URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Submission: On July 31 via api from TR — Scanned from AU

Summary

This website contacted 76 IPs in 9 countries across 60 domains to perform 344 HTTP transactions. The main IP is 203.176.102.69, located in Melbourne, Australia and belongs to VOCUS-VAS-AU Vocus Advanced Services, AU. The main domain is www.itnews.com.au. The Cisco Umbrella rank of the primary domain is 882100.
TLS certificate: Issued by R3 on July 3rd 2023. Valid for: 3 months.
This is the only time www.itnews.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 32 203.176.102.69 38809 (VOCUS-VAS...)
2 142.251.10.97 15169 (GOOGLE)
5 172.217.194.95 15169 (GOOGLE)
3 104.17.25.14 13335 (CLOUDFLAR...)
4 64.233.170.95 15169 (GOOGLE)
41 104.18.16.195 13335 (CLOUDFLAR...)
29 203.176.102.67 38809 (VOCUS-VAS...)
10 35 172.253.118.157 15169 (GOOGLE)
12 142.250.4.94 15169 (GOOGLE)
1 184.87.193.76 20940 (AKAMAI-ASN1)
4 142.250.4.157 15169 (GOOGLE)
1 18.155.68.61 16509 (AMAZON-02)
6 157.240.235.1 32934 (FACEBOOK)
1 104.18.137.59 13335 (CLOUDFLAR...)
4 199.232.192.134 54113 (FASTLY)
2 64.233.170.113 15169 (GOOGLE)
1 13.224.249.35 16509 (AMAZON-02)
1 2 74.125.24.149 15169 (GOOGLE)
1 104.18.24.196 13335 (CLOUDFLAR...)
1 104.16.121.190 13335 (CLOUDFLAR...)
1 104.16.139.206 13335 (CLOUDFLAR...)
1 52.84.251.107 16509 (AMAZON-02)
5 9 13.107.42.14 8068 (MICROSOFT...)
1 7 74.125.68.105 15169 (GOOGLE)
3 64.233.170.94 15169 (GOOGLE)
7 151.101.192.134 54113 (FASTLY)
1 216.239.38.181 15169 (GOOGLE)
2 74.125.200.155 15169 (GOOGLE)
1 1 23.66.150.27 16625 (AKAMAI-AS)
2 23.46.198.37 16625 (AKAMAI-AS)
4 7 35.190.60.146 15169 (GOOGLE)
2 4 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 4 35.213.12.39 15169 (GOOGLE)
20 172.217.194.132 15169 (GOOGLE)
1 104.17.202.204 13335 (CLOUDFLAR...)
1 3 54.179.141.254 16509 (AMAZON-02)
25 13.224.249.43 16509 (AMAZON-02)
1 54.192.18.2 16509 (AMAZON-02)
1 104.22.52.86 13335 (CLOUDFLAR...)
3 74.125.200.132 15169 (GOOGLE)
9 13 69.173.158.64 26667 (RUBICONPR...)
1 75.2.99.108 16509 (AMAZON-02)
20 74.125.24.155 15169 (GOOGLE)
1 141.95.33.111 16276 (OVH)
1 13.228.22.200 16509 (AMAZON-02)
5 64.233.170.132 15169 (GOOGLE)
3 23.46.197.50 16625 (AKAMAI-AS)
1 1 8.43.72.97 26667 (RUBICONPR...)
2 3 52.46.130.91 16509 (AMAZON-02)
4 4 15.197.193.217 16509 (AMAZON-02)
2 3 52.94.220.185 16509 (AMAZON-02)
1 1 3.0.230.151 16509 (AMAZON-02)
4 6 139.5.84.243 27381 (CASALE-MEDIA)
7 8 104.254.151.36 29990 (ASN-APPNEX)
11 157.240.235.35 32934 (FACEBOOK)
6 7 131.153.206.100 59210 (PHOENIXNA...)
3 3 67.199.150.82 62713 (AS-PUBMATIC)
1 1 207.65.33.82 62713 (AS-PUBMATIC)
1 1 207.65.33.76 62713 (AS-PUBMATIC)
2 2 63.251.14.60 14744 (INTERNAP-...)
2 2 35.227.252.103 15169 (GOOGLE)
5 74.125.68.148 15169 (GOOGLE)
2 74.125.68.101 15169 (GOOGLE)
1 2 50.116.239.135 6336 (TURN-US-ASN)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 20.85.134.6 8075 (MICROSOFT...)
3 23.32.141.36 16625 (AKAMAI-AS)
2 74.125.24.154 15169 (GOOGLE)
3 74.125.68.84 15169 (GOOGLE)
1 23.33.184.229 20940 (AKAMAI-ASN1)
1 74.125.200.94 15169 (GOOGLE)
2 54.192.18.83 16509 (AMAZON-02)
1 74.125.200.95 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
1 104.19.155.83 13335 (CLOUDFLAR...)
1 199.232.192.64 54113 (FASTLY)
1 199.232.196.134 54113 (FASTLY)
1 13.33.88.59 16509 (AMAZON-02)
3 4 3.1.175.102 16509 (AMAZON-02)
1 52.16.234.64 ()
1 162.247.241.14 23467 (NEWRELIC-...)
1 104.16.201.35 13335 (CLOUDFLAR...)
1 54.192.18.64 16509 (AMAZON-02)
2 2 34.98.64.218 396982 (GOOGLE-CL...)
2 3 34.111.113.62 ()
1 34.255.108.185 ()
1 34.248.221.154 ()
344 76
Apex Domain
Subdomains
Transfer
45 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 7753
data.dianomi.com — Cisco Umbrella Rank: 8484
server.prebid.dianomi.com — Cisco Umbrella Rank: 14970
prebid-server-aws.dianomi.com — Cisco Umbrella Rank: 21700
135 KB
43 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
710 KB
40 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
ad.doubleclick.net — Cisco Umbrella Rank: 183
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 347
254 KB
32 itnews.com.au
www.itnews.com.au — Cisco Umbrella Rank: 882100
278 KB
29 nextmedia.com.au
i.nextmedia.com.au — Cisco Umbrella Rank: 916467
934 KB
25 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 5064
499 KB
17 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1155
eus.rubiconproject.com — Cisco Umbrella Rank: 618
pixel.rubiconproject.com — Cisco Umbrella Rank: 380
token.rubiconproject.com — Cisco Umbrella Rank: 613
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1195
20 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 187
apis.google.com — Cisco Umbrella Rank: 181
accounts.google.com — Cisco Umbrella Rank: 62
52 KB
13 disqus.com
itnewsnext.disqus.com
disqus.com — Cisco Umbrella Rank: 1251
glitter.services.disqus.com — Cisco Umbrella Rank: 12179
referrer.disqus.com — Cisco Umbrella Rank: 7325
109 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
285 KB
11 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
530 B
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
ajax.googleapis.com — Cisco Umbrella Rank: 415
imasdk.googleapis.com — Cisco Umbrella Rank: 497
228 KB
9 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 384
www.linkedin.com — Cisco Umbrella Rank: 543
9 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
secure.adnxs.com — Cisco Umbrella Rank: 461
6 KB
7 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1013
3 KB
7 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 410
ei.rlcdn.com — Cisco Umbrella Rank: 2631
1 KB
6 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 624
ssum.casalemedia.com
5 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 319
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1121
4 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1453
t.teads.tv — Cisco Umbrella Rank: 2494
134 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
460 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
83 KB
5 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 673
image2.pubmatic.com — Cisco Umbrella Rank: 1021
image4.pubmatic.com — Cisco Umbrella Rank: 1249
ads.pubmatic.com Failed
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 427
110 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 213
281 KB
4 narrative.io
io.narrative.io — Cisco Umbrella Rank: 4860
2 KB
4 flowplayer.com
cdn.flowplayer.com — Cisco Umbrella Rank: 21296
pmi.flowplayer.com
ihi.flowplayer.com
35 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 790
us-u.openx.net — Cisco Umbrella Rank: 482
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
2 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 350
2 KB
4 pippio.com
pippio.com — Cisco Umbrella Rank: 806
4 KB
3 tapad.com
pixel.tapad.com
1 KB
3 google.com.au
www.google.com.au — Cisco Umbrella Rank: 24349
669 B
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
160 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 912
r.turn.com — Cisco Umbrella Rank: 3865
869 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 725
2 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 837
id5-sync.com — Cisco Umbrella Rank: 423
25 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1034
bcp.crwdcntrl.net — Cisco Umbrella Rank: 869
12 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
21 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 759
script.hotjar.com — Cisco Umbrella Rank: 988
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
170 KB
1 lwcdn.com
ljsp.lwcdn.com — Cisco Umbrella Rank: 20757
564 B
1 videodelivery.net
videodelivery.net — Cisco Umbrella Rank: 20744
1 MB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 302
627 B
1 cpx.to
s.cpx.to
653 B
1 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1597
1 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2289
1 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 504
49 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1442
63 KB
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4514
507 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6342
652 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466
617 B
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3571
1 KB
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4753
391 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 876
375 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2215
21 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3354
3 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2221
64 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2515
1 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 795
5 KB
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
344 60
Domain Requested by
38 www.dianomi.com www.itnews.com.au
www.dianomi.com
data.dianomi.com
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
32 www.itnews.com.au 9 redirects www.itnews.com.au
29 i.nextmedia.com.au www.itnews.com.au
25 c.disquscdn.com disqus.com
c.disquscdn.com
itnewsnext.disqus.com
www.itnews.com.au
20 pagead2.googlesyndication.com tpc.googlesyndication.com
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
www.dianomi.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
www.itnews.com.au
20 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.itnews.com.au
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
17 cm.g.doubleclick.net 9 redirects eus.rubiconproject.com
googleads.g.doubleclick.net
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
13 securepubads.g.doubleclick.net 1 redirects www.itnews.com.au
www.googletagservices.com
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
12 fonts.gstatic.com fonts.googleapis.com
11 www.facebook.com www.itnews.com.au
c.disquscdn.com
8 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
7 prebid.a-mo.net 6 redirects
7 disqus.com www.itnews.com.au
c.disquscdn.com
7 www.google.com 1 redirects www.itnews.com.au
securepubads.g.doubleclick.net
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
7 px.ads.linkedin.com 3 redirects www.itnews.com.au
eus.rubiconproject.com
6 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
live.rezync.com
6 idsync.rlcdn.com 3 redirects www.dianomi.com
live.rezync.com
6 connect.facebook.net www.itnews.com.au
c.disquscdn.com
connect.facebook.net
5 s0.2mdn.net www.itnews.com.au
s0.2mdn.net
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.googletagservices.com securepubads.g.doubleclick.net
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 fonts.googleapis.com www.itnews.com.au
www.dianomi.com
4 io.narrative.io 3 redirects
4 match.adsrvr.org 4 redirects
4 x.bidswitch.net 2 redirects www.dianomi.com
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
4 pippio.com 2 redirects c.disquscdn.com
4 itnewsnext.disqus.com www.itnews.com.au
4 googleads.g.doubleclick.net www.itnews.com.au
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
pagead2.googlesyndication.com
4 ajax.googleapis.com www.itnews.com.au
ajax.googleapis.com
3 pixel.tapad.com 2 redirects live.rezync.com
3 accounts.google.com apis.google.com
www.itnews.com.au
www.gstatic.com
3 t.teads.tv www.itnews.com.au
3 image8.pubmatic.com 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 a.teads.tv securepubads.g.doubleclick.net
www.itnews.com.au
3 db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com www.itnews.com.au
3 server.prebid.dianomi.com 1 redirects www.dianomi.com
3 data.dianomi.com www.dianomi.com
data.dianomi.com
eus.rubiconproject.com
3 www.google.com.au www.itnews.com.au
3 cdnjs.cloudflare.com www.itnews.com.au
cdnjs.cloudflare.com
2 us-u.openx.net 2 redirects
2 cdn.flowplayer.com www.dianomi.com
2 googleads4.g.doubleclick.net www.itnews.com.au
2 secure.adnxs.com 2 redirects
2 apis.google.com c.disquscdn.com
apis.google.com
2 rtb.openx.net 2 redirects
2 ap.lijit.com 2 redirects
2 eus.rubiconproject.com data.dianomi.com
eus.rubiconproject.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.itnews.com.au
2 www.linkedin.com 2 redirects
2 ad.doubleclick.net 1 redirects www.dianomi.com
2 www.google-analytics.com www.itnews.com.au
2 www.googletagmanager.com www.itnews.com.au
1 ihi.flowplayer.com cdn.flowplayer.com
1 pmi.flowplayer.com cdn.flowplayer.com
1 ei.rlcdn.com 1 redirects
1 ljsp.lwcdn.com cdn.flowplayer.com
1 videodelivery.net
1 bam.nr-data.net www.itnews.com.au
1 s.cpx.to
1 live.rezync.com c.disquscdn.com
1 referrer.disqus.com
1 glitter.services.disqus.com c.disquscdn.com
1 track.hubspot.com
1 js-agent.newrelic.com www.itnews.com.au
1 imasdk.googleapis.com www.dianomi.com
1 www.gstatic.com accounts.google.com
1 code.createjs.com s0.2mdn.net
1 mweb.ck.inmobi.com 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 r.turn.com db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 image4.pubmatic.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 bcp.crwdcntrl.net www.itnews.com.au
1 id5-sync.com www.itnews.com.au
1 prebid-server-aws.dianomi.com www.dianomi.com
1 cdn.id5-sync.com www.itnews.com.au
1 tags.crwdcntrl.net www.itnews.com.au
1 api.hubapi.com www.itnews.com.au
1 tags.rd.linksynergy.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 analytics.google.com www.googletagmanager.com
1 cdn.linkedin.oribi.io www.itnews.com.au
1 js.hs-analytics.net www.itnews.com.au
1 js.hsadspixel.net www.itnews.com.au
1 js.hs-banner.com www.itnews.com.au
1 script.hotjar.com www.itnews.com.au
1 js.hs-scripts.com www.itnews.com.au
1 static.hotjar.com www.itnews.com.au
1 snap.licdn.com www.itnews.com.au
0 ads.pubmatic.com Failed www.dianomi.com
0 cs.chocolateplatform.com Failed db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
344 99
Subject Issuer Validity Valid
itnews.com.au
R3
2023-07-03 -
2023-10-01
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
dianomi.com
Cloudflare Inc ECC CA-3
2023-04-03 -
2024-04-02
a year crt.sh
i.nextmedia.com.au
R3
2023-06-10 -
2023-09-08
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-02-01 -
2024-01-31
a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-05-09 -
2023-08-07
3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA
2023-04-13 -
2024-04-20
a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01
2023-06-08 -
2024-07-07
a year crt.sh
www.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.google.com.au
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
hubapi.com
Cloudflare Inc ECC CA-3
2023-04-07 -
2024-04-06
a year crt.sh
server.prebid.dianomi.com
Amazon RSA 2048 M01
2023-04-22 -
2024-05-20
a year crt.sh
a.disquscdn.com
Amazon RSA 2048 M01
2023-03-01 -
2023-10-29
8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
*.id5-sync.com
R3
2023-07-04 -
2023-10-02
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
teads.tv
R3
2023-06-26 -
2023-09-24
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
accounts.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-08 -
2024-03-10
a year crt.sh
*.flowplayer.com
Amazon RSA 2048 M01
2023-05-02 -
2024-05-30
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-04-13 -
2024-05-14
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2023-02-05 -
2024-02-05
a year crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-04 -
2023-12-06
a year crt.sh
pippio.com
GTS CA 1D4
2023-07-13 -
2023-10-11
3 months crt.sh
*.rezync.com
Amazon RSA 2048 M02
2023-02-22 -
2023-12-23
10 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh
*.lwcdn.com
Amazon RSA 2048 M02
2023-03-23 -
2024-04-20
a year crt.sh

This page contains 33 frames:

Primary Page: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Frame ID: 48557AD466BD4B7D5BFE1F8D7CEF565E
Requests: 125 HTTP requests in this frame

Frame: https://www.dianomi.com/recirculation.epl?id=119
Frame ID: 6E385A49626D02E6AE77AD75E033A7E2
Requests: 11 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Frame ID: BE837F429C3D4030EC72BB354A36404C
Requests: 22 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Frame ID: FC399E2BD5C47E165600F522F3936F72
Requests: 24 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Frame ID: 163A4EA508955ECE675D3B24AC478D6A
Requests: 12 HTTP requests in this frame

Frame: https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Frame ID: B17218E4AEF96D5FDEF6297746AA2857
Requests: 5 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
Frame ID: 88F4FCA21CA8C0F863A9858A07FD2122
Requests: 16 HTTP requests in this frame

Frame: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 850F1E7EC96C9788E9B80BFEC85836F6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1245B1849510D12AAFC8842605624597
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP_c6go5dXmWjghziDu3wAyddwITQh5ff6f_5W0W1PxOzK5fkksx1CHTJnwIejLG2c2GBSvdS1jTusPE-a76ws0jTpGfvRBU21cR3h38cMpot5lO4LFUYj8jbJI_H3ZQMHru0hCli7mMNiLw-a9qxKMSHrrWONskl2OPH6FHdH6Br6OcHWpRSUksjo8k7pBNZHIPkVFsYtInB6B6BwCOPnGNpBat4oj6n_eUIvvLB92QuyUdYSlQKS9yB2ER8aqz81zHsBteoRgHQPbdbZM7t68OOjnOJ7WC6v6XcncIrnW8UQtwnN9Iu1-P3j6D3dv3OBTrkzN1evut6quxCXIGfSbbDS7EvlfmWFu-Lfqw&sai=AMfl-YR-G9THlx2vPR5h4QlaRo2vJtmnuZaAdje_guFG6iQ8yxME97RrJ1OnhmIKYUYQoF3sSRrJDptA-jyb7p5zFidjhhD8iVpZv7QmLH8eENQsAfAztqW7MPxZFnH_WQ&sig=Cg0ArKJSzB66Tw2z5ALNEAE&uach_m=[UACH]&adurl=
Frame ID: 5F67A45FEF2C5D393CAF325A6C64B82D
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: 73119EFBBC21EA86C02322C691794FF0
Requests: 13 HTTP requests in this frame

Frame: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB31A7BFAD579C270FFD3F739A43FD9D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY22pS-S9JG895mBhULFABdTmO9r1bsNC8koNdTN-BK5ClbfQLGaT133dETPUtunBfDptOxblzPAKI_H46elxiptP9be0prqRhWvocOviTQK2WiUkKbWsDd3s1frrE8LGzeSAatNZ9CZWGb4CNEDqlpqkOy5VQa8oGgRCJ1WwAGeknlm6_tD9yz0EYQO_fFyzpGE0PJd-lGp_is42ofE3PYmDqoX3YlST-jQGD1EHSu0wzGjjI3_eekQG3eiAA9zI4kEjC8Mz4Tiez206Hu9NtgKgcqBv74NhlKIzaUaQu7QwXJxOn2Hr1Qyll07YBiRU5zpuVqFE&sai=AMfl-YTRnaxOq2UeZfknC1TR1OzoRnoC-fhgCe-zGShEzelrNAwV6rY9TXwhFdLn5vMXbXcHE_1u2nFhl7p39lqvIRvI_MoHM5znRShYHdDHKqUFzbbEjy64ABB59Zulpg&sig=Cg0ArKJSzGO9dLceN0AREAE&uach_m=[UACH]&adurl=
Frame ID: 39F4CC0BBA51260099BB6BAD2A712AF9
Requests: 8 HTTP requests in this frame

Frame: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 55BBD3962EBA6F8FAB4BCBD615A188CF
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1O_e3enhfbjNgt7Q_jL9LFXy5VebjBWHmquzbbLKPRVgLRZlD21SMNf0b5muNV9r2pbVzNtT_nw04VH4Awi3NES0L0j5SdW5IuHVf2Y3TKNE93DH1q0A0Ghty24wqRr-26N0V8ZuhAGGuMwXojpzQxfUvA7gZ9kGZ2Fts_J86uiNX2G5vvxFqDxcejozdko5vCtbgdGrOShzC0LcZNyH7g9CR6BnY9ZOBaBGyUT3W7H1ZrgQ-vftNWC9Nt8OjSVUHMuYgxXYoTdWAqIKOgpmL4_5bxysth4X9mIpCJRyrH15TRN6DWDH8axMF3dYkASUNNexiog&sai=AMfl-YRjefb03hrRzFmykLKzPUxAsvVr02Mk0XVQ9jQSPlqP-qSoZWPis-n_S5C48fbkeOJEFX1nC94BSRudGMts6RtVIR_py-wFc08QHau7X5p4LAzVk65jIU9bR2QanQ&sig=Cg0ArKJSzDQVRVnOJEv_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 91E5C8D83A15CAD8FF2F3CF7F6A609DD
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: BCCC5CA1697F9F2D0602B406A13A7FEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGP-vp_EBMAE&v=APEucNWmED9bKOLAYEm4415XdmCb09yvHuG2x0RyfxRc1z18ltXmRPxCLqS31pJu6M_KesSWRdaXmTkosUOeciBYOQ_MNglI3g
Frame ID: 4D091CA22CA4B818E11ABE6EA48C3AAE
Requests: 5 HTTP requests in this frame

Frame: https://www.dianomi.com/js/contextfeed/contextfeed-frame.js
Frame ID: 5DEA819A31C3807D1A433F79EC361223
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6EA5D5385C28BE80F9C5A31D753C45CA
Requests: 9 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: DD4E56CEA74880B84958F0560D77E480
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: FBFEEA5C39CF1173DF5FAEE320F991C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 96A30E92C20D5B1202E3B47D13042D62
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8B0051F471A8C58ED6243AA3AF329580
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0727ADE4FB38A4B4D3DDD3A890EEF4AA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FEB0D46EEBFA67CB24B3DB2A46060989
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/TPGT0087_728x90.html?ev=01_250
Frame ID: 877C6344FDF20582C86E06854A07A57D
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 283C184F6C3623DA5103F5081AA7B31A
Requests: 4 HTTP requests in this frame

Frame: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Frame ID: 7BB654EB341DA1FD8633DFABC70B8B48
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EB04414348F8E30A7457EC66350BB3CB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A217C6EB20F9D7F537EBE1781671F46
Requests: 2 HTTP requests in this frame

Frame: https://pippio.com/api/sync?pid=1391&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&it=1&iv=cmmj08r3h9besr
Frame ID: 8D42D3A83D748C319BE1CBDAB785A806
Requests: 4 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=cmmj08r3h9besr&pctry=US&referrer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cache_buster=0.261876045471
Frame ID: E7046A9BE1E29A047AEC532973201541
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 8A97DEC47481AA169E994C7D7BC81401
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Malware spotted on Barracuda email gateways - Security - iTnews

