0fe5026ca098713193fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cc94b363c56c58b41c39282ca5728110a71e97c1eb51d03a8b6c98536d5727
ea6da8487b903fd84a283d780bede1ae1da97d7f2c364653e790822405505f62
ec2a96501b91fcaf2db6eb6ae3513dd7a76c9754f623b08c19e80f6d7b5d48a7
ec47c1cf18820206d7aa936e93b5aeca70505a882091dfbc853fbf386c4cee5f
ef1874f11501aa7118cdfa7af21a9ef1c87301e917881dc941831b122d82b34a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3254fb269f0a2b07dea6c4cf9af3276e2e402426a65dc74f22db7c84b91e6b
efcc8d29dd597ccaf9540e6bbcf643ce23ddb934e141ebe467a682c3c0fe87af
f05259242dcb86fc0eb3b6a61234194811a131573dce70f24f1183408fd3da89
f06858ebff3571e21150204c3dd2b8933bfa9f4ad0c8b928f4abb0154e816b21
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f33dfe69dd9091f9050d5bbe9c13de44844ed7e0aa14f775cbad8882b47ab0a9
f45a13a60901989d54f571c1ca7bf81ec213be82e6c109c9f0e3f4b2e43e06fa
f69be5262368d3f2867e8eb970af522086d8268830a31e8b0dc17eb311550d10
f72f12402da7866b822bab7d88dbdd4cdbde0b1b260c9fda3483c72cbf28e1d2
fab5c1dd32721f407eaf6ee833aa40bfd3dc6fe1785ac717883456232836f14d
fe3fc79a88308f48e6e97890f344cf288b945575e6045d0001012638ca52e7f0
ff0802dba344edbb3666900f129464ec7cf8f2602e5c32cf2e1ae558d8f78031
ff455df1d22f0b410fb3c986c13062dfcf85c0ed3799b339c98698e79468e680