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

344
Requests

87 %
HTTPS

0 %
IPv6

60
Domains

99
Subdomains

76
IPs

9
Countries

6522 kB
Transfer

13379 kB
Size

89
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.itnews.com.au/Images/mobile-share-twitter.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-twitter.png
Request Chain 27
  • https://www.itnews.com.au/Images/mobile-share-facebook.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-facebook.png
Request Chain 28
  • https://www.itnews.com.au/Images/mobile-share-linkedin.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-linkedin.png
Request Chain 29
  • https://www.itnews.com.au/Images/mobile-share-whatsapp.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-whatsapp.png
Request Chain 30
  • https://www.itnews.com.au/Images/mobile-share-email.png HTTP 301
  • https://www.itnews.com.au/images/mobile-share-email.png
Request Chain 59
  • https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png HTTP 301
  • https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
Request Chain 60
  • https://www.itnews.com.au/Images/itnews-logo-white.png HTTP 301
  • https://www.itnews.com.au/images/itnews-logo-white.png
Request Chain 61
  • https://www.itnews.com.au/Images/search-icon.png HTTP 301
  • https://www.itnews.com.au/images/search-icon.png
Request Chain 62
  • https://www.itnews.com.au/Images/bullet.png HTTP 301
  • https://www.itnews.com.au/images/bullet.png
Request Chain 98
  • https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_trk_aid=559952277;dc_trk_cid=193447334;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809866;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_pre=COXhg8yFuYADFTSKZgIdMWwERA;dc_trk_aid=559952277;dc_trk_cid=193447334;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809866;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1
Request Chain 103
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809866474&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809866474&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1690809866474%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fmalware-spotted-on-barracuda-email-gateways-598623%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809866474&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true&liSync=true
Request Chain 120
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Request Chain 123
  • https://idsync.rlcdn.com/425276.gif?partner_uid=133263db758adfa14e4d3c0fb70e61b8 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CLz6GRIsCigIARDX7wEaIDEzMzI2M2RiNzU4YWRmYTE0ZTRkM2MwZmI3MGU2MWI4EAAaDQiL7J6mBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=dbe93ff491768c35373e3d746f15efb408cd08d0aa6141f2ab6436042458e72d791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkYmU5M2ZmNDkxNzY4YzM1MzczZTNkNzQ2ZjE1ZWZiNDA4Y2QwOGQwYWE2MTQxZjJhYjY0MzYwNDI0NThlNzJkNzkxNDI2YjU0MTdkY2UyMRAAGgwIjOyepgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkYmU5M2ZmNDkxNzY4YzM1MzczZTNkNzQ2ZjE1ZWZiNDA4Y2QwOGQwYWE2MTQxZjJhYjY0MzYwNDI0NThlNzJkNzkxNDI2YjU0MTdkY2UyMRAAGgwIjOyepgYSBAgCEABCAEoA&google_gid=CAESEPTyISgWX5v7cXMvwn9L95I&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=cf6ffa98-c104-4d40-a1c2-531c792f9bb0
Request Chain 130
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809867448&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1690809867448%26conversionId%3D10367540%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fmalware-spotted-on-barracuda-email-gateways-598623%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809867448&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&liSync=true
Request Chain 138
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-dianomi&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid-server-aws.dianomi.com/setuid?bidder=rubicon&uid=LKQWJGCQ-Z-IJX4&gdpr=0
Request Chain 173
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjrC-kDi682pLbaDBd42B_pg9QIrkdE5xZ0OFcyTFYEzPDkb_xfbYv02VkKAx-oGTnNn7O3EjqSoEvS9sBdMipmbqj9kHBZ5CTX8qyoFC_6Lsmp87Qr8RvR1F5dtK5ypuLZqUEdfK35VIiJgRU4KBQS6ORm1ZDneKO3UAJ9LHJduoiFp2QLNs4G9DQ-l83rItrtGXe3sZ-b34H87dXVUWaEiGl-I3zEy3E8jL1Pkv5hAA5DE7AVMgA0oXgzBQP3bts4fObQxQortrgss5XcJeS6zIhc5le0Opn4VzJ8NiskzYVJaDpmWHRmbIAWOpNI14UDkxx_W9_qrSEYcV52HCy9N3awA&sai=AMfl-YQwdSpc8DSWnourjbImAGbvcdjwx-Hvn_jIMvD76A4T8rcqkHStlhWjk6ZDEsqSYagtZ8mnVxFMWZc9nrmlirPpi5rMZlXD_xIxB51tqWFrM96Rk-51z4KvoUjqrw&sig=Cg0ArKJSzIHfW8bE1_0PEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/13310892769688393457? HTTP 302
  • https://tpc.googlesyndication.com/simgad/13310892769688393457
Request Chain 181
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://server.prebid.dianomi.com//setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1957d4be-979e-452a-ae57-d6fe2044618e HTTP 301
  • https://server.prebid.dianomi.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1957d4be-979e-452a-ae57-d6fe2044618e
Request Chain 194
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&gdpr=0&gdpr_consent=&gdpr=0&khaos=LKQWJGWY-1K-JFZ HTTP 302
  • https://data.dianomi.com/frontend/rubicon?uid=LKQWJGWY-1K-JFZ&gdpr=0
Request Chain 197
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtRV0pHV1ktMUstSkZa&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIKzEQT1EcxCabnIzObhpeE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtRV0pHV1ktMUstSkZa&google_push=&gdpr=0
Request Chain 198
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3YPSL3QcRCS5RWcJBqbABw&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3YPSL3QcRCS5RWcJBqbABw&gdpr=0
Request Chain 199
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDk8nj1DP4ZjKw5XL_-zx-A&google_cver=1
Request Chain 200
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4d0cf414-2ced-4741-b71b-743c460b82a3&gdpr=0&gdpr_consent=&expires=30
Request Chain 201
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzIxMjExOGJmOTFjZGExNTQyYTg2ZDIwMDUwNTk4ODk2ZGY5MzZiYQ&gdpr=0
Request Chain 202
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKQWJGWY-1K-JFZ&gdpr=0
Request Chain 203
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=c6tNbrwyQZaYN9GhRH2JDg&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c6tNbrwyQZaYN9GhRH2JDg&gdpr=0
Request Chain 204
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/upySM7-OY_WcRfd0KcwkZA?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VhmuEQhE2oJi2iZoD3V9YnIxllaiK6c2o77e8Q--~A
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8GPF8EWN72i2rqo8Me8rc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8GPF8EWN72i2rqo8Me8rc&google_cver=1&C=1
Request Chain 206
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMe2DpEzLhZgPK4TL0aaxAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8GPF8EWN72i2rqo8Me8rc&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL_pQFXhszoIyg2qta-FB1E&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL_pQFXhszoIyg2qta-FB1E%26google_cver%3D1
Request Chain 208
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA0MTQzOTc4MTU3OTQ0NDU3MA%3D%3D
Request Chain 230
  • https://prebid.a-mo.net/cchain/0?gdpr=0&us_privacy=&cb=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/4033?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34&bidder=appnexus&cbx=aHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=7041439781579444570 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F4033%253Fgdpr%253D0%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F4033%253Fgdpr%253D0%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUM5MzdDNTgtMDA3My00MDk2LTlERjItMjhBRTQ3ODA3MzVE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3DAC937C58-0073-4096-9DF2-28AE4780735D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://prebid.a-mo.net/cchain/1/4033?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34&bidder=pubmatic&cbx=aHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=AC937C58-0073-4096-9DF2-28AE4780735D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/cchain/4/4033?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34&bidder=sovrn&cbx=aHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=HEqELLZHQj0kf6KwScumxPZj HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://prebid.a-mo.net/cchain/5/4033?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34&bidder=openx&cbx=aHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=e36b0b10-5f2d-4e5a-baed-0aa4cbb07bc6 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/6/4033?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34&bidder=index_rtb&cbx=aHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=ZMe2DpEzLhZgPK4TL0aaxAAA%264748 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LKQWJGWY-1K-JFZ&gdpr=0
Request Chain 253
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 254
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDLMzBLLGvQvDvn0f1QaYkg&google_cver=1&google_push=AaAOQGFJY2xb4INAJE91Bq7kJd9r6hM9tWySxkJqD5T4tNa62TdCXQ0piF1bRHFDJi7w-irFkuo79VpM3DJkXdCUM1bkFm7sqOcE_3cGOfVMUos7NrNXdSU8KzZJ25gjX4ReKvCOywueipDq-ir-TEos8pg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE3OTQ1MTM5MDM5OTc3ODY3MQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDLMzBLLGvQvDvn0f1QaYkg&google_cver=1
Request Chain 255
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJmaic5UDPMRWlxU-0Qhz34&google_cver=1&google_push=AaAOQGFnftAQjXBvJU33pvOUEQNK_2OCqEi3OWuWny9OUxBysv5a49C659gOiYdc4gWMGT1xHLMxYkjS2seNHowIAFo5HwrWW8Fa-or_lwcbUQOKifhwT6ihBGOHWX_IPNxlxg-mJbrH773UdNiygV46KZw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGQwY2Y0MTQtMmNlZC00NzQxLWI3MWItNzQzYzQ2MGI4MmEz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4d0cf414-2ced-4741-b71b-743c460b82a3
Request Chain 256
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEPICd0AryFz0nJPj3J31M2o&google_cver=1&google_push=AaAOQGE4kQU1-jEkkhQf8c9OndmweF1WzFtp5ul00i3hRs-CDMlQoiJ9idqc6hJXiqjeRF2fbzNYLhYggjRB97xlAK0CiKKaq4S24mIfVqnwtOm2oT7VONqCDApIeVr3wddFutq7ShI4gJHdsiWgBwVVgw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGE4kQU1-jEkkhQf8c9OndmweF1WzFtp5ul00i3hRs-CDMlQoiJ9idqc6hJXiqjeRF2fbzNYLhYggjRB97xlAK0CiKKaq4S24mIfVqnwtOm2oT7VONqCDApIeVr3wddFutq7ShI4gJHdsiWgBwVVgw&google_hm=pL0ZzvwyRk2NnJYE1b0ZMKY
Request Chain 257
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEFP-WxE7S8FTmOVjU_DT6fc&google_cver=1&google_push=AaAOQGHvXx75GdkKtXzt8nhtG7VVqALAC8EYCoJkS-_z0yR5RtlU6qQfPOHcJsrB82rIn5umuiQMSj5pjE9EtpKxbH4xO7m0qxPKUdd1QpgYVXZ-43ASk4Fopd84b9RdOD04GMdV12AI6AAyRCKH-lMoBCw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZmQ2NmFkMjYtY2I4Yi00ZTRiLTlmMTItMGUxNDExZGYwYjFh&google_gid=CAESEFP-WxE7S8FTmOVjU_DT6fc&google_cver=1&google_push=AaAOQGHvXx75GdkKtXzt8nhtG7VVqALAC8EYCoJkS-_z0yR5RtlU6qQfPOHcJsrB82rIn5umuiQMSj5pjE9EtpKxbH4xO7m0qxPKUdd1QpgYVXZ-43ASk4Fopd84b9RdOD04GMdV12AI6AAyRCKH-lMoBCw
Request Chain 260
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMsFstkkoa8Ygsir4YZUIq4&google_cver=1&google_push=AaAOQGGCteFIFcGz3gWR43w80IT86OxkQE9qSh5K9ydYwQBawGo106cGxgID7Hd2duAVLCp7ZeD2TIxDeuXhXF2EYfJk4XVbfAjcZvmYMfL9BAk0Hwi91bSs_ZNICfZV9vIQmLRrp1ON4-DN5ppIgjqAEkt8 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEMsFstkkoa8Ygsir4YZUIq4%26google_cver%3D1%26google_push%3DAaAOQGGCteFIFcGz3gWR43w80IT86OxkQE9qSh5K9ydYwQBawGo106cGxgID7Hd2duAVLCp7ZeD2TIxDeuXhXF2EYfJk4XVbfAjcZvmYMfL9BAk0Hwi91bSs_ZNICfZV9vIQmLRrp1ON4-DN5ppIgjqAEkt8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjY1Nzc4Njk3NzA0ODY5Nzcy&google_gid=CAESEMsFstkkoa8Ygsir4YZUIq4&google_cver=1&google_push=AaAOQGGCteFIFcGz3gWR43w80IT86OxkQE9qSh5K9ydYwQBawGo106cGxgID7Hd2duAVLCp7ZeD2TIxDeuXhXF2EYfJk4XVbfAjcZvmYMfL9BAk0Hwi91bSs_ZNICfZV9vIQmLRrp1ON4-DN5ppIgjqAEkt8
Request Chain 327
  • https://io.narrative.io/?companyId=1952&id=disqus_id%3Acmmj08r3h9besr&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.83643273779 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=97992711-2fa5-11ee-8fae-028fdbeaaa16&companyId=1952&id=disqus_id%3Acmmj08r3h9besr&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.83643273779 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=16223&puuid=97992711-2fa5-11ee-8fae-028fdbeaaa16&rand=0.83643273779
Request Chain 328
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Acmmj08r3h9besr&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=97992710-2fa5-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Acmmj08r3h9besr&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Request Chain 329
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D12037%26url%3Dhttp%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fmalware-spotted-on-barracuda-email-gateways-598623%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=&pid=12037&url=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&adnxs_uid=7041439781579444570
Request Chain 340
  • https://idsync.rlcdn.com/462246.gif?partner_uid=cmmj08r3h9besr HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=23d1ef88-f493-440c-8417-5f7866d3ae79
Request Chain 341
  • https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=1017&cparams=placement%3D1391 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGclkWEBuJJpp44lEVrKWo4&google_cver=1
Request Chain 344
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID%26cache_buster%3D1690809875.3563292 HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=7041439781579444570&cache_buster=1690809875.3563292 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=c142caab-2e6a-41e8-a108-9b89e0e476b7%3A1690809875.356044&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dcmmj08r3h9besr%26_%3D1690809875.9601665&cb=1690809875.9601984 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1992631740439049709&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dcmmj08r3h9besr%26_%3D1690809875.9601665 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=cmmj08r3h9besr&_=1690809875.9601665 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
Request Chain 345
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=c142caab-2e6a-41e8-a108-9b89e0e476b7%3A1690809875.356044&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D&cb=1690809875.3563838 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975180292776154704&referrer={encSite}&forward=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D1975180292776154704 HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1975180292776154704 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=cmmj08r3h9besr&_=1690809877.2851524
Request Chain 346
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=c142caab-2e6a-41e8-a108-9b89e0e476b7%3A1690809875.356044 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3181&partner_device_id=c142caab-2e6a-41e8-a108-9b89e0e476b7%3A1690809875.356044 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4954c1c3-9c9f-44a7-b0ca-bb1b1178f5f7%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d0cf414-2ced-4741-b71b-743c460b82a3&ttd_puid=4954c1c3-9c9f-44a7-b0ca-bb1b1178f5f7%2C%2C

344 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request malware-spotted-on-barracuda-email-gateways-598623
www.itnews.com.au/news/
110 KB
111 KB
Document
General
Full URL
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
469fe9ab65d1b70804a7eae3590ff3ff7d488b5a4815195814376df3e6641331

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private
content-length
113101
content-type
text/html; charset=utf-8
date
Mon, 31 Jul 2023 13:24:21 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-ua-compatible
IE=edge,chrome=1
gtm.js
www.googletagmanager.com/
239 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N4K222Q
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
3e4fbfda0264da109fb7eb8279aee7d3186effc839b0371e21bdb764e8da3e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85685
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jul 2023 13:24:23 GMT
css2
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
3c27abdcf0237d7192356b65997d97fd5b102087afdc0349da00f215290f7e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:15:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:24:23 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/
56 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3aaf4eb43762eb0a12cb6f9ce8c1743bdbf88a28d8b0fe5026ca098713193fa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itnews.com.au/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3358238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10101
last-modified
Fri, 29 May 2020 16:00:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed131a1-df5e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgL8KWUxDn04s0K%2F65ZntgHPfRLw1WBoG6ZakzEuk35sIKaKuQPHmoiDpwslk9izeO23%2F9dc%2F93iiM9BxMgOjM5kclSpoCWulCYdSNzp%2BlCEr8AV5mDIIlH%2FgqUhQ2eNPM8k7EzE"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ef6294dcd8d553f-SYD
expires
Sat, 20 Jul 2024 13:24:23 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/
34 KB
8 KB
Stylesheet
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
sffe /
Resource Hash
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 22:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8060
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 22:48:27 GMT
css_1402e7e221099bd60efee7e259329369.css
www.itnews.com.au/styles/
250 KB
38 KB
Stylesheet
General
Full URL
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
afdb897372300b0a4adfc7e79332ab1e13b7f22a3cb4690d238522a0886539ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:22 GMT
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 11:31:21 GMT
server
Microsoft-IIS/10.0
etag
"808a8687a2c3d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
39032
x-ua-compatible
IE=edge,chrome=1
itnews-logo-sticky.png
www.itnews.com.au/images/
4 KB
4 KB
Image
General
Full URL
https://www.itnews.com.au/images/itnews-logo-sticky.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef3254fb269f0a2b07dea6c4cf9af3276e2e402426a65dc74f22db7c84b91e6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:22 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"a07e5f37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3919
x-ua-compatible
IE=edge,chrome=1
itnews-logo-white.png
www.itnews.com.au/images/
4 KB
4 KB
Image
General
Full URL
https://www.itnews.com.au/images/itnews-logo-white.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:22 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"a07e5f37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3959
x-ua-compatible
IE=edge,chrome=1
recirculation.epl
www.dianomi.com/ Frame 6E38
2 KB
861 B
Document
General
Full URL
https://www.dianomi.com/recirculation.epl?id=119
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fc37ac397712865618472482c7bea91624c23c0f72177ceb74f0abf47518fef
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7ef6294d3f2ca817-SYD
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 31 Jul 2023 13:24:23 GMT
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
smartads.epl
www.dianomi.com/ Frame BE83
554 B
370 B
Document
General
Full URL
https://www.dianomi.com/smartads.epl?id=5141
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2cd3a4648d10ee850a3dfac3f8333bf219b896d4636b98581b03ae028a2d7ba
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7ef6294d3f2ea817-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 13:24:24 GMT
expires
now
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ImageResizer.ashx
i.nextmedia.com.au/Utils/
61 KB
61 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fspam_emails.jpg&h=420&w=748&c=0&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f66d09672939516de9c5c2829b9c7cef42b73a226cdf60913d16e42e37970c1d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="0_420_748_0_70_/News/spam_emails.jpg"
content-length
62328
expires
Thu, 03 Aug 2023 13:24:23 GMT
newsletter-promo-1.png
www.itnews.com.au/images/
38 KB
39 KB
Image
General
Full URL
https://www.itnews.com.au/images/newsletter-promo-1.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
024a2591127deb9b569b821da170c5b937bc471633d0f32ce534a7acef66a28b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"32537837cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
39346
x-ua-compatible
IE=edge,chrome=1
ImageResizer.ashx
i.nextmedia.com.au/Utils/
4 KB
4 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2finformation.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a9521db8c41cdfe90d860c253f86f77312837187c27de15499f8bd3a8647e171

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/information.jpg"
content-length
4445
expires
Thu, 03 Aug 2023 13:24:23 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
10 KB
10 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2ffinger_print_2.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
90039b5cdac762651ef5dc26d3230b87500034670b378f55382b09537f395b4d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/finger_print_2.jpg"
content-length
10537
expires
Thu, 03 Aug 2023 13:24:23 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
4 KB
4 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fryanair-b737-800_medium.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1a511566a24f533485456f1c2ed158c2bab5139c92d4d7ee76e70474e2e9c79d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/ryanair-b737-800_medium.jpg"
content-length
4027
expires
Thu, 03 Aug 2023 13:24:23 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
10 KB
10 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2flock_security_encryption_decryption.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c2443a79d678039401f2c6aee0dbc42d3baa040a3c5a44b7fc509f2fb3274581

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
False
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/lock_security_encryption_decryption.jpg"
content-length
9799
expires
Thu, 03 Aug 2023 13:24:23 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
5 KB
5 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fHealthcare_pic1.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26637af34ec0692f2b37fbb63d47f0a81ae417e4db5093a1b41913f7e9fb9adb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Videos/Healthcare_pic1.jpg"
content-length
4672
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
96 KB
96 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fnextpacific_The_culmination_of_the_transformation_is_a_highly_a_3b9fc0b5-21c8-4e18-a9cb-cfd4ad0f2a1c.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
be412dbb1b5f5cef585c3d546d086f08487ce0430bb522a0471da75ac611c5c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Features/nextpacific_The_culmination_of_the_transformation_is_a_highly_a_3b9fc0b5-21c8-4e18-a9cb-cfd4ad0f2a1c.png"
content-length
98422
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
91 KB
91 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fslack_emplyment_hero.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b7c6b1e3ff4eba500d6c7554ccfb1620c270be45307913d31c976f5d4b4c4514

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Features/slack_emplyment_hero.png"
content-length
93370
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
86 KB
86 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fnextpacific_photorealistic_As_the_trading_day_progresses_the_mo_7662d86d-9dbb-4156-b33d-c51f5668bfc5.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f47e5a573becfd926e196ca89ef79fa1c542fac60ba03e124e5266076dd61052

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Features/nextpacific_photorealistic_As_the_trading_day_progresses_the_mo_7662d86d-9dbb-4156-b33d-c51f5668bfc5.png"
content-length
88168
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
3 KB
3 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fRIMINISTREET_OPERATIONALEXCELLENCE_ANALYST_RESEARCHREPORT.JPG&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c5b298bdd118c4b96b530f8a13df48d857b161957c57fc1a4face478d375635d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/RIMINISTREET_OPERATIONALEXCELLENCE_ANALYST_RESEARCHREPORT.JPG"
content-length
2667
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
3 KB
3 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fRapid7_CloudSecurityBuyersGuide.JPG&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
138fcb54e22d1d45c68f04bdcf8048f3f3618938f010f1ea25444f4d9039738a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/Rapid7_CloudSecurityBuyersGuide.JPG"
content-length
3206
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
2 KB
2 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fRapid7_MDRBuyersGuide.JPG&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dd2a471c9a244edb79af3354718c3968e1f56bcf8b82b6bab20da6aaa971fa3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/Rapid7_MDRBuyersGuide.JPG"
content-length
1742
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
2 KB
2 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fRespondingtoindustrtrendsv3.JPG&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f4d604fe204e8c17b5ffdf044029eee5cbe2ef755af9d7a65aa3182f1d694f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/Respondingtoindustrtrendsv3.JPG"
content-length
2437
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
18 KB
18 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fReports%2fokta_the_future.png&w=100&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff0802dba344edbb3666900f129464ec7cf8f2602e5c32cf2e1ae558d8f78031

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_0_100_0_70_/Reports/okta_the_future.png"
content-length
17938
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
26 KB
26 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fwww.itnews.com.au%2fImages%2fEvents%2f230628143634Banner+1.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f77237114f40329885a24a86a726fd9a0945d4bdcec920bf18157cf03d4a1140

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_https://www.itnews.com.au/Images/Events/230628143634Banner 1.png"
content-length
26423
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
10 KB
10 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fwww.itnews.com.au%2fImages%2fEvents%2f230706155758TaglineLockup_2C_Horz%4010x+(3).png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c04774b6296678d6fcaddd28925aea4008135c918548496ea7b7c29fb2d72d3c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_https://www.itnews.com.au/Images/Events/230706155758TaglineLockup_2C_Horz@10x (3).png"
content-length
10345
expires
Thu, 03 Aug 2023 13:24:24 GMT
mobile-share-twitter.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-twitter.png
  • https://www.itnews.com.au/images/mobile-share-twitter.png
2 KB
2 KB
Image
General
Full URL
https://www.itnews.com.au/images/mobile-share-twitter.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
97b4d3aa4022178cfff4362771fab9d523eb8614d8425c9cb4c10690802635f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"3b86f37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2448
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-twitter.png
date
Mon, 31 Jul 2023 13:24:24 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
180
x-ua-compatible
IE=edge,chrome=1
mobile-share-facebook.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-facebook.png
  • https://www.itnews.com.au/images/mobile-share-facebook.png
1 KB
1 KB
Image
General
Full URL
https://www.itnews.com.au/images/mobile-share-facebook.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3d16b1b85d27a1023b45c661db7103c81076f748e5f6087fe98fae3c3d12de4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"19ed6b37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
1432
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-facebook.png
date
Mon, 31 Jul 2023 13:24:24 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
181
x-ua-compatible
IE=edge,chrome=1
mobile-share-linkedin.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-linkedin.png
  • https://www.itnews.com.au/images/mobile-share-linkedin.png
2 KB
2 KB
Image
General
Full URL
https://www.itnews.com.au/images/mobile-share-linkedin.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
447c44ae9488b24394843e6d134b2976abff7a1690baf2a496674d8b2f7e65fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"847e6d37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
1733
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-linkedin.png
date
Mon, 31 Jul 2023 13:24:24 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
181
x-ua-compatible
IE=edge,chrome=1
mobile-share-whatsapp.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-whatsapp.png
  • https://www.itnews.com.au/images/mobile-share-whatsapp.png
3 KB
4 KB
Image
General
Full URL
https://www.itnews.com.au/images/mobile-share-whatsapp.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
309e0d26a2af6e201832b611ddcad3c2d7b33a5ebc17fe4cbc8185d4251da38f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"22287237cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3541
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-whatsapp.png
date
Mon, 31 Jul 2023 13:24:24 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
181
x-ua-compatible
IE=edge,chrome=1
mobile-share-email.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/mobile-share-email.png
  • https://www.itnews.com.au/images/mobile-share-email.png
2 KB
2 KB
Image
General
Full URL
https://www.itnews.com.au/images/mobile-share-email.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2790a4e3cf07505b8a04d30e535c033506def2e29f5f9410d3b866876138f7f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"c7f46837cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2375
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/mobile-share-email.png
date
Mon, 31 Jul 2023 13:24:24 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
178
x-ua-compatible
IE=edge,chrome=1
ImageResizer.ashx
i.nextmedia.com.au/Utils/
314 KB
314 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fscam+fraud.png&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
450162017ea4958d4312d388b7b2bec9ed508bbf786be61a5127fd3018aec878

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/scam fraud.png"
content-length
321643
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
18 KB
18 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fGoogle_user_requests.jpg&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ce960f29415d47e8e8ede5a2e48d9b4f4376dcc0fa97ad9ffad0d08d28d31c09

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/Google_user_requests.jpg"
content-length
18612
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
26 KB
26 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2f2023-07-26T104612Z_1_LYNXMPEJ6P0GU_RTROPTP_4_RUSSIA-CYBER-COURT.JPG&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc8f981e55bac9f2999abab458c6a9a7a97e9c4d1beef2e663bf97cfe340a688

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/2023-07-26T104612Z_1_LYNXMPEJ6P0GU_RTROPTP_4_RUSSIA-CYBER-COURT.JPG"
content-length
26147
expires
Thu, 03 Aug 2023 13:24:24 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
19 KB
19 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fdata+security+breach.jpg&h=271&w=480&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1cb3cf77b239a0a241b313129c7594fa20fbdbd3764b4f174f4a0ab09c0b18ae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_271_480_1_70_/News/data security breach.jpg"
content-length
19122
expires
Thu, 03 Aug 2023 13:24:25 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
5 KB
5 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2febay.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2400d3387bcafd3e275084c1f236b9101cb78514a08fd936a0e9266bb51d4d45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/ebay.jpg"
content-length
5370
expires
Thu, 03 Aug 2023 13:24:25 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
4 KB
4 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fartificial_intelligence.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5153c665981db6dd56da1a567ed2c4490f3c9d596697ee0e4b54eed44559a259

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/artificial_intelligence.jpg"
content-length
4297
expires
Thu, 03 Aug 2023 13:24:25 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
3 KB
3 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2ffive_stars.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e40f7697b20640b631fcc4997de3bbf0841ff4ceda0ed69cf26273ee8c5cca9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/five_stars.jpg"
content-length
2875
expires
Thu, 03 Aug 2023 13:24:25 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
8 KB
8 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fKismet___team_portraitUSE.jpg&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
52356fa79424f57d02bf8363483b11939217d604cbd2a08ed29a06b4c1130546

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/News/Kismet___team_portraitUSE.jpg"
content-length
7994
expires
Thu, 03 Aug 2023 13:24:25 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
89 KB
89 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fai_regulation_.png&h=140&w=231&c=1&s=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6a3fa85b2d0ef49b17838d809b041ed6df15ccd0d8e3e355080c93ae7fd08eb4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/png
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_140_231_0_70_/Videos/ai_regulation_.png"
content-length
91499
expires
Thu, 03 Aug 2023 13:24:25 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
3 KB
3 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fVideos%2fmetaverse_loading.jpg&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fbf475dc9880897c8a88304c06d0f3f47c4b586f7961edeb90d388ae5bc164f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/Videos/metaverse_loading.jpg"
content-length
3035
expires
Thu, 03 Aug 2023 13:24:25 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
4 KB
4 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fGalleries%2f20230720023910_20230717_Ingram_Experience_Melbourne-21_v2.jpg&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
473702059a2b0d588e26ee57e721986d483f978bd7c0efe5cd16be49500de4aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/Galleries/20230720023910_20230717_Ingram_Experience_Melbourne-21_v2.jpg"
content-length
4226
expires
Thu, 03 Aug 2023 13:24:25 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
3 KB
3 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fFeatures%2fright_to_repair_TCO.jpg&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
348575019698802bed3c19f74802f98acbe55d352c5cf08996d43af5bc6d5536

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/Features/right_to_repair_TCO.jpg"
content-length
3021
expires
Thu, 03 Aug 2023 13:24:25 GMT
ImageResizer.ashx
i.nextmedia.com.au/Utils/
5 KB
5 KB
Image
General
Full URL
https://i.nextmedia.com.au/Utils/ImageResizer.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fGalleries%2fiot_awards_2023_thumb_v2.jpg&h=141&w=208&c=1&s=1
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.67 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
i.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f33dfe69dd9091f9050d5bbe9c13de44844ed7e0aa14f775cbad8882b47ab0a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/jpeg
found-in-image-cache
True
cache-control
public
content-disposition
inline; filename="1_141_208_1_70_/Galleries/iot_awards_2023_thumb_v2.jpg"
content-length
4829
expires
Thu, 03 Aug 2023 13:24:25 GMT
logo_nextmedia.png
www.itnews.com.au/images/
3 KB
3 KB
Image
General
Full URL
https://www.itnews.com.au/images/logo_nextmedia.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7a695284914af87ab17ff6436de3630cf1bb412dc1d069ab019158d322b5cb03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"c7f46837cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3458
x-ua-compatible
IE=edge,chrome=1
interactive-logo.png
www.itnews.com.au/images/
3 KB
3 KB
Image
General
Full URL
https://www.itnews.com.au/images/interactive-logo.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
51b6929224317237d4e3c7b597a4e20c75ada03b4b2fba2598713033f657e12a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"a1125037cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2819
x-ua-compatible
IE=edge,chrome=1
t.ashx
www.itnews.com.au/
70 B
219 B
Image
General
Full URL
https://www.itnews.com.au/t.ashx?u=&c=598623&s=3&r=&n=%2fnews%2fArticle.aspx&q=id%3d598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-ua-compatible
IE=edge,chrome=1
pragma
no-cache
date
Mon, 31 Jul 2023 13:24:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
no-cache
content-length
70
expires
-1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 10:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33495
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jul 2024 10:45:26 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/
235 KB
63 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
sffe /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 07:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64481
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jul 2024 07:11:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
1fc2ea89a6c38aaf7486163e58eecfc1ddfb0f02483faa8bd872d52f9eed9c29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27773
x-xss-protection
0
server
cafe
etag
737 / 19569 / 31076567 / config-hash: 8635427059522567014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:24:26 GMT
gdpr.js
www.itnews.com.au/scripts/
4 KB
1 KB
Script
General
Full URL
https://www.itnews.com.au/scripts/gdpr.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
683add284044c8b01d05f02366eb61327b1b34df5ca8c5425ecf8b7741f3d0ef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:22 GMT
content-encoding
gzip
last-modified
Mon, 24 Jul 2023 01:21:49 GMT
server
Microsoft-IIS/10.0
etag
"80f4538cdbdd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1378
x-ua-compatible
IE=edge,chrome=1
itn_b4ebb960ba892e4a6ce3d1e480da560e.js
www.itnews.com.au/scripts/
137 KB
42 KB
Script
General
Full URL
https://www.itnews.com.au/scripts/itn_b4ebb960ba892e4a6ce3d1e480da560e.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94896ce4389c53a0ccaddd54a349db997b1d66238b8cb2b743030d9b8725a019

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:22 GMT
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 11:31:22 GMT
server
Microsoft-IIS/10.0
etag
"0211f88a2c3d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
42579
x-ua-compatible
IE=edge,chrome=1
17.css
www.dianomi.com/img/a/pss/2818/ Frame 6E38
2 KB
956 B
Stylesheet
General
Full URL
https://www.dianomi.com/img/a/pss/2818/17.css
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2423689
cf-polished
origSize=2720
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 09 May 2023 08:00:28 GMT
server
cloudflare
etag
W/"aa0-5fb3e260f6300"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7ef6294f68d7a817-SYD
expires
Wed, 30 Aug 2023 23:24:23 GMT
100x70.jpg
www.dianomi.com/img/a/url/693584217/1/ Frame 6E38
2 KB
2 KB
Image
General
Full URL
https://www.dianomi.com/img/a/url/693584217/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
756aaadc242f919daec07aa78070c5ac5418b3bd7547025676657817674f6cfd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2423009
cf-polished
status=not_needed
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Sun, 25 Jun 2023 05:25:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
true
cf-ray
7ef6294f78daa817-SYD
expires
Mon, 07 Aug 2023 13:24:23 GMT
100x70.jpg
www.dianomi.com/img/a/url/693642693/1/ Frame 6E38
3 KB
3 KB
Image
General
Full URL
https://www.dianomi.com/img/a/url/693642693/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f54abae7d5b15807a28bcabc4d23bfb84eedde9e04bbbdf8eb82834a5f1ceb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2421556
cf-polished
degrade=85, origSize=10254, status=webp_bigger
content-length
2842
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 10:27:21 GMT
server
cloudflare
etag
"280e-5f8e4b41eddf8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef6294f78dba817-SYD
expires
Wed, 30 Aug 2023 23:24:23 GMT
100x70.jpg
www.dianomi.com/img/a/url/694331707/1/ Frame 6E38
2 KB
2 KB
Image
General
Full URL
https://www.dianomi.com/img/a/url/694331707/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6c69b1483932223d807e89cf8a70a087a524c5de06048d4678aca5671befcc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
414227
cf-polished
qual=85, origFmt=jpeg, origSize=7681
content-disposition
inline; filename="100x70.webp"
content-length
1806
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 12 Jul 2023 07:54:36 GMT
server
cloudflare
etag
"1e01-6004586e64408"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef6294f78dda817-SYD
expires
Wed, 30 Aug 2023 23:24:23 GMT
100x70.jpg
www.dianomi.com/img/a/url/704566481/1/ Frame 6E38
2 KB
2 KB
Image
General
Full URL
https://www.dianomi.com/img/a/url/704566481/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a77fc664704803c6a4f25bf8a2c58153fe83dc810f91df037ba82679dda9c330
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1145961
cf-polished
qual=85, origFmt=jpeg, origSize=15090
content-disposition
inline; filename="100x70.webp"
content-length
2086
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 May 2023 09:35:17 GMT
server
cloudflare
etag
"3af2-5fc6d38c0af60"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef6294f78dea817-SYD
expires
Wed, 30 Aug 2023 23:24:23 GMT
100x70.jpg
www.dianomi.com/img/a/url/687854130/1/ Frame 6E38
3 KB
3 KB
Image
General
Full URL
https://www.dianomi.com/img/a/url/687854130/1/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edf2a75a64e7e532e0a6718b4d376c0da1f5899ea9b8d258cdba019913de9816
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/recirculation.epl?id=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
498227
cf-polished
degrade=85, origSize=6425, status=webp_bigger
content-length
2791
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jul 2023 20:43:18 GMT
server
cloudflare
etag
"1919-6003c262ef000"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef6294f78e0a817-SYD
expires
Wed, 30 Aug 2023 23:24:23 GMT
sponsoredcontent.ashx
www.itnews.com.au/scripts/
1 B
58 B
Script
General
Full URL
https://www.itnews.com.au/scripts/sponsoredcontent.ashx?type=SponsoredLink&si=Blogs&pa=&sc=32&output=script&ros=True&ord=2768116029052871.5
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:22 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/plain; charset=utf-8
cache-control
private
content-length
1
x-ua-compatible
IE=edge,chrome=1
breaking-news-header-bkg-40.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/breaking-news-header-bkg-40.png
  • https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
2 KB
2 KB
Image
General
Full URL
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
33e6197168e000ef71ef56ae5fad7bc04c9c939dc33d34136d73d31676d1d507

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:22 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"58fe1337cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2338
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/breaking-news-header-bkg-40.png
date
Mon, 31 Jul 2023 13:24:22 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
187
x-ua-compatible
IE=edge,chrome=1
itnews-logo-white.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/itnews-logo-white.png
  • https://www.itnews.com.au/images/itnews-logo-white.png
4 KB
4 KB
Image
General
Full URL
https://www.itnews.com.au/images/itnews-logo-white.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:22 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"a07e5f37cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3959
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/itnews-logo-white.png
date
Mon, 31 Jul 2023 13:24:22 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
177
x-ua-compatible
IE=edge,chrome=1
search-icon.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/search-icon.png
  • https://www.itnews.com.au/images/search-icon.png
2 KB
2 KB
Image
General
Full URL
https://www.itnews.com.au/images/search-icon.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94f8ef517a973d33e2bde96d6c170e86e4be553f86bb2b5a07f228efa46e1ee7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:22 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"a0fd9037cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2259
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/search-icon.png
date
Mon, 31 Jul 2023 13:24:22 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
171
x-ua-compatible
IE=edge,chrome=1
bullet.png
www.itnews.com.au/images/
Redirect Chain
  • https://www.itnews.com.au/Images/bullet.png
  • https://www.itnews.com.au/images/bullet.png
171 B
224 B
Image
General
Full URL
https://www.itnews.com.au/images/bullet.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4bfc84f853864a42446e366637e6a3cc7e7bc9c8563eaae40932cd7fb85b71f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"5a9b1837cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
171
x-ua-compatible
IE=edge,chrome=1

Redirect headers

location
https://www.itnews.com.au/images/bullet.png
date
Mon, 31 Jul 2023 13:24:24 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
166
x-ua-compatible
IE=edge,chrome=1
play-btn.png
www.itnews.com.au/images/featured/
2 KB
2 KB
Image
General
Full URL
https://www.itnews.com.au/images/featured/play-btn.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d9cbf98cbeeb8314acb7bf6600855d6d75ae9b56e173a8ad1e46700eaf0aac52

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
last-modified
Mon, 24 Jul 2023 01:21:53 GMT
server
Microsoft-IIS/10.0
etag
"b160aa3acdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2120
x-ua-compatible
IE=edge,chrome=1
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:42:53 GMT
x-content-type-options
nosniff
age
398491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:42:53 GMT
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:51:27 GMT
x-content-type-options
nosniff
age
397977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:51:27 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/
74 KB
74 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f7f2e6e9846753468e37d570cf9ce4d674d8d301876035119573279fac1f7a6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7028056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75852
last-modified
Fri, 29 May 2020 16:00:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed131a1-1284c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOCziN%2B4ItAEYZQWZPQBlCVmdSUGwawjseRC6KeXh4d0sA%2FMLpOpobB4kttV6bBEAVj4og7pK4jB0w9jn88IPn7ovPWQYj3ygGVa3LG5MExapnDmi99pztmQNbaTbFGI3tkWEpMy"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ef6294fce4c553f-SYD
expires
Sat, 20 Jul 2024 13:24:23 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/
74 KB
75 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7754b3b966b7772e3be8792c6dba77b4ffdac9d93019b01af14c20fbd4321b3f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-2/css/all.min.css
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:23 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7032944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76176
last-modified
Fri, 29 May 2020 16:00:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed131a1-12990"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynWnR%2Bk1q7ZTuH%2BWz1TrKbezS7ISnwnyEiSxpDeOU4QCtg3p2vSgWxo%2FkWRhkaT2jpukMTDz5Sc%2BMvc375o%2FK5Nht48WFJIJgKDZhUDloG7pQXGzFMxPMC%2Bu4300xXJACz3cw57y"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ef6294fce4d553f-SYD
expires
Sat, 20 Jul 2024 13:24:23 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 23:02:44 GMT
x-content-type-options
nosniff
age
397300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 23:02:44 GMT
PN_yRfK9oXHga0XV5e8qghzW.woff2
fonts.gstatic.com/s/martel/v10/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV5e8qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
c8dea9bb1169a9455240a9e7aa6f1f7dd922c7160010eb6f2269acbf4acd5ab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 23:03:34 GMT
x-content-type-options
nosniff
age
397250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18820
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 23:03:34 GMT
PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v10/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV3e0qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:39:33 GMT
x-content-type-options
nosniff
age
398691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19012
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:39:33 GMT
PN_yRfK9oXHga0XVzeoqghzW.woff2
fonts.gstatic.com/s/martel/v10/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XVzeoqghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
2991fa8cfe2986011e6569a578888d8f2e901b17e1959420df70d5c07c5582db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:17:41 GMT
x-content-type-options
nosniff
age
392803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19072
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jul 2024 00:17:41 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400&family=Martel:wght@300;400;700;900&family=Roboto+Slab:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itnews.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:54:16 GMT
x-content-type-options
nosniff
age
397808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:54:16 GMT
css
fonts.googleapis.com/ Frame 6E38
4 KB
615 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
0e00e4ee9c109fdd3c08db4702bb64ada5419c2e47fc3259903df28e22b78e97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:24:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:24:23 GMT
css
fonts.googleapis.com/ Frame 6E38
2 KB
514 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 12:31:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:24:23 GMT
network-bar-logos.png
www.itnews.com.au/images/
9 KB
9 KB
Image
General
Full URL
https://www.itnews.com.au/images/network-bar-logos.png?q=20211001
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
82f4a15bfde68af3ba1ab9e557ba6b1c700d6aafe0d9e42561576366662701ba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
last-modified
Mon, 24 Jul 2023 01:21:48 GMT
server
Microsoft-IIS/10.0
etag
"b1b27337cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
9407
x-ua-compatible
IE=edge,chrome=1
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 6E38
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:42:53 GMT
x-content-type-options
nosniff
age
398491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:42:53 GMT
PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v10/ Frame 6E38
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV3e0qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:39:33 GMT
x-content-type-options
nosniff
age
398691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19012
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:39:33 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.76 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jul 2023 09:07:54 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=14238
accept-ranges
bytes
content-length
4862
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658328797/?random=1690809863967&cv=11&fst=1690809863967&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&hn=www.googleadservices.com&frm=0&tiba=Malware%20spotted%20on%20Barracuda%20email%20gateways%20-%20Security%20-%20iTnews&auid=756065001.1690809864&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
9ae27b8d6ca05199eae179a1e8998c37ca9d055e8e93251ebf548c97899089ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1370
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-2321248.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2321248.js?sv=7
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-61.sin52.r.cloudfront.net
Software
/
Resource Hash
071a3dd61c05dcacc5d360a97e383ea8434c43670a8b71d9420db47e5f3cf081
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:23:57 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 59200cf8e35c5a7273b88a148fe1e0a4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
age
29
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/42abed19625b0d0aa7fcbab03f14e607
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
_0P-NfnKsb_SSWLCTOHHaubSjFfsRuTFv-JjdfogtnRPxYmTiQvjKQ==
fbevents.js
connect.facebook.net/en_US/
171 KB
47 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
52ea134848cf261f25b89a48cf302f4d97f3d69ef6db75c3648ff1ea6cd6fb3a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Jul 2023 13:24:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47009
x-xss-protection
0
pragma
public
x-fb-debug
m0LFYy37FJlEdaHBN7RvEj1dSKK0voY+ZoG1ntBgpe4los5ez/+BRyJiy6lMrGdisnKkOQ5NIamgBCqWjUqOxA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
21321196.js
js.hs-scripts.com/
1 KB
1 KB
Script
General
Full URL
https://js.hs-scripts.com/21321196.js?businessUnitId=237470
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.137.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad591eae33b04f81ffed88bf0228cdd74e35a41ff3732de7c44125e7b2a30fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
e0d1517c-b573-4af6-925c-90908446794a
x-envoy-upstream-service-time
24
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e0d1517c-b573-4af6-925c-90908446794a
last-modified
Mon, 31 Jul 2023 13:23:13 GMT
server
cloudflare
x-trace
2BC07EFE2A3EE3121E3DB4B4FCB721F665D7BC942B000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.itnews.com.au
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-h5kcm
cf-ray
7ef6295f8bdaa949-SYD
expires
Mon, 31 Jul 2023 13:25:26 GMT
embed.js
itnewsnext.disqus.com/
78 KB
25 KB
Script
General
Full URL
https://itnewsnext.disqus.com/embed.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
ea6e7b2fd424e50dfa8b3a1a8a504f98b76bf1ce4b87a3d598afec396c544102
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:26 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
40
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25399
count.js
itnewsnext.disqus.com/
1 KB
2 KB
Script
General
Full URL
https://itnewsnext.disqus.com/count.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
143
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 20 Jul 2023 16:51:41 GMT
Server
nginx
ETag
"64b9661d-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
p_e0-TTsBh3HxN6rsdY0d8dDqgY2osw_7wNmbHGFA7aQYHYScmBgFA==
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 11:58:02 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5184
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 31 Jul 2023 13:58:02 GMT
js
www.googletagmanager.com/gtag/
256 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VF4SSPXWVE&l=dataLayer&cx=c
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
56d9480eeb3fc036a859b1c01b7cddfbc233a7d25cf77642cd8c32e7c942eec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87899
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 31 Jul 2023 13:24:26 GMT
tcfredirector.js
www.dianomi.com/js/contextfeed/ Frame BE83
49 KB
14 KB
Script
General
Full URL
https://www.dianomi.com/js/contextfeed/tcfredirector.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26bd65c9dd2fadc88dd5544f27a8bcbca3c2aa1850eead6a38dc8212cf504fea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:24 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
59
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:37 GMT
server
cloudflare
etag
W/"c42d-600ea781b8280"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef629568eaca817-SYD
expires
Mon, 31 Jul 2023 13:26:24 GMT
smartads.epl
www.dianomi.com/ Frame BE83
8 KB
2 KB
Document
General
Full URL
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/tcfredirector.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ce38f40eededc2ca9720b86376fbacc0dc95b9c65b1a01323257b4f0b612b78
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smartads.epl?id=5141
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7ef6295dbc65a817-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 13:24:26 GMT
expires
now
link
</img/a/pss/2818/17.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
modules.6b15d95870354fc25d31.js
script.hotjar.com/
227 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.6b15d95870354fc25d31.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-35.sin52.r.cloudfront.net
Software
/
Resource Hash
46e9e4a4dcefc780ebf5d3d24bdbc96d647beb4244df31bf35f4ba77a077de06
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 09:27:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 5ba1fc6b25fbcd91520a550358bd4bac.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
273441
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56514
last-modified
Fri, 28 Jul 2023 09:27:03 GMT
etag
"d8fc4fd06d4a76974c96d8997389f289"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
b9QKrAaNM_CY2GGxKqR33nc1D-BfNyoEQ1SNVJpT0Vdmpfh9cEtEHQ==
17.css
www.dianomi.com/img/a/pss/2818/ Frame BE83
2 KB
943 B
Stylesheet
General
Full URL
https://www.dianomi.com/img/a/pss/2818/17.css
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2423692
cf-polished
origSize=2720
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 09 May 2023 08:00:28 GMT
server
cloudflare
etag
W/"aa0-5fb3e260f6300"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7ef629614ef9a817-SYD
expires
Wed, 30 Aug 2023 23:24:26 GMT
viewability11.js
www.dianomi.com/js/ Frame BE83
8 KB
3 KB
Script
General
Full URL
https://www.dianomi.com/js/viewability11.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
21
cf-polished
origSize=13022
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 14:33:52 GMT
server
cloudflare
etag
W/"32de-5fa523edf86e0"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef629614f00a817-SYD
expires
Mon, 31 Jul 2023 13:26:26 GMT
dianomi-max-200x38.png
www.dianomi.com/img/ Frame BE83
1 KB
1 KB
Image
General
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2423829
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef629632889a817-SYD
expires
Wed, 30 Aug 2023 23:24:26 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/297166/3/ Frame BE83
2 KB
3 KB
Image
General
Full URL
https://www.dianomi.com/img/a/sav2/297166/3/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcfeed1517509e18ee43e1714ea8c09250f937ea2bf396f0c10947f85dad4d08
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
92696
cf-polished
degrade=85, origSize=4273, status=webp_bigger
content-length
2554
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 04 Jul 2023 00:38:34 GMT
server
cloudflare
etag
"10b1-5ff9e80cdec80"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62963288ca817-SYD
expires
Wed, 30 Aug 2023 23:24:26 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/271997/2/ Frame BE83
3 KB
3 KB
Image
General
Full URL
https://www.dianomi.com/img/a/sav2/271997/2/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62df622306d660e66ea705c7a95e9ee01431acd24c65c7c4f721d661aff1dd43
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
318947
cf-polished
qual=85, origFmt=jpeg, origSize=5471
content-disposition
inline; filename="100x70.webp"
content-length
3430
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 01 Jun 2023 20:44:00 GMT
server
cloudflare
etag
"155f-5fd177effba48"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef629632890a817-SYD
expires
Wed, 30 Aug 2023 23:24:26 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/298710/5/ Frame BE83
3 KB
3 KB
Image
General
Full URL
https://www.dianomi.com/img/a/sav2/298710/5/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12fccf7e8708b33fd569370ac537aa4fd3039bedb6efaa8343de195f42af870c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
408471
cf-polished
qual=85, origFmt=jpeg, origSize=4672
content-disposition
inline; filename="100x70.webp"
content-length
3254
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 04 Jul 2023 08:17:20 GMT
server
cloudflare
etag
"1240-5ffa4e981e5c8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef629632891a817-SYD
expires
Wed, 30 Aug 2023 23:24:26 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/296420/2/ Frame BE83
3 KB
3 KB
Image
General
Full URL
https://www.dianomi.com/img/a/sav2/296420/2/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a2c204c79b99077de8a8b4e111d871a810c89ca0fc8ab968175c2f1c52f9a6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1334224
cf-polished
degrade=85, origSize=5077, status=webp_bigger
content-length
3057
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Mon, 12 Jun 2023 22:33:55 GMT
server
cloudflare
etag
"13d5-5fdf650567dc8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef629632893a817-SYD
expires
Wed, 30 Aug 2023 23:24:26 GMT
100x70.jpg
www.dianomi.com/img/a/sav2/288686/5/ Frame BE83
2 KB
2 KB
Image
General
Full URL
https://www.dianomi.com/img/a/sav2/288686/5/100x70.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93b60d6713cf195efc83a8f8252f4ec716d0b7449993d64e4d4450e576b3f4d7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:26 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
396077
cf-polished
qual=85, origFmt=jpeg, origSize=3908
content-disposition
inline; filename="100x70.webp"
content-length
2104
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Jun 2023 20:17:07 GMT
server
cloudflare
etag
"f44-5fdb80d940ae8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef629632896a817-SYD
expires
Wed, 30 Aug 2023 23:24:26 GMT
B29495057.365802594;dc_pre=COXhg8yFuYADFTSKZgIdMWwERA;dc_trk_aid=559952277;dc_trk_cid=193447334;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809866;dc_lat=;dc_rdid=;tag_for_child_di...
ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/ Frame BE83
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_trk_aid=559952277;dc_trk_cid=193447334;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809866;d...
  • https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_pre=COXhg8yFuYADFTSKZgIdMWwERA;dc_trk_aid=559952277;dc_trk_cid=193447334;cid=0002371490;utm_source=dianomi;u...
15 KB
12 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_pre=COXhg8yFuYADFTSKZgIdMWwERA;dc_trk_aid=559952277;dc_trk_cid=193447334;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809866;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
cafe /
Resource Hash
c5958b3c3e8577a5132a6392449e10856f91647d85bca0bf605eaed1b5ea40b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11801
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_pre=COXhg8yFuYADFTSKZgIdMWwERA;dc_trk_aid=559952277;dc_trk_cid=193447334;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809866;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
banner.js
js.hs-banner.com/v2/21321196/
209 KB
64 KB
Script
General
Full URL
https://js.hs-banner.com/v2/21321196/banner.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140f1fb8af2d84d9a97d2d26372392b4034929da4a8de4412caaaa5942353a75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:27 GMT
x-amz-version-id
VWSCLRaGW2HieUGG0j1WGFHkFPfp9qXc
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
490EMA59HW857EWC
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
age
155
x-envoy-upstream-service-time
27
x-amz-id-2
sYzB2NASgpfmXyUJyn9ZA7OW/Qtl3oIAo8+W0ekf/y8QVleqjSoMjx6TkR0u3blMZd8jq1zAVGU=
x-evy-trace-listener
listener_https
x-request-id
91020cd4-7f04-4453-8aa2-a0c27a3f15f1
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 22 Jun 2023 19:00:46 GMT
server
cloudflare
etag
W/"6ee368503cb4f800a49a1e686eae6ed7"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.itnews.com.au
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7ef629656d39a889-SYD
expires
Mon, 31 Jul 2023 13:26:52 GMT
fb.js
js.hsadspixel.net/
6 KB
3 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.121.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e10ce26ead0eca58cd5346843538415611b745bfd29825322efad56424a4c911
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:27 GMT
x-amz-version-id
aAzOiTTzU7.XykyGrcpmeR7PTeB2LyLv
via
1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
140
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.387/bundles/pixels-release.js&cfRay=7ef625f88b1f5581-SYD
x-cache
Hit from cloudfront
x-hubspot-correlation-id
5eb57a14-dd26-4c6a-a377-fb17fda54c99
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5eb57a14-dd26-4c6a-a377-fb17fda54c99
last-modified
Tue, 18 Jul 2023 03:27:27 UTC
server
cloudflare
etag
W/"784f994871e489c9943a65326d43e875"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-5c7n7
cf-ray
7ef62966a87f5521-SYD
x-amz-cf-id
XS7gscRgMNhFeaKyDFpmdWl8Y5ExRsZJgwYG6R0zI77J1dQTxhuYYQ==
x-hs-target-asset
adsscriptloaderstatic/static-1.387/bundles/pixels-release.js
21321196.js
js.hs-analytics.net/analytics/1690809600000/
66 KB
21 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1690809600000/21321196.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.139.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
363770b3b4022e82a9a7208139456e57a888c78936e6d21da9985a82a0bf61ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:27 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YZXWBJ6NSYSJD92P
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
ffcc33bf-9dbf-44b2-a6aa-19f425317688
age
205
x-envoy-upstream-service-time
24
x-amz-id-2
mRijSyPAV9zWS5p7YEpqQgAb1qodRAKWiGbv6tk0zulfB3Chex5YLZnI/RIlGv/fbB9/8eeplSg=
x-evy-trace-listener
listener_https
x-request-id
ffcc33bf-9dbf-44b2-a6aa-19f425317688
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 20 Jul 2023 16:40:03 GMT
server
cloudflare
etag
W/"28a53e854fd02f44677ebae0c2474649"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7ef629671bcaa97f-SYD
expires
Mon, 31 Jul 2023 13:26:02 GMT
token
cdn.linkedin.oribi.io/partner/1503796/domain/itnews.com.au/
36 B
375 B
XHR
General
Full URL
https://cdn.linkedin.oribi.io/partner/1503796/domain/itnews.com.au/token
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-107.sin5.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:14:49 GMT
content-encoding
gzip
via
1.1 f28347a3148f4f8fa1d930375689073c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
578
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
Z48ukaOrHt3VtwLzjSyoigTIOaT3Y0cBpO7ZA8AIxZ-qPI8ORtCzoQ==
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809866474&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809866474&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1690809866474%26url%3Dhttps%253A%252F%252Fwww.itnews.com.au%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809866474&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true&liSync...
0
384 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809866474&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true&liSync=true
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:28 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 8BE53BA50F6F455BB15703639DDFF7F9 Ref B: SYD03EDGE0916 Ref C: 2023-07-31T13:24:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYByFmcpncO3HWg8LgeKA==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' snap.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:24:28 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYByFmXuvgoH2ylpCMWRw==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 1C57E325167A48CF9C830539BEC8FDC9 Ref B: SYD03EDGE0916 Ref C: 2023-07-31T13:24:28Z
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809866474&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
count-data.js
itnewsnext.disqus.com/
328 B
909 B
Script
General
Full URL
https://itnewsnext.disqus.com/count-data.js?1=598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f3825254f45cd3af8f249994cd530bae02db42a80654a9c736ab0558d9a6e8c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:27 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
328
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ Frame BE83
4 KB
615 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
0e00e4ee9c109fdd3c08db4702bb64ada5419c2e47fc3259903df28e22b78e97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:24:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:24:26 GMT
css
fonts.googleapis.com/ Frame BE83
2 KB
537 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2818/17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 13:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:08:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 13:24:26 GMT
/
www.google.com/pagead/1p-user-list/658328797/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/658328797/?random=1690809863967&cv=11&fst=1690808400000&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&frm=0&tiba=Malware%20spotted%20on%20Barracuda%20email%20gateways%20-%20Security%20-%20iTnews&fmt=3&is_vtc=1&random=2887639319&rmt_tld=0&ipr=y
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f105.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/658328797/
42 B
154 B
Image
General
Full URL
https://www.google.com.au/pagead/1p-user-list/658328797/?random=1690809863967&cv=11&fst=1690808400000&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&frm=0&tiba=Malware%20spotted%20on%20Barracuda%20email%20gateways%20-%20Security%20-%20iTnews&fmt=3&is_vtc=1&random=2887639319&rmt_tld=1&ipr=y
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/
387 KB
123 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
aecbcd81ab4ba067ecfc856682cb5d34b2249db6564ae0e4f3f23422b734dc31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 19:40:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
63837
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125612
x-xss-protection
0
server
cafe
etag
13662757064411976442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 29 Jul 2024 19:40:30 GMT
recommendations.js
itnewsnext.disqus.com/
64 KB
21 KB
Script
General
Full URL
https://itnewsnext.disqus.com/recommendations.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
01e185b251db25c534a978c716ba4d81b442ff1475782acd18cfdc332d7ddd4e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:27 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
21161
/
disqus.com/embed/comments/ Frame FC39
7 KB
4 KB
Document
General
Full URL
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
03a27bd290072540db749ce00cb5e19f373881119b9bf4c247740125f6953e9a
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2833
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Mon, 31 Jul 2023 13:24:27 GMT
ETag
W/"lounge:view:9794445677.b88677622affe8081866d44410d65f36.2"
Last-Modified
Mon, 31 Jul 2023 01:27:15 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
pixeljs
data.dianomi.com/frontend/ Frame BE83
4 KB
2 KB
Script
General
Full URL
https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x1FC4D68886FC477B83DCB87E883B8C15&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49a2fafd52e42a3d4191003cd5dd674dea725c31cb329f08f91ae0ab37e47d09
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:27 GMT
strict-transport-security
max-age=2592000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
via
1.1 google
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
7ef62963389ba817-SYD
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame BE83
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:42:53 GMT
x-content-type-options
nosniff
age
398493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:42:53 GMT
PN_yRfK9oXHga0XV3e0qghzW.woff2
fonts.gstatic.com/s/martel/v10/ Frame BE83
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_yRfK9oXHga0XV3e0qghzW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Martel:400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:39:33 GMT
x-content-type-options
nosniff
age
398693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19012
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 22:39:33 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame BE83
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dianomi.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 23:02:44 GMT
x-content-type-options
nosniff
age
397302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jul 2024 23:02:44 GMT
collect
analytics.google.com/g/
0
256 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VF4SSPXWVE&gtm=45je37q0&_p=1866256029&_gaz=1&cid=999544961.1690809867&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690809866&sct=1&seg=0&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&dt=Malware%20spotted%20on%20Barracuda%20email%20gateways%20-%20Security%20-%20iTnews&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_section=News&ep.site_category=Technology&ep.site_subcategory=Security&ep.site_keywords=%7Cbarracuda%7Ccisa%7Ccve20232868%7Cseaspy%7Csubmarine%7C&ep.article_heading=Malware%20spotted%20on%20Barracuda%20email%20gateways
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VF4SSPXWVE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VF4SSPXWVE&cid=999544961.1690809867&gtm=45je37q0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VF4SSPXWVE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VF4SSPXWVE&cid=999544961.1690809867&gtm=45je37q0&aip=1&z=1840892274
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
991594294528179
connect.facebook.net/signals/config/
377 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/991594294528179?v=2.9.119&r=stable
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
e5526a9d8dd37f8f5b82ded543bcbfbe1165fbb82f41d4855b99845c63ad98a2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Jul 2023 13:24:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
339Y8JjHcaOv7+F3LTJnhtRZrs8liFg+okWs9R59DrcZC86UEBpV9jsshT/W/kU0cik9w4GWNriED73twoFUSA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 163A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Requested by
Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x1FC4D68886FC477B83DCB87E883B8C15&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.198.37 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-198-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.dianomi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jul 2023 13:24:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 31 Jul 2023 13:24:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
server
AkamaiGHost
cookie_sync.html
www.dianomi.com/prebid/ Frame B172
13 KB
4 KB
Document
General
Full URL
https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Requested by
Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x1FC4D68886FC477B83DCB87E883B8C15&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec2a96501b91fcaf2db6eb6ae3513dd7a76c9754f623b08c19e80f6d7b5d48a7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7ef62965cad4a817-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 13:24:27 GMT
last-modified
Tue, 25 Apr 2023 12:24:50 GMT
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
data.dianomi.com/frontend/ Frame BE83
0
111 B
XHR
General
Full URL
https://data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fwww.dianomi.com%2Fsmartads.epl%3Fid%3D5141&can_programmatic=1&geo_country=9&smartad_variant_id=7334&device_type=computer&organization=latitude.sh&referer=https%3A%2F%2Fwww.dianomi.com%2Fsmartads.epl%3Fid%3D5141&geo_state=new%20south%20wales&publisher_id=1339&adgroup_ids=121946%2C119644%2C114524%2C124782%2C124313&impression_id=ZMe2Ch0_FudEl2LzgtIksQAAACI&adgroup_variant_ids=288686%2C296420%2C271997%2C298710%2C297166&geo_ccod=au&geo_dma=&hosting_facility=0&include_rtb=2&smartad_id=5141&session=133263db758adfa14e4d3c0fb70e61b8
Requested by
Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x1FC4D68886FC477B83DCB87E883B8C15&third_party_tracking=1&consent_string=&smartad_id=5141&partner_id=1339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:27 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
content-length
0
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.dianomi.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7ef62965cad2a817-SYD
access-control-allow-headers
dianomi-force-dmp
458249.gif
idsync.rlcdn.com/ Frame BE83
Redirect Chain
  • https://idsync.rlcdn.com/425276.gif?partner_uid=133263db758adfa14e4d3c0fb70e61b8
  • https://idsync.rlcdn.com/1000.gif?memo=CLz6GRIsCigIARDX7wEaIDEzMzI2M2RiNzU4YWRmYTE0ZTRkM2MwZmI3MGU2MWI4EAAaDQiL7J6mBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=dbe93ff491768c35373e3d746f15efb408cd08d0aa6141f2ab6436042458e72d791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkYmU5M2ZmNDkxNzY4YzM1MzczZTNkNzQ2ZjE1ZWZiNDA4Y2QwOGQwYWE2MTQxZjJhYjY0MzYwNDI0NThlNzJkNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkYmU5M2ZmNDkxNzY4YzM1MzczZTNkNzQ2ZjE1ZWZiNDA4Y2QwOGQwYWE2MTQxZjJhYjY0MzYwNDI0NThlNzJkNzkxNDI2YjU0MTdkY2UyMRAAGgwIjOyepgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=cf6ffa98-c104-4d40-a1c2-531c792f9bb0
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=cf6ffa98-c104-4d40-a1c2-531c792f9bb0
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=cf6ffa98-c104-4d40-a1c2-531c792f9bb0
date
Mon, 31 Jul 2023 13:24:29 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
x.bidswitch.net/check_uuid/ Frame BE83
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/j/
4 B
211 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1866256029&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&ul=en-us&de=UTF-8&dt=Malware%20spotted%20on%20Barracuda%20email%20gateways%20-%20Security%20-%20iTnews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=168809084&gjid=978518006&cid=999544961.1690809867&tid=UA-102830131-1&_gid=1099266448.1690809867&_r=1&_slc=1&gtm=45He37q0n81N4K222Q&cd1=News&cd2=Technology&cd3=Security&cd4=%7Cbarracuda%7Ccisa%7Ccve20232868%7Cseaspy%7Csubmarine%7C&z=2068576344
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BE83
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N5877.576592DIANOMI.COM1/B29495057.365802594;dc_trk_aid=559952277;dc_trk_cid=193447334;cid=0002371490;utm_source=dianomi;utm_medium=display;ord=1690809866;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 23:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
50121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jul 2024 23:29:07 GMT
collect
stats.g.doubleclick.net/j/
8 B
355 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102830131-1&cid=999544961.1690809867&jid=168809084&gjid=978518006&_gid=1099266448.1690809867&_u=YADAAEAAAAAAACAAI~&z=1395397062
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 31 Jul 2023 13:24:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/
122 B
1 KB
XHR
General
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21321196
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06858ebff3571e21150204c3dd2b8933bfa9f4ad0c8b928f4abb0154e816b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
8d47a17f-9546-44cc-b6b3-dafd6e899cb8
content-encoding
br
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8d47a17f-9546-44cc-b6b3-dafd6e899cb8
server
cloudflare
x-trace
2B3973A51D53E4272DF24B20532B10A058ADDEA270000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.itnews.com.au
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-6qscq
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqBjb12HPpppDKG%2FAXUmNZhYtZEjiAIBDX5%2BnmUswvL%2BXsoBqeKDl6NaPJFujcDs7V90Q%2BQ%2FLjXs5azFa4et5Y3FZSM4lIUZKInl7jAEoTpa4KcJCFSKTZE7o94imROT"}],"group":"cf-nel","max_age":604800}
cf-ray
7ef6296aaa99aaf5-SYD
access-control-allow-headers
*
cookie_sync
server.prebid.dianomi.com/ Frame B172
3 KB
874 B
XHR
General
Full URL
https://server.prebid.dianomi.com/cookie_sync
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/prebid/cookie_sync.html?gdpr=0&gdpr_consent=&us_privacy=&bidders=adf,rubicon,grid,adform,pubmatic,openx,freewheelssp,undertone,amx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.141.254 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-141-254.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
c06514f0ec6d9019cf95091e6d1663348d5db9ad9d30b5d537e2766ed5d87e2a

Request headers

Referer
https://www.dianomi.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:27 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dianomi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
618
expires
0
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809867448&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1503796%26time%3D1690809867448%26conversionId%3D10367540%26url%3Dhttps%253A%252F%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809867448&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&l...
0
381 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809867448&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&liSync=true
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:28 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: C1454823607F468894837007FCDBB052 Ref B: SYD03EDGE0916 Ref C: 2023-07-31T13:24:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYByFmf8AVvyhwUkJJCgg==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' snap.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:24:28 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYByFmZWSIVzSUMkP89WA==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 7F4EA00633E84E6D8D7A30A655DB1958 Ref B: SYD03EDGE0916 Ref C: 2023-07-31T13:24:28Z
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1503796&time=1690809867448&conversionId=10367540&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
lounge.load.617b1d7777ec737a28f95e7268f17c68.js
c.disquscdn.com/next/embed/ Frame FC39
1 KB
1 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/lounge.load.617b1d7777ec737a28f95e7268f17c68.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
8727d9c01c8591ed8626da718e82bb55a54dc4a486a3f3f572335985f8014c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 26 Jul 2023 16:37:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 08244b1866fe32276ce5a76c3d8b5ec6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
420421
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
623
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 26 Jul 2023 16:31:54 GMT
server
nginx
etag
"64c14a7a-26f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
urYNakEntALOy4B67kHXlVf2DIj6IeI3su5vAmgxZSS0gvoHgWBQ1w==
expires
Thu, 25 Jul 2024 16:37:27 GMT
/
disqus.com/recommendations/ Frame 88F4
6 KB
3 KB
Document
General
Full URL
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80c585ce5507aa82336e73df5e7411b4679a7aeb600b8c137e70fa4d551cc4c2
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
0
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2372
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Mon, 31 Jul 2023 13:24:28 GMT
Last-Modified
Mon, 24 Jul 2023 01:32:07 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
38 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-2.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 11:42:54 GMT
content-encoding
gzip
via
1.1 e2b0a27aa04ac38f2dd8101c26c9f6ae.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C2
age
6095
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
we6fB4K532Nk9EVTr8c_Wz0-Hzw8EOKg8Uc-uoISa-RcAVpwoTycKw==
esp.js
cdn.id5-sync.com/api/1.0/
102 KB
25 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
H9BC1ES5RWEWWYHP
age
1095
etag
W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ef6296f0deea977-SYD
x-amz-id-2
KlWUSfxDnSaJ83GABAuftQK+dytlFEk2u9ovPNCYdAQ1K6rV/UxY20fFt3udoQdZdbkk7iKAAfc=
close-white.png
www.itnews.com.au/images/
438 B
518 B
Image
General
Full URL
https://www.itnews.com.au/images/close-white.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.176.102.69 Melbourne, Australia, ASN38809 (VOCUS-VAS-AU Vocus Advanced Services, AU),
Reverse DNS
secure.nextmedia.com.au
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
702f0230b50a8bec8b8ed4268906179470e8088079cd0cca13c5d60578fc801e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/styles/css_1402e7e221099bd60efee7e259329369.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:27 GMT
last-modified
Mon, 24 Jul 2023 01:21:47 GMT
server
Microsoft-IIS/10.0
etag
"13ef2437cdbdd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
438
x-ua-compatible
IE=edge,chrome=1
ads
securepubads.g.doubleclick.net/gampad/
254 KB
49 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=510029157412000&correlator=3215299152018450&eid=31076567%2C31068826&output=ldjh&gdfp_req=1&vrg=202307260102&ptt=17&impl=fifs&iu_parts=1003277%2CiTnews-SuperLeaderboard%2CiTnews-Leaderboard%2CiTnews-MREC%2CiTnews-Button%2CiTnews-inRead%2CiTnews-Interstitial%2CiTnews-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F2%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=1000x100%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x100%2C728x90%2C1x1%2C640x480%2C1x1&ifi=1&adks=667020349%2C2669764438%2C1265387520%2C3406322226%2C2734568407%2C4122735841%2C3533778239%2C727088295%2C964912442&sfv=1-0-40&ists=1&prev_scp=%7Cpos%3Dtopb%7Cpos%3Dsto%7Cpos%3Dsto2%7C%7Cpos%3Dfooter%7C%7C%7C&cust_params=sec%3Dnews%26aid%3D598623%26cat%3Dsecurity%252Csecurity%252Ctechnology%26kwd%3Dbarracuda%252Ccisa%252Ccve20232868%252Cseaspy%252Csubmarine&sc=1&cookie_enabled=1&abxe=1&dt=1690809867964&lmt=1690809867&adxs=240%2C531%2C1044%2C1002%2C1002%2C240%2C256%2C-12245933%2C0&adys=234%2C80%2C557%2C3899%2C4179%2C4590%2C2390%2C-12245933%2C5351&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C-1%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&frm=20&vis=1&psz=1120x90%7C830x100%7C300x769%7C373x691%7C373x691%7C1120x90%7C740x1832%7C640x-1%7C1600x147&msz=1120x0%7C829x0%7C300x250%7C343x250%7C343x0%7C1120x90%7C740x0%7C0x-1%7C1600x0&fws=0%2C0%2C512%2C0%2C0%2C0%2C0%2C640%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=999544961.1690809867&ga_sid=1690809868&ga_hid=1866256029&ga_fc=true&dlt=1690809862796&idt=5107
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
a6c7ef7f77cfb90679d7e2b27c212f5452c4ec1d6f1f492b1ca7079e01f831d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50090
x-xss-protection
0
google-lineitem-id
6341548964,-1,5544015491,4353873355,-2,-1,4675091891,-2,6341548964
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138439238749,-1,138331790990,138204811071,-2,-1,138233473879,-2,138438581973
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itnews.com.au
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 850F
6 KB
3 KB
Document
General
Full URL
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:24:28 GMT
expires
Tue, 30 Jul 2024 13:24:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
prebid-server-aws.dianomi.com/ Frame B172
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-dianomi&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid-server-aws.dianomi.com/setuid?bidder=rubicon&uid=LKQWJGCQ-Z-IJX4&gdpr=0
86 B
472 B
Image
General
Full URL
https://prebid-server-aws.dianomi.com/setuid?bidder=rubicon&uid=LKQWJGCQ-Z-IJX4&gdpr=0
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Server
75.2.99.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad650e8bf3b65d665.awsglobalaccelerator.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 31 Jul 2023 13:24:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-server-aws.dianomi.com/setuid?bidder=rubicon&uid=LKQWJGCQ-Z-IJX4&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1245
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dianomi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
228576
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Jul 2023 21:54:52 GMT
expires
Sat, 27 Jul 2024 21:54:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102830131-1&cid=999544961.1690809867&jid=168809084&_u=YADAAEAAAAAAACAAI~&z=1922636343
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f105.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102830131-1&cid=999544961.1690809867&jid=168809084&_u=YADAAEAAAAAAACAAI~&z=1922636343
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recommendations.load.885ab6576d98e58fe91518733ccb84a2.js
c.disquscdn.com/next/recommendations/ Frame 88F4
923 B
1 KB
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.885ab6576d98e58fe91518733ccb84a2.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
af0d73c6aa0094b56a7b2e7fc9014047a15c9ef3aa9403a6e7a7ecf919a9a282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 24 Jul 2023 14:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 08244b1866fe32276ce5a76c3d8b5ec6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
601575
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
447
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Mon, 24 Jul 2023 13:43:23 GMT
server
nginx
etag
"64be7ffb-1bf"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
5_1hobNd9GE3cCDtaiReuTzNIYOFQCfvviTlNqDiWd36CSUGsweAYg==
expires
Tue, 23 Jul 2024 14:18:13 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 1245
37 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 04:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
31310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Jul 2024 04:42:39 GMT
usync.js
eus.rubiconproject.com/ Frame 163A
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.198.37 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-198-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7c477a41c984ea9041127149772459966705113ef9cf300f69f724374fc6cd6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 05:38:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58409
Connection
keep-alive
Content-Length
10114
Expires
Tue, 01 Aug 2023 05:37:57 GMT
common.bundle.3202c242c010134b5e230e1eedac257a.js
c.disquscdn.com/next/embed/ Frame FC39
280 KB
93 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.617b1d7777ec737a28f95e7268f17c68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
873393a05908a3a9edb8ae7dba2e6ab2cf902a99eb4f77428d35650ec6cd3cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 24 Jul 2023 14:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
601552
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94160
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 24 Jul 2023 13:43:23 GMT
server
nginx
etag
"64be7ffb-16fd0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
6AiXa6ZanXoFC3QMLJQAqNrou93yP6PjaTM3IwPb0tReifFH1K3WvQ==
expires
Tue, 23 Jul 2024 14:18:37 GMT
common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
c.disquscdn.com/next/recommendations/ Frame 88F4
262 KB
87 KB
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.885ab6576d98e58fe91518733ccb84a2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
3680185d688777bcfa7bb43dce7cfa2fe08c7802602a9a80f193458e751dc1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 24 Jul 2023 14:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
601550
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
88839
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 24 Jul 2023 13:43:23 GMT
server
nginx
etag
"64be7ffb-15b07"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
AhbEG20no4TDEux5jcmTRd26n8F0HCrHJBi4nhnZ7FcE7bzUV5MJsg==
expires
Tue, 23 Jul 2024 14:18:39 GMT
khaos.jpg
token.rubiconproject.com/ Frame 163A
284 B
933 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
increment
id5-sync.com/api/esp/
0
326 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.itnews.com.au
date
Mon, 31 Jul 2023 13:24:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/
235 B
696 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.22.200 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-22-200.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ec239f3e144525afebf0bbfdeea820e1e6e78497a8825167dafafe2757ef48dc

Request headers

Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.itnews.com.au
cache-control
no-cache
x-server
10.42.20.178
access-control-allow-credentials
true
content-length
235
expires
0
470261513615109
connect.facebook.net/signals/config/
379 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/470261513615109?v=2.9.119&r=stable
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
62ec5ad67eecd3fd555fe125955e0055f796d090de26684cafe5c00ff668fc86
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Jul 2023 13:24:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
O0xG3Tm+yxrt2cKlgMAeJKhQK0c/0ulrSzZWu8jJ496ruh8kJNgwIUcmRGIWHEBu09B9EoHjmRRtQqri3oaF2Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5F67
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP_c6go5dXmWjghziDu3wAyddwITQh5ff6f_5W0W1PxOzK5fkksx1CHTJnwIejLG2c2GBSvdS1jTusPE-a76ws0jTpGfvRBU21cR3h38cMpot5lO4LFUYj8jbJI_H3ZQMHru0hCli7mMNiLw-a9qxKMSHrrWONskl2OPH6FHdH6Br6OcHWpRSUksjo8k7pBNZHIPkVFsYtInB6B6BwCOPnGNpBat4oj6n_eUIvvLB92QuyUdYSlQKS9yB2ER8aqz81zHsBteoRgHQPbdbZM7t68OOjnOJ7WC6v6XcncIrnW8UQtwnN9Iu1-P3j6D3dv3OBTrkzN1evut6quxCXIGfSbbDS7EvlfmWFu-Lfqw&sai=AMfl-YR-G9THlx2vPR5h4QlaRo2vJtmnuZaAdje_guFG6iQ8yxME97RrJ1OnhmIKYUYQoF3sSRrJDptA-jyb7p5zFidjhhD8iVpZv7QmLH8eENQsAfAztqW7MPxZFnH_WQ&sig=Cg0ArKJSzB66Tw2z5ALNEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 5F67
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 06:56:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
23270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9132
x-xss-protection
0
server
cafe
etag
17712579318771444318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 06:56:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 5F67
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
80024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 15:10:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5F67
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:24:29 GMT
14523706426131975402
tpc.googlesyndication.com/simgad/ Frame 5F67
53 KB
53 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14523706426131975402
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
273068b738a5668178c25574c7c6dd4da0c34e9a21bf975f9785ee3f615cbc78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 05:27:49 GMT
x-content-type-options
nosniff
age
28600
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53932
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 07:52:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 30 Jul 2024 05:27:49 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307180709000/ Frame 7311
222 KB
62 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 00:11:00 GMT
age
306809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62064
x-xss-protection
0
server
sffe
etag
"7c75c6afffb97d84"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 00:11:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 7311
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 23:48:38 GMT
age
221751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5274
x-xss-protection
0
server
sffe
etag
"b24c5d555100d699"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 23:48:38 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 7311
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Jul 2023 03:58:00 GMT
age
206789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29021
x-xss-protection
0
server
sffe
etag
"908f04349b1b2df1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Jul 2024 03:58:00 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 7311
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 17:44:57 GMT
age
243572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
server
sffe
etag
"5416cfef676738bf"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 17:44:57 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 7311
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 10:25:11 GMT
age
269958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13013
x-xss-protection
0
server
sffe
etag
"4da616cd662b7cdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 10:25:11 GMT
truncated
/ Frame 7311
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7212542e7967f5ef41ea6e9ae228d5dd2abf12e368c91e6b5403088646bbb0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
container.html
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB31
6 KB
3 KB
Document
General
Full URL
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:24:29 GMT
expires
Tue, 30 Jul 2024 13:24:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 39F4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY22pS-S9JG895mBhULFABdTmO9r1bsNC8koNdTN-BK5ClbfQLGaT133dETPUtunBfDptOxblzPAKI_H46elxiptP9be0prqRhWvocOviTQK2WiUkKbWsDd3s1frrE8LGzeSAatNZ9CZWGb4CNEDqlpqkOy5VQa8oGgRCJ1WwAGeknlm6_tD9yz0EYQO_fFyzpGE0PJd-lGp_is42ofE3PYmDqoX3YlST-jQGD1EHSu0wzGjjI3_eekQG3eiAA9zI4kEjC8Mz4Tiez206Hu9NtgKgcqBv74NhlKIzaUaQu7QwXJxOn2Hr1Qyll07YBiRU5zpuVqFE&sai=AMfl-YTRnaxOq2UeZfknC1TR1OzoRnoC-fhgCe-zGShEzelrNAwV6rY9TXwhFdLn5vMXbXcHE_1u2nFhl7p39lqvIRvI_MoHM5znRShYHdDHKqUFzbbEjy64ABB59Zulpg&sig=Cg0ArKJSzGO9dLceN0AREAE&uach_m=[UACH]&adurl=
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 39F4
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 06:56:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
23270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9132
x-xss-protection
0
server
cafe
etag
17712579318771444318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 06:56:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 39F4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
80024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 15:10:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 39F4
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:24:29 GMT
3828096999314815856
tpc.googlesyndication.com/simgad/ Frame 39F4
44 KB
44 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3828096999314815856
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
d2407d80b3c0a2874bc1ed5a4f92b74ea9f2dad8f05662b5ee11c86fe6ba0443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44847
x-xss-protection
0
last-modified
Thu, 29 Jun 2017 02:16:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 30 Jul 2024 13:24:29 GMT
l
www.google.com/ads/measurement/ Frame 39F4
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhaaUtbT2qR9o8zVAhzSOD-7WL8HFovfAPgE6_VGFNLppA8Oo93ZZEA_ayNXgDANq29RxoD0c69nk1K3-Fl7u1eB-SzA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

container.html
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 55BB
6 KB
3 KB
Document
General
Full URL
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:24:29 GMT
expires
Tue, 30 Jul 2024 13:24:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 91E5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1O_e3enhfbjNgt7Q_jL9LFXy5VebjBWHmquzbbLKPRVgLRZlD21SMNf0b5muNV9r2pbVzNtT_nw04VH4Awi3NES0L0j5SdW5IuHVf2Y3TKNE93DH1q0A0Ghty24wqRr-26N0V8ZuhAGGuMwXojpzQxfUvA7gZ9kGZ2Fts_J86uiNX2G5vvxFqDxcejozdko5vCtbgdGrOShzC0LcZNyH7g9CR6BnY9ZOBaBGyUT3W7H1ZrgQ-vftNWC9Nt8OjSVUHMuYgxXYoTdWAqIKOgpmL4_5bxysth4X9mIpCJRyrH15TRN6DWDH8axMF3dYkASUNNexiog&sai=AMfl-YRjefb03hrRzFmykLKzPUxAsvVr02Mk0XVQ9jQSPlqP-qSoZWPis-n_S5C48fbkeOJEFX1nC94BSRudGMts6RtVIR_py-wFc08QHau7X5p4LAzVk65jIU9bR2QanQ&sig=Cg0ArKJSzDQVRVnOJEv_EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tag
a.teads.tv/page/84405/ Frame 91E5
2 KB
1 KB
Script
General
Full URL
https://a.teads.tv/page/84405/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.197.50 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-197-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f45a13a60901989d54f571c1ca7bf81ec213be82e6c109c9f0e3f4b2e43e06fa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:30 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
1021
expires
Mon, 31 Jul 2023 14:24:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 91E5
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:24:29 GMT
13310892769688393457
tpc.googlesyndication.com/simgad/
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjrC-kDi682pLbaDBd42B_pg9QIrkdE5xZ0OFcyTFYEzPDkb_xfbYv02VkKAx-oGTnNn7O3EjqSoEvS9sBdMipmbqj9kHBZ5CTX8qyoFC_6Lsmp87Qr8RvR1F5dtK5ypuLZqUEdfK35...
  • https://tpc.googlesyndication.com/simgad/13310892769688393457?
390 KB
390 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13310892769688393457?
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
700f84e5c8ed93fdad5dfdae22c3738620c334e8e6b54a086c7da39213c88ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 10:24:01 GMT
x-content-type-options
nosniff
age
97228
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398919
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 07:48:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 29 Jul 2024 10:24:01 GMT

Redirect headers

date
Mon, 31 Jul 2023 13:24:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://tpc.googlesyndication.com/simgad/13310892769688393457?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame BCCC
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06ce188197c1dcb511676374c58f7e43d48a23670a57b2df5273c8a64b4c4011

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
2997136221131739376
tpc.googlesyndication.com/simgad/ Frame 7311
17 KB
18 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2997136221131739376?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmaf-Z9F5KOoE0tCuJXfLho00a0oA
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
ca4807bcd016bde95f1a05b75fd42a6529ebdcc74b0a707f12c744d31100006a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 18:06:45 GMT
x-content-type-options
nosniff
age
69464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17868
x-xss-protection
0
last-modified
Thu, 18 May 2023 01:11:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 29 Jul 2024 18:06:45 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7311
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:35:09 GMT
x-content-type-options
nosniff
server
cafe
age
78560
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Mon, 31 Jul 2023 15:35:09 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7311
344 B
449 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 03:02:59 GMT
x-content-type-options
nosniff
server
cafe
age
37290
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 01 Aug 2023 03:02:59 GMT
l
www.google.com/ads/measurement/ Frame 7311
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdQnIVYX2C8dDjklQGccdx7rV_ZO02YNOEF7GXh2CVJSQXVxk5PpQgnlIncKZxxvjIHALnt7y1Sg2HwT2Q7OHJ9yOu4Q
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

truncated
/ Frame 5F67
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96ee574a42f0efa56b0af1506fa6121bebb61a9663f23cfd1aa692db8b2ed49a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 39F4
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9da526b4a236be36da21211a1ec0513a8f2430cd6a81a4d86f6c65e649ccf9d5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
setuid
server.prebid.dianomi.com/ Frame B172
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gd...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdp...
  • https://server.prebid.dianomi.com//setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1957d4be-979e-452a-ae57-d6fe2044618e
  • https://server.prebid.dianomi.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1957d4be-979e-452a-ae57-d6fe2044618e
86 B
576 B
Image
General
Full URL
https://server.prebid.dianomi.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1957d4be-979e-452a-ae57-d6fe2044618e
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Server
54.179.141.254 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-141-254.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Accept-Encoding, Origin
expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:29 GMT
vary
Accept-Encoding, Origin
content-type
text/html; charset=utf-8
location
/setuid?bidder=grid&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1957d4be-979e-452a-ae57-d6fe2044618e
cache-control
no-cache, no-store, must-revalidate
content-length
158
expires
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CB31
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 08:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
18602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jul 2024 08:14:27 GMT
contextfeed.js
www.dianomi.com/js/ Frame CB31
3 KB
2 KB
Script
General
Full URL
https://www.dianomi.com/js/contextfeed.js
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72cfcc19216942a43a64b5a9f36c1254aa4b0fa1eb9a41d0eb58faad9b3d316a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
23
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:41 GMT
server
cloudflare
etag
W/"db2-600ea785d36d0"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef629744eeea817-SYD
expires
Mon, 31 Jul 2023 13:26:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB31
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:24:29 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4D09
624 B
307 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGP-vp_EBMAE&v=APEucNWmED9bKOLAYEm4415XdmCb09yvHuG2x0RyfxRc1z18ltXmRPxCLqS31pJu6M_KesSWRdaXmTkosUOeciBYOQ_MNglI3g
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:24:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 55BB
85 KB
29 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:24:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55BB
42 B
110 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CtYQsJL3E9aUEqs2stqIKXbVLVIwV6DLPlJJSGq0idNisEz_8RqOXeNrbBe5cSkTMILCFjBOwQ3TQo4IJ9nuXr0Wvdb7vWaIurPIa34vTUDj8nZqI
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55BB
0
234 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2283257338822900995&x=1&ct=76
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 55BB
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
80024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 15:10:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 55BB
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 19:28:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
64541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8293
x-xss-protection
0
server
cafe
etag
11502554701003060455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 19:28:48 GMT
l
www.google.com/ads/measurement/ Frame 55BB
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5q83Giwejf4ufw4iPmvne6IIW5CxgATkrar_qn3TKIoHueBiW82ChHIaNXe-ImJcUw5Btn2_cZDnBqatllZFuxbTgUA
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 55BB
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:24:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5F67
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtUfUGPWwGLz6XLb9HU-PV5EJdaG77p7NhQ6DIr2B8GQ4ASIxj38zQ__cFHWlcSiFx0PfbuVkOXNsKGPtw5gfQ_addD2nzIe_JOnUk11rMByJKFyPS8c4IFUdEDX1kvsZ-3LAUvvGA_ZbqxlCO-dqWOCW9E9tspGzljEdE7gc-iiMtVQ6SquwXDzdDE2Pt5s-ugehBQJWccqMKkEE4OT0Ti7FhXeNghOV8iH9-YJy0uL1Ln5aS7A0hilWDF3cH_KxVa4TSeX0xTvC8djuqIn-l_NCwwZUwPnIzdw-nHVP67QWgsope8jILEJD8ULyFF9aBzUz5aaDo8Q3s_KZF_eOUNg&sai=AMfl-YSwxLWiRbzZWvmmTh2wrWDbZ0h8nbf5LhLLqf3meLRUcXzxX5XaRKr6jjSc8UCahr7skNdLTl-9O0-L5MjOf5wo6w_mCiW-ebZfTviXpUdejOACOej6HCCD1-MceA&sig=Cg0ArKJSzNp23yYD1i7fEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:24:30 GMT
rubicon
data.dianomi.com/frontend/ Frame 163A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&gdpr=0&gdpr_consent=&gdpr=0&khaos=LKQWJGWY-1K-JFZ
  • https://data.dianomi.com/frontend/rubicon?uid=LKQWJGWY-1K-JFZ&gdpr=0
68 B
267 B
Image
General
Full URL
https://data.dianomi.com/frontend/rubicon?uid=LKQWJGWY-1K-JFZ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
content-length
68
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7ef6297c8f6ea817-SYD
access-control-allow-headers
dianomi-force-dmp

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://data.dianomi.com/frontend/rubicon?uid=LKQWJGWY-1K-JFZ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
586918102853434
connect.facebook.net/signals/config/
377 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/586918102853434?v=2.9.119&r=stable
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
df76a49c4fc856c13b3999ac5324970e9636fe63f47813c934c5e67b13911107
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 31 Jul 2023 13:24:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Vnu1B8x0izBcYGaoNBVdHBWXQsKIueT9Up47Khsq7qIxDFeXVfL4IbKy+BWzWneuo/YePqnAQW+vuKDnQr8PNg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ Frame 91E5
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64a5458e13eb37d9343ed6306a0305869a6b587b152ae7f06d096e321fd3c851

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 163A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtRV0pHV1ktMUstSkZa&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIKzEQT1EcxCabnIzObhpeE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtRV0pHV1ktMUstSkZa&google_push=&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtRV0pHV1ktMUstSkZa&google_push=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtRV0pHV1ktMUstSkZa&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 163A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3YPSL3QcRCS5RWcJBqbABw&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3YPSL3QcRCS5RWcJBqbABw&gdpr=0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3YPSL3QcRCS5RWcJBqbABw&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:24:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MYY96BVCRC4BX4G6NR0Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3YPSL3QcRCS5RWcJBqbABw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 163A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDk8nj1DP4ZjKw5XL_-zx-A&google_cver=1
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDk8nj1DP4ZjKw5XL_-zx-A&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDk8nj1DP4ZjKw5XL_-zx-A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 163A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4d0cf414-2ced-4741-b71b-743c460b82a3&gdpr=0&gdpr_consent=&expires=30
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4d0cf414-2ced-4741-b71b-743c460b82a3&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4d0cf414-2ced-4741-b71b-743c460b82a3&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 163A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzIxMjExOGJmOTFjZGExNTQyYTg2ZDIwMDUwNTk4ODk2ZGY5MzZiYQ&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzIxMjExOGJmOTFjZGExNTQyYTg2ZDIwMDUwNTk4ODk2ZGY5MzZiYQ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzIxMjExOGJmOTFjZGExNTQyYTg2ZDIwMDUwNTk4ODk2ZGY5MzZiYQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 163A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKQWJGWY-1K-JFZ&gdpr=0
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKQWJGWY-1K-JFZ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:30 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E1317F9C85384E189EF72249B44A1384 Ref B: SYD03EDGE0916 Ref C: 2023-07-31T13:24:30Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYByFm2SzUBtuAsYRbXlQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKQWJGWY-1K-JFZ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 163A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=c6tNbrwyQZaYN9GhRH2JDg&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c6tNbrwyQZaYN9GhRH2JDg&gdpr=0
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c6tNbrwyQZaYN9GhRH2JDg&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:24:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3CKMX5KASYR91HXF7H9E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c6tNbrwyQZaYN9GhRH2JDg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 163A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/upySM7-OY_WcRfd0KcwkZA?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VhmuEQhE2oJi2iZoD3V9YnIxllaiK6c2o77e8Q--~A
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VhmuEQhE2oJi2iZoD3V9YnIxllaiK6c2o77e8Q--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 31 Jul 2023 13:24:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VhmuEQhE2oJi2iZoD3V9YnIxllaiK6c2o77e8Q--~A
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 4D09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8GPF8EWN72i2rqo8Me8rc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8GPF8EWN72i2rqo8Me8rc&google_cver=1&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8GPF8EWN72i2rqo8Me8rc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGP-vp_EBMAE&v=APEucNWmED9bKOLAYEm4415XdmCb09yvHuG2x0RyfxRc1z18ltXmRPxCLqS31pJu6M_KesSWRdaXmTkosUOeciBYOQ_MNglI3g
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:24:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:24:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEC8GPF8EWN72i2rqo8Me8rc&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 4D09
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMe2DpEzLhZgPK4TL0aaxAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8GPF8EWN72i2rqo8Me8rc&google_cver=1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8GPF8EWN72i2rqo8Me8rc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGP-vp_EBMAE&v=APEucNWmED9bKOLAYEm4415XdmCb09yvHuG2x0RyfxRc1z18ltXmRPxCLqS31pJu6M_KesSWRdaXmTkosUOeciBYOQ_MNglI3g
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jul 2023 13:24:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8GPF8EWN72i2rqo8Me8rc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 4D09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL_pQFXhszoIyg2qta-FB1E&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL_pQFXhszoIyg2qta-FB1E%26google_cver%3D1
43 B
891 B
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL_pQFXhszoIyg2qta-FB1E%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGP-vp_EBMAE&v=APEucNWmED9bKOLAYEm4415XdmCb09yvHuG2x0RyfxRc1z18ltXmRPxCLqS31pJu6M_KesSWRdaXmTkosUOeciBYOQ_MNglI3g
Protocol
H2
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
an-x-request-uuid
c8fca2a7-62ac-4328-8597-d3ecec5f220e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.166; 66.203.112.166; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
an-x-request-uuid
734665d9-32d5-4d85-8fe6-77230cffaacf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL_pQFXhszoIyg2qta-FB1E%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.166; 66.203.112.166; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D09
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA0MTQzOTc4MTU3OTQ0NDU3MA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA0MTQzOTc4MTU3OTQ0NDU3MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGP-vp_EBMAE&v=APEucNWmED9bKOLAYEm4415XdmCb09yvHuG2x0RyfxRc1z18ltXmRPxCLqS31pJu6M_KesSWRdaXmTkosUOeciBYOQ_MNglI3g
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
an-x-request-uuid
e402ddd3-9fe7-4937-8f08-153704c9d716
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA0MTQzOTc4MTU3OTQ0NDU3MA%3D%3D
x-proxy-origin
66.203.112.166; 66.203.112.166; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1245
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_hTZC7bHZKaoCpKDrtoPjfmB8AQAAAAAOAHgBAI&bg=!ExClEETNAAZGOVy5Zjk7ADkAdvg8Wq3xSLfApKc1pDo9bhcNAw1LVYiMRfjgQN2qIbr7jBVkfyPaw-0wzJgb1HN_yioZ2QSEJUgCAAAA-FIAAAA0aAEHmQLb0BYNOGoT15w_2HeYIfz1EuIWeRwBxPxOGbwEF9OzE_GpWpe0pXsxNmAuRv6cklYHcUNv1srlb7BmBN7im-6ivPoxlEXE9WgTfcDQbV-Fcr8gKZm5UzW15Zp53hLieMpX-CocswEirGwkL0Yk1nRfZ2h7FvyL0CMIdaO-b2tNzO_Lk5aynInInHi93UZP0xp4edvXizi-TBQEF2_lrgDqg-CD81GPSm0yUtdVTIGX63UAAvWLjRLT1SMDiVkxzzZT2qYYNz7TrM1LSqvrb0EuLFv_5p0JkL89npd4Vv-HPi7uTm74kKqvBv7QxFHyJrkQ8CrvYKfJmvJyqpkUCyEaCjO7E0GbmdFxjFgp64r9EdW0smU_Q8K-vHn2bsxb4L26oHly1l7HCIkOThLu13JhM5ew0ObvcnGx6U9pAzRakjgD5SHbnd__GO1_sGeg5tPsXABqQwO_ul7DdYkopi186P8sQMA5OdvQ824B9OUrhp2gfRmuI6mI0EFwEL-H36kHf0ELSG-SjlgwrTBztIZpnH7XAqzPr-IiVjz_Wlrnsa-NGcAX0QrQXeCHD5wfYOW2wumgvxsEICplTBhmZnP19hHEFILAl_Lp4lMKkb-Dqrr9A5bI_NGdA9Q8YYKecbqzRiQz7ac6sFntnx6JCBPqKolt9VsaNRFeoGsBr0q8NR9PkBvJeS8e0C4rnGG6z-GYReWxCWjDsV0E0kqj3JQNbOoa7Wk04XoEqtJW7BdYIat40282g2H3QXpRdfJhiUGyRgefzNNf1G3r7bq-YhnbG1Ejy2lqT0zPbjGtcpb3921rhBQ9_V1JDNBlGkb0BmpsdORlErwq76AptHK2YmF9NhsCKYsJdRylKBHJhIwnqmKLRhvdgsZRqLRTtUmJVzAWxYH9ioIqNE9PYAha-iwgBKwr11p8G-wfqVvddpNqc3eVPkRgD6AALZlssrBKbwAO9v_EUGD4rxogotc
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lounge.dbc47866f009f9d6f1556cd58214d9a3.css
c.disquscdn.com/next/embed/styles/ Frame FC39
233 KB
33 KB
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 07 Jun 2023 13:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
4663872
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
33282
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 01 Jun 2023 09:36:56 GMT
server
nginx
etag
"647866b8-8202"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
tEcFrEXJ6rBTsHqNBS8FE20kzoOCLonRz6TuOZKWHP6SIH00mu-4kw==
expires
Thu, 06 Jun 2024 13:53:17 GMT
lounge.bundle.8d43781db1026e9c55a26282e41175e4.js
c.disquscdn.com/next/embed/ Frame FC39
513 KB
129 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.8d43781db1026e9c55a26282e41175e4.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
dd678abe4206125f55c6db17aabe17aaabe8daa1b4b168ec17ca1c391791e731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 06 Jul 2023 17:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
2144598
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
130979
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 06 Jul 2023 17:36:25 GMT
server
nginx
etag
"64a6fb99-1ffa3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
2bkTRNV9xNWB8hxYhsTYxI4zOhPqIRqsjS64tjyES2fvxeZayuMSag==
expires
Fri, 05 Jul 2024 17:41:11 GMT
config.js
disqus.com/next/ Frame FC39
18 KB
19 KB
Script
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
639b382082c552d87856ae001e41e15fd0a2c0f14fe14da03f0523fd43840bae
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:29 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
33
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
18726
X-XSS-Protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55BB
0
47 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7322855175984&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55BB
0
47 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7322855175984&version=m202306200101&ct=76&x=1&cor=2283257338822901000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 55BB
87 KB
36 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyeSIsnYb9ovslXw2hRA145npZLrywJX1yngqcUcCRKu0bVWZ3pWLbIcQFCY1XefebxyvKiOh6ysssetob3kZRSECjYg&cry=1&dbm_d=AKAmf-CGTltL6GaEMV9kzYiF1GF0Tdz3ZBMTp7VlraUMwauryiPPspseEAkmwm4Fq6Bn4nPElhycagBzpg_14GxjahdcdvW8uLbEB4KcErg84Vhq3s2xh35-XV9_3Y64Wp27UjlRrxbBGlMPbOHyIS3loxT4nPOZpywU3ltbV8WqXeIHSwFkideEkbDjlRQGMMX0rDt5W_lCx8yZqFb1mdG5bUyMwTMPHTwjVtAXk_IuC7lg5O6hyZG-0d1DRa1hJraGV6-gH_ttUh5jOjoks1ui4vjf707zElZL537D7pSmi0tXaZylzD7QyMqibLfcnN4gdX5YuUXcgWAK1uflBqrW7hBJzxBziUpQMFCWhX2Iy3woRzzibY9W2gPlbJ5VD_xPg6vEqBtYNpO0K05MDKL8Xq5krpzv6AM9x-Z4OKXbqU1JA9nl1M6ziDEr8zUvZaRIIJyNMyqL_j_B1TEo0LsMGdla19uyjmlmumfda5Pid-nTyBDJGgLz1KyEeDDfDdL-XAgTHOxf4GhxdxKAjqyE0xkWUC9zri9a-awEG8NUEvah_QyG_j8OEWAIu_64RIN17rhYfaVdcW8yz17PAnZF8WxvjiPwfSn6scmE2EV1UgUfvLpgxbpjCSsAWh0wINdSXv_GcuEP_HGs4Efy0HNslpaleirfuvZNs9daFOlwG8AsSs2cFJVpyqWvocV5uYcZuaz1wg274C_nvAxbyaQ-2XKo1XKh0AYpWQHZcrY--5t99rggvc3t5Cze6_ApfpMdVCTLOZmh8d6wDkhi_qcFYi4CQdupXpgpd9obzEWprpZrCCtrzCk1DfRxUYMWkBhl1VdKQZdae_VN6TJwTWiiNrr5pGGysmcCPs1i_qZqvKG3ING7A-g2y8q-TtjFHe5BmgKLnR1jmDKHFY3AiKfaYHl83yTX7Vxu5e-rDDzdLdT3_jdb3WpYijOpYsNQBbwFxjShw3gjZN8OMwuwnCmxK9jDFt9DaR2dm8cTtMFZO_yMjg8pUgp8FJ0MivGEUWN0UPEH0i8MXxE4iRAkqnsP5iNQvJTkO4I9_dQgVojrBrx2KR44TDaAyHxhLU9qvYFK9CPJp6QTWp7pgIN0h53Z32HrAYKLn0uPSDf8u-tOOnpQM_TAvsAjsTYKTrCAzxLMy94We2CHjTreJVqWFsHt1flUI1PNhFoHz7XoJ74pLbdOj0tSCWuYo28uZfKkSFA4JLBAHkUYMs7nTfimWkXQ-sxTxGY-I6D1elZNtpx1clpUPsvektGidNlST0tmnJ0uw5_Qy6P0O8aL5XOSdgW28XtGuAKo0cxAnXcedSnYrceOhPfGY_IadKXfeqzhdEw0--fXUWFbBNBBWSKW27_M30Qe-IdZm7dXyd4UlJw_rLg31J4zM6qEFXH2b3Vgk_nVukn_N2-SAHIeCmKQchvZpHD-vcGqu33oFkwx_DBiX3sVrDwslIqRCfjjJ8fZQed0q9guJi1GWnWwIGp8Q8xYoozFtIquwEuOIP_5RiHdl6RTQZlVsSVeFT1R3Sq7DpsIRPolRC4aHWqSYhn_ww400tqmByggTleoiri1DnlCEQnOugc9Imh--VDWkVYHNWx0qyb9dTfAUhKrRYsvynK1gDceJOkeGN_Z3tpP4EbSvrYginQEadTMiaN4Yxvu-iG8d6oZyzz7QM_8aWNC6ijiO1QOmh8rffF9kPVWtml8A-PhoofsVQW2mjBYQhCTxAeJTR2DSxeRc8Y3it9Fh0fs5kxQIn9WCvATmjNZ6qDSak7bhN_BsXQ63AUHfcrOgjReLOfTuz068nIORrc9QU1_GPoGRsnYwUMquF2fB3CqVv-F1tn9AFJ-OaQZBUfEnXJ1qeymxcbuktAEFjISjQql431vmjMTREvc4tFaRJ3gpES5soC3-QyG9Rlcyh7sUCbGaW4QcEtoOxa5OLBWyA08iRS7-xu-GKQGwX0g_5ZkZ7JSNprRNM9tHp7dRsZroVLuun_Bs7vGAKAuTeG4mCe7sJ-V2QV7Pz-OW9ExHEBS5JSG84hCgBWRetob3xgM6vtI3S5MqnZGPblHuaWs1rHpzz-aDaMcgw_Qef56Hb4bc7vgyiOlx65xRU7uzdK4EErC2Tix8NkJZVZ4ctum2CwK0R73DV161_mk7vqTlyEZ5Z21zNyBJ4R_yxt0fOUq_8tA6_h_9Lzs8vBcNENbPvIr0Ajo_NAdhEuDQAy1SQs6N9D4CJ_UspZPlKDwzmiAhH5FxLSPz9EtU3Ws1ZeuccQDponLov23ZeSQVUZ5fRFqAs1eqHeBPkLaTCknwCKDP5XRByExqf1q9f0Eq2-AVKzvLFvfGOZlvboHMrhFmyuXkH5qA_gMMui0j4LwN_-AWW_JFNc-36ZgfSXkubtnH8LdIQ6mAfT-jdKwSb6XdjPyQ1z61vbG4Ab-7GDDlV1aL0O8m9FgsaKBvdWge28tzF8sI8KrY_sgQXatV37jMrdt4WVHHZOSH69Q-_2OPLsvSvt1GeXIFP9tr_o92L8v8oMRy9eaZmsUe8eipIsugIVbTGd1TqfMSDogHFeiiTkxeH-2ETGOvgEYa2SLdJulwJvIuK5XufAXrugNlJ5pZLttyal83cw9rexHxFLy0Do0EyTIadzkSBll1xHcSSmrcQcq3weJ9887dixdnoxxuF6c3oYvprmghc7LmkSz3lZoWi572dv6l6-pnVB2ZKaPtoBBUKNSIR6EVOqEQuC_KC8d3tJJUA6zmhoHbfN36H1ZOxkS2EbEHMg5tKWYOOkGkk676-b-I98kK61lt8hdpKTcQrU2aXG8dKlpWla2K8CwdKtzXzRFVW9sWm7YzvV18ayzJ1VvfnjhFc1vYLvRNPPXwz3gbCLTX--FdfpoQYWUWKdjRNeJWGKQxNypWfV0PcXlmwv91BIB6YZ3SvY8LHXi9XQPVKhsWFJf7ELuvCF_tUmNwHssxb8UB6tfTdWQoiMN0re3LSGj3kaVKh5ga_Lx3XDpsSfEn-UlOx5WqpE6BbE74xP1QonMlt68-5EZIYoeYAKUszIVviFT8OnaN9tfDja4hChHVIvG6iR7c2n5PAjfRxYGj6-HFpRVX9XJb4oGzOt6J8v9P9LBIRo3c7e9AD07VMEDeR9e2Dhdzl-yJ3o6S8rssA3IlNxQo-IEQwUfG_oyJnEtJXeNRdjdyA346ONmFt58gFutCTpnjsO9c8KWU_TWPDMX9EZ1Dq9DtVOCvVYsKbbFPO1cFFJsREGK1jeB48dqvencfSsct8FbdpEbE5JC9tkoQfVM-KPWnvZ0zZulAqnl_yU6sE4CSgq4T7yD6TEX--8M8I-BqiERsT3Qo5YnatVPahRliFnUZpD6e14VIy1PmCZmHZGFQpOsWIOETAeoPHmX0N3sUaz3K841dNZu68bfQ2RBKD2CdGrmkZThdk6gpDHIayDJhhcxwqEnmcKNuc2X8A0Tlvzh5yRCiZSye8Rj&cid=CAQSOwBpAlJWFKq6XUmPx-OAiRgbsNp9j1cNhohTj51OMC7lcl-ioL2A3o6iSy3kVpamzxM9RG7ekfUwcxuXGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.itnews.com.au%2F&ds=l&xdt=1&iif=1&cor=2283257338822901000&adk=4188270525&idt=299&cac=0&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
83507e066ed9b2c205d42eceeb21a08fdccd3a031c1c8a462d029873a18e5b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37164
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 39F4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOfkc63iuCHf-9D-XgZ6f1Ld1TaJUXnG1h0vkimiFMhxvp9c1d3P4-_c_aMI3xvZgtE56JvakvHiBQRPDTHyHZduX0a_OZKoNPkLo06qI7aFTHrl0ihMjNqYJYL8x5C8X2yZyJUWsjaXf28T91uVT-zp704auGnGUKXdpyKqj1yGh8-zm6JuwMx_Q3Lbs2es7y-hKbeAivBCkXNPH1rTeYrfh08bxATPjr928-sMy931vqnxIMGXg8s3a1J-udIKSfa5YZcbCtxzuwfJ39D2YQ_WL7V5LJioaqA8XgRiuHa8VL5E6tAyQZ0Q9WK3fip2AJAZkdu6vdtA&sai=AMfl-YT9xy1_JExozzwN4_HztbGW0Z3f-g6SAUEsZS4SZgUZ5J127Zlz8OT4Ir5geWVFc8YfJdLQHFYoJN4X-iSnW5j0YMEI_XK7CntARDa80Of8ItaxbVKqXd4iydSbAg&sig=Cg0ArKJSzLxJweYdCcg5EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:24:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CB31
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2XwcPiLGlQuqCogJOE_34EM4gPn3vwJKW8SryKE_Mk3XfCCD1ytML8OTMV1hs6r9EhTp_3RjJUbDkdy-Wo4dW2iWYt6-g5pfsxudeo3e1NcmW727DUo1It3Dwsn-hKiPkVFa4U72lkl7OD7I2c1a-mr0O9Z6SgeTJsa0erK6n_s-pfG2FyqyCv7Ec858OUriW_xoXjBbTdoBdGE-3wrKjLJn7ch6vfVqJEYUVXQl-fK5YJ9QmVrDOxmLewon_KXq15owefnENxk6lgwrhlRnkxoWd06FIh9DF7T8T5eAhzpnEj2FVqhMXASoLNa3pG6RcqhccqZG2bxPCr99ja7WYMA&sai=AMfl-YStufQuFF0rXo3pXJK8eYzYxpRp1dQvBK1fgDkL6ePm10DtZkylPe1f-HxvudbxMQzb7BI6IGpNBM-jXDt-ilzERB3yZgAH3vkvEOXoH4X9ca_gBZbVNjw4r89DyA&sig=Cg0ArKJSzDPREvYEdlhiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame CB31
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f28ff6dcc15a4847a4ab98dccde040abeac15059992ba17d6781dd8d20758aa3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
contextfeed-frame.js
www.dianomi.com/js/contextfeed/ Frame 5DEA
91 KB
27 KB
Script
General
Full URL
https://www.dianomi.com/js/contextfeed/contextfeed-frame.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c99a09e4f01cab98d0e63c5efca84025dcaa98a8ad96306e8cb142ced9d723a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:29 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
48
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:40 GMT
server
cloudflare
etag
W/"16d0e-600ea784c6a08"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef62976f994a817-SYD
expires
Mon, 31 Jul 2023 13:26:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CB31
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLC4rpeHkSjXX99qHhA_bbngl9LivvLDUnfQ5r96pGIi13y_J48OtBuPZnyBk5QSgY8bs6tUYzav9Mlx-_BxBpHFnk7Zdj9Hpg7lbckltglxspuD4dq5lbLTVt-W9hWUvcDZLKEsokRdp8NQ8cO3iq7q7SAdcWg_9x-tv25xtTjUIDKSL2CN5uSVZw34yIq5RJ9gm5uqyUs4LfH7uv1jfkBD18eSiN-rUJSdcUe_RaCG5hbr6w7klYff5UBL7H2h0GfYrgPCOXHsaAbceUUzhqPCGwgodKDY9mG1TArzF7r0kxWinvZSqZD6TL4NNQa6a-0oxNiA&sai=AMfl-YSioSQ3o2Xj3oWPCUVYhf8B3WBjAhorMbmoL877Ro00LtKY216DbsTMjlZtNysqpDpTvEda6Z3LNJn3v1Wx3gKaJL1UfXQmZ29Xdga-ZBlm6devfHReE29GJnGvYw&sig=Cg0ArKJSzClNjc3aFSrtEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:24:30 GMT
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 88F4
14 KB
3 KB
Stylesheet
General
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 14 Jun 2023 20:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
4034753
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2968
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 13 Jun 2023 13:52:02 GMT
server
nginx
etag
"64887482-b98"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
DBrbJd4AbmsX9OL68d8qSuZDwSh4hLVNC06n4l5IHu-ozDPw53u3Xg==
expires
Thu, 13 Jun 2024 20:38:36 GMT
recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js
c.disquscdn.com/next/recommendations/ Frame 88F4
65 KB
20 KB
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 12 Jun 2023 18:18:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
4215975
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
20326
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 07 Jun 2023 16:22:19 GMT
server
nginx
etag
"6480aebb-4f66"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
uVqoqcsxxvTpaMHYBgF-f4LF8vRypUIMM_DF8IpKTxhklUKW7QO7VQ==
expires
Tue, 11 Jun 2024 18:18:14 GMT
config.js
disqus.com/next/ Frame 88F4
18 KB
19 KB
Script
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
639b382082c552d87856ae001e41e15fd0a2c0f14fe14da03f0523fd43840bae
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:30 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
33
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
18726
X-XSS-Protection
1; mode=block
context.pl
www.dianomi.com/cgi-bin/ Frame 5DEA
513 B
490 B
Fetch
General
Full URL
https://www.dianomi.com/cgi-bin/context.pl?id=318&h=db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com&url=https%3A%2F%2Fdb5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/contextfeed-frame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1315ccd285b096547a210a871de6ae0d83e96bb55e48e0e6d9b1bbdf914ca30e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:30 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/json; charset=ISO-8859-1
access-control-allow-origin
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
cache-control
no-store
access-control-allow-credentials
true
cf-ray
7ef62977db38a817-SYD
x-xss-protection
1; mode=block
details
disqus.com/api/3.0/forums/ Frame FC39
3 KB
4 KB
XHR
General
Full URL
https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4852446e73df08adca2732771f6823a5db5657d72a420f0d433dd9dd9710a1a9
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:30 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3193
X-XSS-Protection
1; mode=block
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=991594294528179&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&rl=&if=false&ts=1690809870158&sw=1600&sh=1200&v=2.9.119&r=stable&ec=0&o=30&fbp=fb.2.1690809870155.699122907&cs_est=true&it=1690809866836&coo=false&exp=a0&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 13:24:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=470261513615109&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&rl=&if=false&ts=1690809870162&cd[currency]=AUD&sw=1600&sh=1200&v=2.9.119&r=stable&ec=1&o=30&fbp=fb.2.1690809870155.699122907&cs_est=true&est_source=248881786549407&it=1690809866836&coo=false&es=automatic&tm=3&exp=a0&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 13:24:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=470261513615109&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&rl=&if=false&ts=1690809870162&sw=1600&sh=1200&v=2.9.119&r=stable&ec=0&o=30&fbp=fb.2.1690809870155.699122907&cs_est=true&it=1690809866836&coo=false&exp=a0&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 13:24:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=586918102853434&ev=PageView&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&rl=&if=false&ts=1690809870178&sw=1600&sh=1200&v=2.9.119&r=stable&ec=0&o=30&fbp=fb.2.1690809870155.699122907&cs_est=true&it=1690809866836&coo=false&exp=a0&rqm=GET
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 13:24:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
magnite
prebid.a-mo.net/setuid/ Frame B172
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&us_privacy=&cb=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34%26bidder%...
  • https://prebid.a-mo.net/cchain/0/4033?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34&bidder=appnexus&cbx=aHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1a...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUM5MzdDNTgtMDA3My00MDk2LTlERjItMjhBRTQ3ODA3MzVE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b...
  • https://prebid.a-mo.net/cchain/1/4033?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34&bidder=pubmatic&cbx=aHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1a...
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2...
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2...
  • https://prebid.a-mo.net/cchain/4/4033?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34&bidder=sovrn&cbx=aHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_...
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2-dfd9-4af...
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D2e3d02b2-dfd9-4af...
  • https://prebid.a-mo.net/cchain/5/4033?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34&bidder=openx&cbx=aHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1aWQ_...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F4033%3Fgdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_pr...
  • https://prebid.a-mo.net/cchain/6/4033?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34&bidder=index_rtb&cbx=aHR0cHM6Ly9zZXJ2ZXIucHJlYmlkLmRpYW5vbWkuY29tLy9zZXR1...
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=LKQWJGWY-1K-JFZ&gdpr=0
0
147 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LKQWJGWY-1K-JFZ&gdpr=0
Protocol
H2
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LKQWJGWY-1K-JFZ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 55BB
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
Origin
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 19:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 31 Jul 2023 19:58:37 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame 55BB
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyeSIsnYb9ovslXw2hRA145npZLrywJX1yngqcUcCRKu0bVWZ3pWLbIcQFCY1XefebxyvKiOh6ysssetob3kZRSECjYg&cry=1&dbm_d=AKAmf-CGTltL6GaEMV9kzYiF1GF0Tdz3ZBMTp7VlraUMwauryiPPspseEAkmwm4Fq6Bn4nPElhycagBzpg_14GxjahdcdvW8uLbEB4KcErg84Vhq3s2xh35-XV9_3Y64Wp27UjlRrxbBGlMPbOHyIS3loxT4nPOZpywU3ltbV8WqXeIHSwFkideEkbDjlRQGMMX0rDt5W_lCx8yZqFb1mdG5bUyMwTMPHTwjVtAXk_IuC7lg5O6hyZG-0d1DRa1hJraGV6-gH_ttUh5jOjoks1ui4vjf707zElZL537D7pSmi0tXaZylzD7QyMqibLfcnN4gdX5YuUXcgWAK1uflBqrW7hBJzxBziUpQMFCWhX2Iy3woRzzibY9W2gPlbJ5VD_xPg6vEqBtYNpO0K05MDKL8Xq5krpzv6AM9x-Z4OKXbqU1JA9nl1M6ziDEr8zUvZaRIIJyNMyqL_j_B1TEo0LsMGdla19uyjmlmumfda5Pid-nTyBDJGgLz1KyEeDDfDdL-XAgTHOxf4GhxdxKAjqyE0xkWUC9zri9a-awEG8NUEvah_QyG_j8OEWAIu_64RIN17rhYfaVdcW8yz17PAnZF8WxvjiPwfSn6scmE2EV1UgUfvLpgxbpjCSsAWh0wINdSXv_GcuEP_HGs4Efy0HNslpaleirfuvZNs9daFOlwG8AsSs2cFJVpyqWvocV5uYcZuaz1wg274C_nvAxbyaQ-2XKo1XKh0AYpWQHZcrY--5t99rggvc3t5Cze6_ApfpMdVCTLOZmh8d6wDkhi_qcFYi4CQdupXpgpd9obzEWprpZrCCtrzCk1DfRxUYMWkBhl1VdKQZdae_VN6TJwTWiiNrr5pGGysmcCPs1i_qZqvKG3ING7A-g2y8q-TtjFHe5BmgKLnR1jmDKHFY3AiKfaYHl83yTX7Vxu5e-rDDzdLdT3_jdb3WpYijOpYsNQBbwFxjShw3gjZN8OMwuwnCmxK9jDFt9DaR2dm8cTtMFZO_yMjg8pUgp8FJ0MivGEUWN0UPEH0i8MXxE4iRAkqnsP5iNQvJTkO4I9_dQgVojrBrx2KR44TDaAyHxhLU9qvYFK9CPJp6QTWp7pgIN0h53Z32HrAYKLn0uPSDf8u-tOOnpQM_TAvsAjsTYKTrCAzxLMy94We2CHjTreJVqWFsHt1flUI1PNhFoHz7XoJ74pLbdOj0tSCWuYo28uZfKkSFA4JLBAHkUYMs7nTfimWkXQ-sxTxGY-I6D1elZNtpx1clpUPsvektGidNlST0tmnJ0uw5_Qy6P0O8aL5XOSdgW28XtGuAKo0cxAnXcedSnYrceOhPfGY_IadKXfeqzhdEw0--fXUWFbBNBBWSKW27_M30Qe-IdZm7dXyd4UlJw_rLg31J4zM6qEFXH2b3Vgk_nVukn_N2-SAHIeCmKQchvZpHD-vcGqu33oFkwx_DBiX3sVrDwslIqRCfjjJ8fZQed0q9guJi1GWnWwIGp8Q8xYoozFtIquwEuOIP_5RiHdl6RTQZlVsSVeFT1R3Sq7DpsIRPolRC4aHWqSYhn_ww400tqmByggTleoiri1DnlCEQnOugc9Imh--VDWkVYHNWx0qyb9dTfAUhKrRYsvynK1gDceJOkeGN_Z3tpP4EbSvrYginQEadTMiaN4Yxvu-iG8d6oZyzz7QM_8aWNC6ijiO1QOmh8rffF9kPVWtml8A-PhoofsVQW2mjBYQhCTxAeJTR2DSxeRc8Y3it9Fh0fs5kxQIn9WCvATmjNZ6qDSak7bhN_BsXQ63AUHfcrOgjReLOfTuz068nIORrc9QU1_GPoGRsnYwUMquF2fB3CqVv-F1tn9AFJ-OaQZBUfEnXJ1qeymxcbuktAEFjISjQql431vmjMTREvc4tFaRJ3gpES5soC3-QyG9Rlcyh7sUCbGaW4QcEtoOxa5OLBWyA08iRS7-xu-GKQGwX0g_5ZkZ7JSNprRNM9tHp7dRsZroVLuun_Bs7vGAKAuTeG4mCe7sJ-V2QV7Pz-OW9ExHEBS5JSG84hCgBWRetob3xgM6vtI3S5MqnZGPblHuaWs1rHpzz-aDaMcgw_Qef56Hb4bc7vgyiOlx65xRU7uzdK4EErC2Tix8NkJZVZ4ctum2CwK0R73DV161_mk7vqTlyEZ5Z21zNyBJ4R_yxt0fOUq_8tA6_h_9Lzs8vBcNENbPvIr0Ajo_NAdhEuDQAy1SQs6N9D4CJ_UspZPlKDwzmiAhH5FxLSPz9EtU3Ws1ZeuccQDponLov23ZeSQVUZ5fRFqAs1eqHeBPkLaTCknwCKDP5XRByExqf1q9f0Eq2-AVKzvLFvfGOZlvboHMrhFmyuXkH5qA_gMMui0j4LwN_-AWW_JFNc-36ZgfSXkubtnH8LdIQ6mAfT-jdKwSb6XdjPyQ1z61vbG4Ab-7GDDlV1aL0O8m9FgsaKBvdWge28tzF8sI8KrY_sgQXatV37jMrdt4WVHHZOSH69Q-_2OPLsvSvt1GeXIFP9tr_o92L8v8oMRy9eaZmsUe8eipIsugIVbTGd1TqfMSDogHFeiiTkxeH-2ETGOvgEYa2SLdJulwJvIuK5XufAXrugNlJ5pZLttyal83cw9rexHxFLy0Do0EyTIadzkSBll1xHcSSmrcQcq3weJ9887dixdnoxxuF6c3oYvprmghc7LmkSz3lZoWi572dv6l6-pnVB2ZKaPtoBBUKNSIR6EVOqEQuC_KC8d3tJJUA6zmhoHbfN36H1ZOxkS2EbEHMg5tKWYOOkGkk676-b-I98kK61lt8hdpKTcQrU2aXG8dKlpWla2K8CwdKtzXzRFVW9sWm7YzvV18ayzJ1VvfnjhFc1vYLvRNPPXwz3gbCLTX--FdfpoQYWUWKdjRNeJWGKQxNypWfV0PcXlmwv91BIB6YZ3SvY8LHXi9XQPVKhsWFJf7ELuvCF_tUmNwHssxb8UB6tfTdWQoiMN0re3LSGj3kaVKh5ga_Lx3XDpsSfEn-UlOx5WqpE6BbE74xP1QonMlt68-5EZIYoeYAKUszIVviFT8OnaN9tfDja4hChHVIvG6iR7c2n5PAjfRxYGj6-HFpRVX9XJb4oGzOt6J8v9P9LBIRo3c7e9AD07VMEDeR9e2Dhdzl-yJ3o6S8rssA3IlNxQo-IEQwUfG_oyJnEtJXeNRdjdyA346ONmFt58gFutCTpnjsO9c8KWU_TWPDMX9EZ1Dq9DtVOCvVYsKbbFPO1cFFJsREGK1jeB48dqvencfSsct8FbdpEbE5JC9tkoQfVM-KPWnvZ0zZulAqnl_yU6sE4CSgq4T7yD6TEX--8M8I-BqiERsT3Qo5YnatVPahRliFnUZpD6e14VIy1PmCZmHZGFQpOsWIOETAeoPHmX0N3sUaz3K841dNZu68bfQ2RBKD2CdGrmkZThdk6gpDHIayDJhhcxwqEnmcKNuc2X8A0Tlvzh5yRCiZSye8Rj&cid=CAQSOwBpAlJWFKq6XUmPx-OAiRgbsNp9j1cNhohTj51OMC7lcl-ioL2A3o6iSy3kVpamzxM9RG7ekfUwcxuXGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.itnews.com.au%2F&ds=l&xdt=1&iif=1&cor=2283257338822901000&adk=4188270525&idt=299&cac=0&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 23:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
51607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 23:04:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 55BB
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyeSIsnYb9ovslXw2hRA145npZLrywJX1yngqcUcCRKu0bVWZ3pWLbIcQFCY1XefebxyvKiOh6ysssetob3kZRSECjYg&cry=1&dbm_d=AKAmf-CGTltL6GaEMV9kzYiF1GF0Tdz3ZBMTp7VlraUMwauryiPPspseEAkmwm4Fq6Bn4nPElhycagBzpg_14GxjahdcdvW8uLbEB4KcErg84Vhq3s2xh35-XV9_3Y64Wp27UjlRrxbBGlMPbOHyIS3loxT4nPOZpywU3ltbV8WqXeIHSwFkideEkbDjlRQGMMX0rDt5W_lCx8yZqFb1mdG5bUyMwTMPHTwjVtAXk_IuC7lg5O6hyZG-0d1DRa1hJraGV6-gH_ttUh5jOjoks1ui4vjf707zElZL537D7pSmi0tXaZylzD7QyMqibLfcnN4gdX5YuUXcgWAK1uflBqrW7hBJzxBziUpQMFCWhX2Iy3woRzzibY9W2gPlbJ5VD_xPg6vEqBtYNpO0K05MDKL8Xq5krpzv6AM9x-Z4OKXbqU1JA9nl1M6ziDEr8zUvZaRIIJyNMyqL_j_B1TEo0LsMGdla19uyjmlmumfda5Pid-nTyBDJGgLz1KyEeDDfDdL-XAgTHOxf4GhxdxKAjqyE0xkWUC9zri9a-awEG8NUEvah_QyG_j8OEWAIu_64RIN17rhYfaVdcW8yz17PAnZF8WxvjiPwfSn6scmE2EV1UgUfvLpgxbpjCSsAWh0wINdSXv_GcuEP_HGs4Efy0HNslpaleirfuvZNs9daFOlwG8AsSs2cFJVpyqWvocV5uYcZuaz1wg274C_nvAxbyaQ-2XKo1XKh0AYpWQHZcrY--5t99rggvc3t5Cze6_ApfpMdVCTLOZmh8d6wDkhi_qcFYi4CQdupXpgpd9obzEWprpZrCCtrzCk1DfRxUYMWkBhl1VdKQZdae_VN6TJwTWiiNrr5pGGysmcCPs1i_qZqvKG3ING7A-g2y8q-TtjFHe5BmgKLnR1jmDKHFY3AiKfaYHl83yTX7Vxu5e-rDDzdLdT3_jdb3WpYijOpYsNQBbwFxjShw3gjZN8OMwuwnCmxK9jDFt9DaR2dm8cTtMFZO_yMjg8pUgp8FJ0MivGEUWN0UPEH0i8MXxE4iRAkqnsP5iNQvJTkO4I9_dQgVojrBrx2KR44TDaAyHxhLU9qvYFK9CPJp6QTWp7pgIN0h53Z32HrAYKLn0uPSDf8u-tOOnpQM_TAvsAjsTYKTrCAzxLMy94We2CHjTreJVqWFsHt1flUI1PNhFoHz7XoJ74pLbdOj0tSCWuYo28uZfKkSFA4JLBAHkUYMs7nTfimWkXQ-sxTxGY-I6D1elZNtpx1clpUPsvektGidNlST0tmnJ0uw5_Qy6P0O8aL5XOSdgW28XtGuAKo0cxAnXcedSnYrceOhPfGY_IadKXfeqzhdEw0--fXUWFbBNBBWSKW27_M30Qe-IdZm7dXyd4UlJw_rLg31J4zM6qEFXH2b3Vgk_nVukn_N2-SAHIeCmKQchvZpHD-vcGqu33oFkwx_DBiX3sVrDwslIqRCfjjJ8fZQed0q9guJi1GWnWwIGp8Q8xYoozFtIquwEuOIP_5RiHdl6RTQZlVsSVeFT1R3Sq7DpsIRPolRC4aHWqSYhn_ww400tqmByggTleoiri1DnlCEQnOugc9Imh--VDWkVYHNWx0qyb9dTfAUhKrRYsvynK1gDceJOkeGN_Z3tpP4EbSvrYginQEadTMiaN4Yxvu-iG8d6oZyzz7QM_8aWNC6ijiO1QOmh8rffF9kPVWtml8A-PhoofsVQW2mjBYQhCTxAeJTR2DSxeRc8Y3it9Fh0fs5kxQIn9WCvATmjNZ6qDSak7bhN_BsXQ63AUHfcrOgjReLOfTuz068nIORrc9QU1_GPoGRsnYwUMquF2fB3CqVv-F1tn9AFJ-OaQZBUfEnXJ1qeymxcbuktAEFjISjQql431vmjMTREvc4tFaRJ3gpES5soC3-QyG9Rlcyh7sUCbGaW4QcEtoOxa5OLBWyA08iRS7-xu-GKQGwX0g_5ZkZ7JSNprRNM9tHp7dRsZroVLuun_Bs7vGAKAuTeG4mCe7sJ-V2QV7Pz-OW9ExHEBS5JSG84hCgBWRetob3xgM6vtI3S5MqnZGPblHuaWs1rHpzz-aDaMcgw_Qef56Hb4bc7vgyiOlx65xRU7uzdK4EErC2Tix8NkJZVZ4ctum2CwK0R73DV161_mk7vqTlyEZ5Z21zNyBJ4R_yxt0fOUq_8tA6_h_9Lzs8vBcNENbPvIr0Ajo_NAdhEuDQAy1SQs6N9D4CJ_UspZPlKDwzmiAhH5FxLSPz9EtU3Ws1ZeuccQDponLov23ZeSQVUZ5fRFqAs1eqHeBPkLaTCknwCKDP5XRByExqf1q9f0Eq2-AVKzvLFvfGOZlvboHMrhFmyuXkH5qA_gMMui0j4LwN_-AWW_JFNc-36ZgfSXkubtnH8LdIQ6mAfT-jdKwSb6XdjPyQ1z61vbG4Ab-7GDDlV1aL0O8m9FgsaKBvdWge28tzF8sI8KrY_sgQXatV37jMrdt4WVHHZOSH69Q-_2OPLsvSvt1GeXIFP9tr_o92L8v8oMRy9eaZmsUe8eipIsugIVbTGd1TqfMSDogHFeiiTkxeH-2ETGOvgEYa2SLdJulwJvIuK5XufAXrugNlJ5pZLttyal83cw9rexHxFLy0Do0EyTIadzkSBll1xHcSSmrcQcq3weJ9887dixdnoxxuF6c3oYvprmghc7LmkSz3lZoWi572dv6l6-pnVB2ZKaPtoBBUKNSIR6EVOqEQuC_KC8d3tJJUA6zmhoHbfN36H1ZOxkS2EbEHMg5tKWYOOkGkk676-b-I98kK61lt8hdpKTcQrU2aXG8dKlpWla2K8CwdKtzXzRFVW9sWm7YzvV18ayzJ1VvfnjhFc1vYLvRNPPXwz3gbCLTX--FdfpoQYWUWKdjRNeJWGKQxNypWfV0PcXlmwv91BIB6YZ3SvY8LHXi9XQPVKhsWFJf7ELuvCF_tUmNwHssxb8UB6tfTdWQoiMN0re3LSGj3kaVKh5ga_Lx3XDpsSfEn-UlOx5WqpE6BbE74xP1QonMlt68-5EZIYoeYAKUszIVviFT8OnaN9tfDja4hChHVIvG6iR7c2n5PAjfRxYGj6-HFpRVX9XJb4oGzOt6J8v9P9LBIRo3c7e9AD07VMEDeR9e2Dhdzl-yJ3o6S8rssA3IlNxQo-IEQwUfG_oyJnEtJXeNRdjdyA346ONmFt58gFutCTpnjsO9c8KWU_TWPDMX9EZ1Dq9DtVOCvVYsKbbFPO1cFFJsREGK1jeB48dqvencfSsct8FbdpEbE5JC9tkoQfVM-KPWnvZ0zZulAqnl_yU6sE4CSgq4T7yD6TEX--8M8I-BqiERsT3Qo5YnatVPahRliFnUZpD6e14VIy1PmCZmHZGFQpOsWIOETAeoPHmX0N3sUaz3K841dNZu68bfQ2RBKD2CdGrmkZThdk6gpDHIayDJhhcxwqEnmcKNuc2X8A0Tlvzh5yRCiZSye8Rj&cid=CAQSOwBpAlJWFKq6XUmPx-OAiRgbsNp9j1cNhohTj51OMC7lcl-ioL2A3o6iSy3kVpamzxM9RG7ekfUwcxuXGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.itnews.com.au%2F&ds=l&xdt=1&iif=1&cor=2283257338822901000&adk=4188270525&idt=299&cac=0&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 23:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
51607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11572
x-xss-protection
0
server
cafe
etag
5014499061205845695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 23:04:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 55BB
41 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 23:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
50123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jul 2024 23:29:07 GMT
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame FC39
13 KB
13 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 06 Jun 2023 17:03:04 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
4738886
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 01 Jun 2023 09:36:56 GMT
server
nginx
etag
"647866b8-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QER5oXeiNB09X-zi8NzZTHp4e3aglpnAtIBCSgLk6U3J8teBg-lvdg==
expires
Wed, 05 Jun 2024 17:03:04 GMT
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame FC39
3 KB
3 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 12 Jun 2023 18:09:59 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
4216470
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 07 Jun 2023 16:22:20 GMT
server
nginx
etag
"6480aebc-b9b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Ltv4yoC4pZzdp40zToIIl1qFw3vTK0f3LMVOdBavT6XLx6OydyA-QQ==
expires
Tue, 11 Jun 2024 18:09:59 GMT
email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame FC39
840 B
1 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 12 Jun 2023 18:09:59 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
4216470
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
840
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 07 Jun 2023 16:22:20 GMT
server
nginx
etag
"6480aebc-348"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
_20eFoZFGFaerPZ-IeOvJ37Q6z5T5B4kKKQy11WeaC828ALEfgX6HQ==
expires
Tue, 11 Jun 2024 18:09:59 GMT
privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame FC39
891 B
1 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 21 May 2023 11:15:37 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
6142133
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
891
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 18 May 2023 20:44:46 GMT
server
nginx
etag
"64668e3e-37b"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
tVYoTMrncRd44b5Y2NZoKMkBPBLerWL8GQK4lgvwJRocuxb-Q_D9fA==
expires
Mon, 20 May 2024 11:15:37 GMT
warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame FC39
605 B
1 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 04 Jun 2023 16:27:18 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
4913832
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
605
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 30 May 2023 18:28:53 GMT
server
nginx
etag
"64764065-25d"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ghFq-6YzmCboQc2wUQA4K4uwk-AYSBSi3QCyzbP_Y2NeXJpaBE-dFg==
expires
Mon, 03 Jun 2024 16:27:18 GMT
sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame FC39
2 KB
2 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 11 May 2023 21:50:26 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
6968044
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1763
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 09 May 2023 18:32:30 GMT
server
nginx
etag
"645a91be-6e3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ifYE_sqk10LJzL_NgxJskVia5HzTFr-axJ2lsdV4WXxMVCjQ49E7Ew==
expires
Fri, 10 May 2024 21:50:26 GMT
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame FC39
8 KB
8 KB
Font
General
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 14 Jun 2023 20:36:39 GMT
via
1.1 08244b1866fe32276ce5a76c3d8b5ec6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
4034871
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 13 Jun 2023 13:52:03 GMT
server
nginx
etag
"64887483-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
4fKYP1ldFlpMAvb0xfEE_nlm9odMaOSsLtxiwvzD7PHuxeS6QBPZyA==
expires
Thu, 13 Jun 2024 20:36:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6EA5
1 KB
758 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
61431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jul 2023 20:20:39 GMT
etag
48472445140208031
expires
Mon, 31 Jul 2023 20:20:39 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 55BB
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed7af3aef34bc64d89b243073094e1a333ab95881e9cbed4ae400dd4fa9c80f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame DD4E
337 B
837 B
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 12 Jun 2023 18:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
4216470
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 07 Jun 2023 16:22:20 GMT
server
nginx
etag
"6480aebc-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
E6qfN0Szgnz8stEK7NCWc9lJxbPxttpb5hUgb13bEmDw9XdEk1rabg==
expires
Tue, 11 Jun 2024 18:10:00 GMT
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame FBFE
337 B
836 B
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: itnewsnext.disqus.com
URL: https://itnewsnext.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 12 Jun 2023 18:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
4216470
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 07 Jun 2023 16:22:20 GMT
server
nginx
etag
"6480aebc-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
KD_NovozQ5-wfouyJeA16T1ltQRh132AEK-3soqxMj__ttn5cNy_DQ==
expires
Tue, 11 Jun 2024 18:10:00 GMT
sdk.js
connect.facebook.net/en_US/ Frame FC39
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
2ef602a4fb08ef42c93566e4e34dbe4f6a51a7e82feb1ecb31aadb99cfcf20b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:24:30 GMT
content-md5
vaBd/PmVooejydxN6q8IWg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
ph7lllskTaRJ03Mbni8COKFuzqVFAuJztu0fyWGJdLav1HE0cYVf6aIDMsgx2+trKt7fHrEAxTB7+qqPVA0sIg==
x-fb-content-md5
630d40e043b3cfb7c8e4d49b63a258df
cross-origin-opener-policy
same-origin-allow-popups
etag
"635b4118c9741e2bd6aef97afeab0d6a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:43:13 GMT
api.js
apis.google.com/js/ Frame FC39
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f101.1e100.net
Software
sffe /
Resource Hash
8bc38f41caf8475e5c70dd384d90d20998e45b17725b2d86ebd00e76d67436a3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:24:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7115
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"f61b76739d030dc2"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:24:31 GMT
details
disqus.com/api/3.0/forums/ Frame 88F4
3 KB
4 KB
XHR
General
Full URL
https://disqus.com/api/3.0/forums/details?forum=itnewsnext&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4852446e73df08adca2732771f6823a5db5657d72a420f0d433dd9dd9710a1a9
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:30 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3193
X-XSS-Protection
1; mode=block
teads-format.min.js
a.teads.tv/media/format/v3/
600 KB
131 KB
Script
General
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.197.50 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-197-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8e68116bc7e240285fe9125e7d5cfe11aa818b0780b4089138145893348a4380

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:30 GMT
content-encoding
br
last-modified
Thu, 27 Jul 2023 09:36:42 GMT
x-amz-request-id
4WPXFPDCZHJM42Q3
etag
"89a8b91f69efbc645fb889412d179f05"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
c
accept-ranges
bytes
content-length
133838
x-amz-id-2
pqf96BZ0ZG4DSNhiAalwDl8G289P7qfbVj7jKlSpE/LQshPafTXqEDZGm3ToANPFAUQRVuPKdSI=
expires
Mon, 31 Jul 2023 13:54:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 91E5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0m3PR5nGN7brgu7aEW_K2YBDHGnavD8-lzAcUSnosBDpubQjSct98WIFcWPRY-V0xKmeV5-yw9QSBtHQp9gJOiqGtK9txhodcnIXsInJPWdgrkr0FBYrrhF_ENSCW858Jt0CjPKVdEutX9O-C1kZRuMeR4R5-sOtruIWSeNvuxsKCWnjYT2oRjhjRiCVJ4NsNaZHVjRFhqsNyr-Le0QdkXYOCZBtVZgmkTDI1H7rfHUKPT-IWecqXLRq8SW5E-nfJ9_eiT9W2_mrpQRy-UNVLKu_XK3XXHl_kqsOCklfEkQhbQRrbQisq7RMPJvAXlYymmFxFisXd&sai=AMfl-YQOPMVOfAgYq39oyZZUcDKbD501GUN4rFC5bBceKqcYAwzzGrQo3fN1HdrPvtf4FMOM8jxdVFhZAgPa1BHU0r9s1yXoxni5D8rjKQfrC5n1mLRKwsEPAc6-wdjyjg&sig=Cg0ArKJSzJStsFpuALnZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:24:30 GMT
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame 88F4
5 KB
6 KB
XHR
General
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=itnewsnext&thread=ident%3A598623&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.d3c61c72047a19eda535a9d1d31eba39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c677e7e59b2a945d5adac85c58e5fba745286343f823dabd3d7a4a0046ddb89d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:30 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
834
X-Frame-Options
SAMEORIGIN
Vary
Origin
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
5587
X-XSS-Protection
1; mode=block
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 96A3
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
228578
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Jul 2023 21:54:52 GMT
expires
Sat, 27 Jul 2024 21:54:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7311
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Redirect headers

date
Mon, 31 Jul 2023 13:24:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6EA5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDLMzBLLGvQvDvn0f1QaYkg&google_cver=1&google_push=AaAOQGFJY2xb4INAJE91Bq7kJd9r6hM9tWySxkJqD5T4tNa62TdCXQ0piF1bRHFDJi7w-irFkuo79VpM3DJkXdCUM1bkFm7sqOcE_...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE3OTQ1MTM5MDM5OTc3ODY3MQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDLMzBLLGvQvDvn0f1QaYkg&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDLMzBLLGvQvDvn0f1QaYkg&google_cver=1
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 31 Jul 2023 13:24:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDLMzBLLGvQvDvn0f1QaYkg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6EA5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJmaic5UDPMRWlxU-0Qhz34&google_cver=1&google_push=AaAOQGFnftAQjXBvJU33pvOUEQNK_2OCqEi3OWuWny9OUxBysv5a49C659gOiYdc4gWMGT1xHLMxYkjS2seNHowIAF...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGQwY2Y0MTQtMmNlZC00NzQxLWI3MWItNzQzYzQ2MGI4MmEz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4d0cf414-2ced-4741-b71b-743c460b82a3
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGQwY2Y0MTQtMmNlZC00NzQxLWI3MWItNzQzYzQ2MGI4MmEz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4d0cf414-2ced-4741-b71b-743c460b82a3
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NGQwY2Y0MTQtMmNlZC00NzQxLWI3MWItNzQzYzQ2MGI4MmEz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=4d0cf414-2ced-4741-b71b-743c460b82a3
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 6EA5
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEPICd0AryFz0nJPj3J31M2o&google_cver=1&google_push=AaAOQGE4kQU1-jEkkhQf8c9OndmweF1WzFtp5ul00i3hRs-CDMlQoiJ9idqc6hJXiqjeRF2fbzNYLhY...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGE4kQU1-jEkkhQf8c9OndmweF1WzFtp5ul00i3hRs-CDMlQoiJ9idqc6hJXiqjeRF2fbzNYLhYggjRB97xlAK0CiKKaq4S24mIfVqnwtOm2oT7VONqCDApIeVr3...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGE4kQU1-jEkkhQf8c9OndmweF1WzFtp5ul00i3hRs-CDMlQoiJ9idqc6hJXiqjeRF2fbzNYLhYggjRB97xlAK0CiKKaq4S24mIfVqnwtOm2oT7VONqCDApIeVr3wddFutq7ShI4gJHdsiWgBwVVgw&google_hm=pL0ZzvwyRk2NnJYE1b0ZMKY
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:29 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGE4kQU1-jEkkhQf8c9OndmweF1WzFtp5ul00i3hRs-CDMlQoiJ9idqc6hJXiqjeRF2fbzNYLhYggjRB97xlAK0CiKKaq4S24mIfVqnwtOm2oT7VONqCDApIeVr3wddFutq7ShI4gJHdsiWgBwVVgw&google_hm=pL0ZzvwyRk2NnJYE1b0ZMKY
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6EA5
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEFP-WxE7S8FTmOVjU_DT6fc&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZmQ2NmFkMjYtY2I4Yi00ZTRiLTlmMTItMGUxNDExZGYwYjFh&google_gid=CAESEFP-WxE7S8FTmOVjU_DT6fc&google_cver=1&google_push=AaAOQGHv...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZmQ2NmFkMjYtY2I4Yi00ZTRiLTlmMTItMGUxNDExZGYwYjFh&google_gid=CAESEFP-WxE7S8FTmOVjU_DT6fc&google_cver=1&google_push=AaAOQGHvXx75GdkKtXzt8nhtG7VVqALAC8EYCoJkS-_z0yR5RtlU6qQfPOHcJsrB82rIn5umuiQMSj5pjE9EtpKxbH4xO7m0qxPKUdd1QpgYVXZ-43ASk4Fopd84b9RdOD04GMdV12AI6AAyRCKH-lMoBCw
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZmQ2NmFkMjYtY2I4Yi00ZTRiLTlmMTItMGUxNDExZGYwYjFh&google_gid=CAESEFP-WxE7S8FTmOVjU_DT6fc&google_cver=1&google_push=AaAOQGHvXx75GdkKtXzt8nhtG7VVqALAC8EYCoJkS-_z0yR5RtlU6qQfPOHcJsrB82rIn5umuiQMSj5pjE9EtpKxbH4xO7m0qxPKUdd1QpgYVXZ-43ASk4Fopd84b9RdOD04GMdV12AI6AAyRCKH-lMoBCw
date
Mon, 31 Jul 2023 13:24:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 6EA5
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFXXdNglbbl3nvRbsNsTdJM&google_cver=1&google_push=AaAOQGFalM9xkwT8bkuTa6ZVdoC21hV2UABcYDTcHytU-fIX4RV1w4OCC8h1qdqfCoo4_xreXMril_eeg5Nh5WiHeLW5TudIzRpp5kHVOk6HJgAgIWi1uSXZIKCMRynTQ4g1mGAVxPZyxR1Q10Hk_uc4JA
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pub
cs.chocolateplatform.com/ Frame 6EA5
0
0

pixel
cm.g.doubleclick.net/ Frame 6EA5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMsFstkkoa8Ygsir4YZUIq4&google_cver=1&google_push=AaAOQGGCteFIFcGz3...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEMsFstkkoa8Ygsir4YZUIq4%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjY1Nzc4Njk3NzA0ODY5Nzcy&google_gid=CAESEMsFstkkoa8Ygsir4YZUIq4&google_cver=1&google_push=AaAOQGGCteFIFcGz3gWR43w80IT86OxkQE9qSh5K9y...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjY1Nzc4Njk3NzA0ODY5Nzcy&google_gid=CAESEMsFstkkoa8Ygsir4YZUIq4&google_cver=1&google_push=AaAOQGGCteFIFcGz3gWR43w80IT86OxkQE9qSh5K9ydYwQBawGo106cGxgID7Hd2duAVLCp7ZeD2TIxDeuXhXF2EYfJk4XVbfAjcZvmYMfL9BAk0Hwi91bSs_ZNICfZV9vIQmLRrp1ON4-DN5ppIgjqAEkt8
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:30 GMT
an-x-request-uuid
522d095e-02f9-4ea9-8233-e7606ed20d08
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjY1Nzc4Njk3NzA0ODY5Nzcy&google_gid=CAESEMsFstkkoa8Ygsir4YZUIq4&google_cver=1&google_push=AaAOQGGCteFIFcGz3gWR43w80IT86OxkQE9qSh5K9ydYwQBawGo106cGxgID7Hd2duAVLCp7ZeD2TIxDeuXhXF2EYfJk4XVbfAjcZvmYMfL9BAk0Hwi91bSs_ZNICfZV9vIQmLRrp1ON4-DN5ppIgjqAEkt8
x-proxy-origin
66.203.112.166; 66.203.112.166; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6EA5
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWCel-9d5_UFb2dIG4B0O9Nl7EpM0okopR4NuNloG6ScvznxtvBpm66c_RIrp23Nh2uyw0XA
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 7311
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVkJ2DLbHZJ_JCNiVogOUmJLYBum6huNxlv7a8LcR29keEAEg_YCnOmCl-JGAkAGgAf2p598DyAECqQKqpgkBoXqmPuACAKgDAcgDCKoEoQJP0H8Gjf68fCpg022kwRAlT9YM5Jp0cvzBGPajUiD2wuIVOY-xR5Y_YtMEMvjwQf0UrYG_1CCzWYGYPMtXEb_kYqyHQnaB8zw1DHDsXaqbtRPmKEDAKOP8sPt3V53evOgQ1Lll2FhJ3TsWXFDly5olUK-ts_9VHHAglctb-0P7f8rDLTRlIeGjZZpBW-3o00I9OVQ968nhdtHsLv_8MBtYCrjf7fO6JX7jOqF2LXqz7c0QkAXMVCgLX0fKWS5hV0rAYUGwFTV89Ota77LgzJpqhb3mEFoVfz18NmXu6TfArR6lHLNb3eqDbgQVaXnC03jpVxj3rWQc-8smWx4rl5kve5hIHc2qLe-n-w6cGCrYxt8hPP6rUxwX6hQmvI7o8MgcwATohriDqwTgBAGgBgKAB5OslyCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDDpAbSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaIMCCoGCgTDsLEC2BMD0BUBmBYBgBcBshceChwIABIUcHViLTM0NTU4MTY0OTE1MjYxMzkY3dgF&sigh=aD9oLEFdK40&uach_m=[]&cid=CAQSOwBpAlJWFKq6XUmPx-OAiRgbsNp9j1cNhohTj51OMC7lcl-ioL2A3o6iSy3kVpamzxM9RG7ekfUwcxuXGAE&cbvp=2
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 5F67
42 B
404 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0Vf_jgYZ7MVVRn9nZybUko6ZUwDI-VDDWxboOzZXUe1sZFWO6d5RhGnXDeYqfOUTyShcrc2pgwVT4L3I3bMEt_mUF-xBX4gpSN05h-Lx2Fcqx1e_p&sig=Cg0ArKJSzMjBcvH1t5I8EAE&id=lidar2&mcvt=1005&p=234,315,324,1285&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230726&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=667020349&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690809869195&rpt=335&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ Frame FC39
307 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=d83b0479c97dbe4a66a3658b2fbe9ff3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
ee046bda3d1f76434d5f920fce6f94a1b6a712255dbc037cd3e3c1c1bf2f535c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Origin
https://disqus.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:24:31 GMT
content-md5
L3QAP5JhoQBe03xwPYjWtg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88741
x-fb-debug
V0Xic+7IWsL+wnxCL0ClwHbfZaCdpHtlSx9Bh3jCLC1DJte5eQM3eCjobCNfRa/dNqem0E8f5Fpbkt19FjRvlg==
x-fb-content-md5
9e6375bef8dd0d8ef683e64f6604729c
cross-origin-opener-policy
same-origin-allow-popups
etag
"0bf360f388bb32fe99b158e106d52c43"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 30 Jul 2024 11:34:17 GMT
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 96A3
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 04:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
31311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Jul 2024 04:42:39 GMT
/
www.facebook.com/tr/ Frame 8B00
0
205 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itnews.com.au
Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itnews.com.au
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:24:30 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 0727
0
54 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itnews.com.au
Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itnews.com.au
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:24:31 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame FEB0
0
31 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itnews.com.au
Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itnews.com.au
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:24:31 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
activeview
pagead2.googlesyndication.com/pcs/ Frame CB31
42 B
108 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9lvjnWdz-5p9S3A9xN3x6Vsz25iVB4nBmhMNKs_onUiP1r7z3vJOTKfkyYvaCBrGOCFO42ETyR8M23VQ1vsWYmQYalF0oJDTTsVkPwvx9Ux01KXsf&sig=Cg0ArKJSzAZtoQ99SspPEAE&id=lidar2&mcvt=1001&p=557,1044,711,1344&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1265387520&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690809869228&rpt=636&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
c.disquscdn.com/ Frame 88F4
8 KB
8 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Foracleplane.jpg&key=_epI2uk8evJOrahOMa4mLw&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
dbbaf8d65b0f93f0917e1371b5c9df6862501b47bf980eab24be520ab4050776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 19 Jul 2023 02:18:03 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
1076788
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
8153
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
wQYK-027a5UHUy_9BkUemGY55GUmUk5oWAzfz_Q5-jvIE_cYYxj7ew==
expires
Fri, 18 Aug 2023 02:18:03 GMT
get
c.disquscdn.com/ Frame 88F4
26 KB
27 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F20230720103706_facial_recognition.jpg&key=MGNGYLamL3HtUARJ46cLJg&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
252037c7c756e70b49902c9f12247aa047899f522c6c0c77d012970422fbc6bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 20 Jul 2023 04:18:23 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
983167
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
26743
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
g6QW5pbSzZBd_5cauMVc4LhM2xh_rO9WrZmhG2qDnw0eGv4TQCYMmQ==
expires
Sat, 19 Aug 2023 04:18:23 GMT
get
c.disquscdn.com/ Frame 88F4
6 KB
7 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2FMeta_Privacy.jpg&key=Z0NMLuLdeiSWOs8hMRjYbA&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
61548ef09524a1844c526bed164fb495360ca5d5c4102eb29bbbeb3c817f1adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 27 Jul 2023 02:56:05 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
383306
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
6546
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
CAxrLMIANVz1qjhS5PQx1GtjyD-tdWwtTuEATpONB_VPprBhtmrrjg==
expires
Sat, 26 Aug 2023 02:56:05 GMT
get
c.disquscdn.com/ Frame 88F4
10 KB
11 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2FCRN-money-AUD-dollars-480236741.jpg&key=s-RJ4DUnDN1EKfSlJqiINQ&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
f57db404c841fc1a045d674d20a1f964f1d4aa7f7d59969d17c915eddd78875f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 20 Jul 2023 13:33:24 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
949867
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
10524
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
UIJMROTJueGs1aLPQyvFsOabY8OkcQsDzY8tlZM5tBdmGJ64_KLumA==
expires
Sat, 19 Aug 2023 13:33:24 GMT
get
c.disquscdn.com/ Frame 88F4
11 KB
11 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fauspost_sign.jpg&key=xN7ml19yCzbuyCr8n31MZw&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
9c88a7ccc6c35b5083d91e28ed91de4715911c70fcedec2b68acd8b74470480e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 21 Jul 2023 00:49:49 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
909282
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
10822
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
HuK5rLvxjxKWlZX8B3yVmLZICv-4FREGdsncH_NLWXvqqB2QEWzjww==
expires
Sun, 20 Aug 2023 00:49:49 GMT
get
c.disquscdn.com/ Frame 88F4
9 KB
9 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2FLittle_Birdie_2_.jpg&key=Ppi1mNJWStMbtEcojBoPJg&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
373641a2474db13af0ccfc18f26e97946a616c1c127f672e43912c0af6228b2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 20 Jul 2023 06:33:21 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
975070
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
9090
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
Xw374F6R1L1TiOrtx7KaUspdJIxyCb7tPm1xcA4e3hcvAjxadrSvxQ==
expires
Sat, 19 Aug 2023 06:33:21 GMT
get
c.disquscdn.com/ Frame 88F4
7 KB
8 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2Fmeeting_table_chairs.jpg&key=-ajmGXygdWg9048TfFr-pg&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
3e4bcb42c8efa4eb72cfceb9905ac167d9e4b3bbc65f4d59c6103cc3f83ef128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 17 Jul 2023 23:25:40 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
1173531
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
7434
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
B8_xjTKafjGOeTrWFhTZgiJz10OCKejETq7iO9OgJ6lTQ6r0kJfghg==
expires
Wed, 16 Aug 2023 23:25:40 GMT
get
c.disquscdn.com/ Frame 88F4
16 KB
17 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fi.nextmedia.com.au%2FNews%2F2023-07-12T120337Z_1_LYNXMPEJ6B0HW_RTROPTP_4_USA-CHINA-CYBER.JPG&key=_eO4-vEcXlBM0TCklsDONw&h=200
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-43.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
b7d6641d03a90d1736cc8c5c4ad99bf73eb21e95c93bafc55a7a3d22100f0779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 13 Jul 2023 11:22:15 GMT
via
1.1 04dc362d25cca9424ae2d9ab2a32ba70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C2
age
1562536
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
16682
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
CxouB4zV4wChC-2a-i7kU8pS2B97nGFFLR12vzTS2BnnWi26wr5zhw==
expires
Sat, 12 Aug 2023 11:22:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A3
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv4TODbbHZLPHN8Lg3LUP6riKsAsAAAAAOAHgBAI&bg=!paalpvLNAAZGOVy5Zjk7ADkAdvg8WlF3LCMzZB8nDLwaDwJZv1UUT-oIPKYLKCGORuZBZe-RAYTP4WSh2ZkKowH5p5OE6PXAqd4CAAAAcFIAAAAIaAEHCgAvQtBiONoLhH_c7K8Z3XPhd712hjQjsfFU5jd7LN4tHGJ3PwMA3AxXPmg6ywvkO7-ZAv2-i29CVIVle2BTrp0nkxKrT4flzJ0LXh2k3zUuKP4WnTKaDCe-2Dqi3u7CCIiYbhk7zd-Gf43c3Y32ioiBSHc-H8ND_KF0Lp-En8idX9cDEScIrTdC8ioHDznhJgeozbucwqd9x9eoL7Vw0LUvUKLvSsncTn80OjGh9QQUPtI8pCLZ59o5HVbFGdCZ-1UtSZW0lR9LqWwjs8mpIPwRwCOZIe4JeyxaQ5_0X9G_PYW02ChIPW-JXFL639g_0B1t5UaUd4XR7xTWWn_4xHQx9RUMaiZzxKI-0uH13F5WTtSlkFZuXI6agI4ZMORiHbe0YuSY-U9KW1LoxCNR6ALSI1YyxNKxZ-tCbvgjAbOCheS8O5V1sugBEzANZpCjkmgEfNcoinqWZXlXPFngFF-fM-oYB1cjK5fnnuNfGdHoXjIMKu72ancWfhBZL3eADP3-muhuOIHbDvrxbMgyhVETdS326FDaAOhHOLq_ee_Yk9P8gHTJzLYlx1wqLhBY5QBCAKSaGNtkUONwA25cZIpmMmr7T9fluqmg6nob-vDsDiRt44eLzzAHr194in76u-hPgnWGs6FSz0giX4-PquwnWJQn7gsxvOOP9cJvBKwQgx4NkJ5DaUPYp-3GLr8F0TTYvFt1h7bFo1ipxAoKh0NRJPkQyH1kq0cr4CBaC1uX2F2IBH0kaX17HV42I0w3WnKY1LMLA24OsGO4K4CwFwSuYoYZOW1Yk_GBA4b7l0jn3qZbAqzmAbMNvrgL9fybJQ8AVufs-_5CGyhxsJ0EgvxrfJFjq1qe8fxDrrrwEOy0lHHkCN_2tcgRU_lHtOfptD_4XsRQDgakivHYm291s2ICi85BBoIjNapZkItebSJ9B1P1j3e6rRapNXlEk8fFVEJIDHbYcTrr32qm8VgDRAk8q7u8WiUQ73Fvy4luaK4la4P8yGlChSXw0JBoYOoMFwY-hauqnR07stDRTU2W2N1ribObs_qrjcvmDihkSRQ0sB5mYogXuFkvywSaT9wDNlw
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/
23 B
104 B
Image
General
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=f7798635-f372-426a-8747-3b7aeca89398&pageId=84405&pid=117459&debug_metadata=hMlC1UtZ5z&fv=1226&ts=1690809871248&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.141.36 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-141-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:32 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/
23 B
134 B
Image
General
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=f7798635-f372-426a-8747-3b7aeca89398&pageId=84405&pid=117459&slot=native&fv=1226&ts=1690809871256&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.141.36 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-141-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 31 Jul 2023 13:24:32 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
ad
a.teads.tv/page/84405/
484 B
810 B
XHR
General
Full URL
https://a.teads.tv/page/84405/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&auctid=f7798635-f372-426a-8747-3b7aeca89398&formatVersion=1226&env=js-web&netBw=9.2&ttfb=118
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.197.50 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-197-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6600f0dca89cd02f00d95af39a930c07af40dec1bdb7c8b84672ff66d3cdaa13

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.itnews.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itnews.com.au
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
352
expires
Mon, 31 Jul 2023 13:24:31 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/ Frame FC39
118 KB
40 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f101.1e100.net
Software
sffe /
Resource Hash
c9be9fbeaab97433c8175779e57d554a8e1ba6f91e934863e9f350eaae3be3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:41:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40810
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 15:24:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 22:41:52 GMT
TPGT0087_728x90.html
s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/ Frame 877C
6 KB
3 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/TPGT0087_728x90.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
sffe /
Resource Hash
7283d0d484034cdbd50ace0bc0dbf3b357b1edbe9ee5b8f4cc75079290b02541
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
306033
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2125
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Jul 2023 00:23:59 GMT
expires
Sat, 27 Jul 2024 00:23:59 GMT
last-modified
Thu, 20 Jul 2023 04:26:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 55BB
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpfgNOHWhWyle2Fzd_Z9iimPY_dx5_Ijcp6f1sG9xo42ryq5uli1emjrZh0idgG736TcV6HDtGFz1MPIGdU155yu_1eOLLElObxghaqgAQBmQpDCOWQ3oeeVTQDqUux9btq-1Uhe1LOcRgGrr0CcddH92PXssUMhBotTYGgZ4v54PCO35aaR2DQl6AEfBVcyVq2QalIH-Kvdu2rC2ZXbsHzcwZw0aYWwYNJueOj2QceQtoBBg8qvpBfmv1WS6anAkJ6CKO27oPUzrR8_S-X3YU5ekpdB2fLKhIW8ELDAtbV_j6B5ywCuuO080U3JRj1q-WI2xhbV2QFfWp4vDYGg3c25zspbsL3HVChSTg7e-mSOGzWDgvJuxFmUbni7ttvYzqDwqx1XEjlj1pfA2gZG6OA0Qr4TOqKag0tqHJhIRFA43czJUt5_9ko2lQ6ipagNcaZu1Kuo2H_XIsYC-CgqeswHxqkIteXKuXx_kI1Crolm9cJv5rcrxV81xKAbqyLDY56TklxIsM36bEEJ7EiapZV1fnvzb7u18w_OIDgEW-m00kiXN3zVHaGZS5Yy1_cEMLaM2l07Kq5LsLU65fQ62QMFyG2X6SDmNFVTifEiGvvoJGKaYg6CxdQYRfXnlk9CLxgqXn70EXdmkh10qdXEozZqbHeuakQvhZnGHCvLJjmhGrOiso1gEonQ4Jj8Yo-ZEZgppXCMMWuW8gk3uGXmNqZBARN6jLvPShuKmNu4H_Kj4846qx_-uF3VkzBQ6YTYM7gdHlgnFu2ixkXYWcE-C2OXgT78zJFMRA_wrXc4ZLgo7C2fXV7nY2m-5keBEEFsNb_ZD8KgBw4viWfAba5ClOZ34kmCAsrdir6IHc7ZChmsBWN41bib2l-7MqRQUZMwFWXUyQ-N7dCCzETO4MAfBH7jnNaMSD3yCUjPNtHcEpavYVQAfHZ0wklPPmExFz9Iq0OQU-dXpehgHpKcCoH2JcUNj74i4yfvSLM9sDQkHMTjvsQy095h2pZJfZ6emUdS4-fROA-EZi1lPbarfZw-BG1OKnmyc0GA7QbeNRuAWHQx1dnl9-JuE6rYCW-WRYpw5SWDc68No230OfFNdzWslCGn63f4FpvS-WevQHIsKYUS5U_9ElEik9F22zvEjkCoM5AR3361iYc3Kt-9Ss8aKd0-LEOvpespKz1tHVxIOwZiuabLaLQC_2hHxGITiKtVWMpW_sJ03um72WW7l5r1OmgPuXTkYnMEvhDE7fTDwioHqT2kL679RpQAWygAf0eWyePL144FhSBBqUELHOwllC_T3mmsiVXYs&sai=AMfl-YQpovh3sLWMaFaaRU-nozGwvGk7QmHtg7GMCE_1AavTgUrK5ZOOUJ2Ttr5Pe4UeumE9SQBNOMtYZXjPZ4HNEYueaTMOxQgKi9_XwJvzVU5CfMxAWDOyBGnuU8MLk5o4F-f13mPOtxg66aFJTWB6mSfLlRVhWNoEI5INgT-XIEokr1_jHh8B6ebgoEVozUUmvLu95ZiKHN6Ynq8NeWSDDHIWfC-04ZL2NioDtaBC-ao95g0p87TRNJa291jx-gIwwmAK&sig=Cg0ArKJSzPlRdf6xKmn0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1119&cbvp=1&cstd=1116&cisv=r20230726.45722&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 31 Jul 2023 13:24:31 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:24:31 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7311
42 B
108 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8Nl7mAk-37YxW8CPs9N16Edm88xY_TkdyH3TBUswpX29FFJmoSIP7SNfMj_x1R5FfxadTj0o1c00xlyNjYLFdt---gfWo8P1KxMneosXGsTvRuO0q6xzEedznl3bbbXmpvdyp2kR79C8nE8JWgHkTITLrk5AtrjtNX3gftr02GdMgRhOoDU4TR6e6GMtNawwh520e4qNuBOjxgquUOXMJDPngPqGj1MuVp1mE9zA3vxrHMfL1HK1Jmrh5rvJqiu2GhrG5uF6aJZGsxy3KNbw7Hofj7YcT_mg3_INV5Ing1dD7FIrdgYf9UWOe8lK1x4JUWD8Z4nIMW67aZ2f4VbPRRjhtprjFXArtDsos1cvjzia6ILVLQm7LNR2vqg-KILpXvrHJxouwNhFXsd-F__HAxx-2lSVD3Lxm8UnbwtTxavpf2QMCdiK7U-Gsh1bq9D8onCAoL7ZpjHdZ_xEW2f9TIfdDFYnms6rEXkifAl_0u3bS9-PRxuUoHAxojfRcQBvD_Zl6U_hrnqo1xPo2e5qbLo6DF_w5KBjsaJtFPRxAZrMVZrsNRbAW_Rtn4jwYEesbDcM9GsfkcIf2cMa08mz-bZmQdpNiScW-BZ_IVGUNLpzluYBg9fs7T8gBj1rHHcyG334zRCIz-HfGfOHUlupMmL6s4FSqFCG1xhm6LAOBQOjqlZ0lpqhaxdUT38QWzakYR7zmbhuMwPNFav5X2Va9W0smJqc9A3DVhruujxA7iz-oA2PhAeODQ-ONujSKTpEGrw91LpogH1-WYP8fo23jMDz1zRZbWLLR2T5sLmtjPW8vvv9C_OYFgkM9bQ-A3KsvbP40ezJWLmelCXN0PLKR6BCdQrrc8srsyTZWMOLZ_85qsiGpxEMjS8qsN6jsVXdLNbRE61PluMGmL6iC5MFx-O3r4VttJ2dap4r1fnOQedO4CLWrrr_0aB3e1HPRU3IjZFhJ7ot8mdl6JizU1PWPgDr8rB6yCPTrb6Nw28J6nQWTA3tC4ImLJSjHZ1Bq1MWE6aTGTOzTLZOBJvSVwWzfSL4yc1vQNLpZe9yXXu40hucfuUkFptFPWmm3IT9TvpZtQVccjBdCO-WloGk4dxRmdSEg35F6yOZ84JtxKDHvTcHj71PTMRt2g5XnY1K6Wjbn9JCaVQ131lxyqSXXC75RXuDK&sai=AMfl-YSqa1mpAqSwRNJa49vVM-i3QNBb3SP_EqQRzLOcv-Awv6EoloOMH1UJoAgGod9rm8RYDxiDAHUkQNQFQk-sEsy8ZtLWTv2sW_4GZNsbiMhM0r2B9jwFGvYb1GpR6J0gvPfS6dmXBaNm&sig=Cg0ArKJSzLFp-YM-Z-AMEAE&cid=CAQSOwBpAlJWFKq6XUmPx-OAiRgbsNp9j1cNhohTj51OMC7lcl-ioL2A3o6iSy3kVpamzxM9RG7ekfUwcxuXGAE&id=ampim&o=531,80&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1327&tls=2327&g=100&h=100&tt=2327&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dianomi-max-200x38.png
www.dianomi.com/img/ Frame 5DEA
1 KB
1 KB
Image
General
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/contextfeed-frame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2423834
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef629817cd4a817-SYD
expires
Wed, 30 Aug 2023 23:24:31 GMT
dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame 5DEA
169 B
293 B
Stylesheet
General
Full URL
https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/contextfeed-frame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
6773
cf-polished
origSize=199
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 21 Jan 2019 12:43:41 GMT
server
cloudflare
etag
W/"c7-57ff735ded940"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ef629817cd6a817-SYD
expires
Mon, 31 Jul 2023 17:24:31 GMT
videofeed.js
www.dianomi.com/js/contextfeed/ Frame 5DEA
5 KB
2 KB
Script
General
Full URL
https://www.dianomi.com/js/contextfeed/videofeed.js?v=20230720133923646
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/contextfeed-frame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3fb47df6fccc360f36353099993a1728c576536375a98705c5179aa1a1e191c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:38 GMT
server
cloudflare
etag
W/"1509-600ea782bab38"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef629817cd7a817-SYD
expires
Mon, 31 Jul 2023 13:26:31 GMT
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame 5DEA
77 B
312 B
Image
General
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=1339.318.iTnews%20FaB&geo_ccod=au
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
7ef629817cdba817-SYD
content-length
77
x-xss-protection
1; mode=block
expires
Sun, 30 Jul 2023 13:24:31 GMT
track
t.teads.tv/
23 B
134 B
Image
General
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=f7798635-f372-426a-8747-3b7aeca89398&pageId=84405&pid=117459&slot=native&vid=55be3b8d-6f88-48f8-b5d8-e141dce9f228&fv=1226&ts=1690809871611&f=1&referer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.141.36 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-141-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 31 Jul 2023 13:24:32 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
iframe
accounts.google.com/o/oauth2/ Frame 283C
283 B
1 KB
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S9zOXUg9rrA.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-AXjUK4hNAaKzui0P9Fr9nG2_yZQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f84.1e100.net
Software
ESF /
Resource Hash
3d571177207c9d4ee8b7c3ceb4175fde4782fbbdd45248622be5f877cf73f2e9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iRd575Y9MPodGER2WQhx7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-iRd575Y9MPodGER2WQhx7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:24:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
videofeed-flowplayer.js
www.dianomi.com/js/contextfeed/ Frame 7BB6
34 KB
11 KB
Script
General
Full URL
https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454a61e774d469d52b1588afbb8a7fdf519afb905dc7e2df2b78a0b487d4ef00
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
59
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:39 GMT
server
cloudflare
etag
W/"89f2-600ea783b7e00"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef629838ed1a817-SYD
expires
Mon, 31 Jul 2023 13:26:31 GMT
smartads_video_json.pl
www.dianomi.com/cgi-bin/ Frame 7BB6
2 KB
953 B
XHR
General
Full URL
https://www.dianomi.com/cgi-bin/smartads_video_json.pl?id=6605&cf=1339.318.iTnews%20FaB&url=https%3A%2F%2Fdb5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49a7a47b24b382f1a1605ab5404d0fc9983241b2228c19d62d0c23ea8d82af9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:33 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/json; charset=utf-8
access-control-allow-origin
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
7ef629845fb5a817-SYD
x-xss-protection
1; mode=block
expires
Sun, 30 Jul 2023 13:24:32 GMT
status
www.facebook.com/x/oauth/ Frame FC39
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.itnews.com.au&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Ditnewsnext%26t_i%3D598623%26t_u%3Dhttp%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fmalware-spotted-on-barracuda-email-gateways-598623%26t_e%3DMalware%2520spotted%2520on%2520Barracuda%2520email%2520gateways%26t_d%3D%250A%2520%2520%2520%2520%2520%2520%2520%2520Malware%2520spotted%2520on%2520Barracuda%2520email%2520gateways%26t_t%3DMalware%2520spotted%2520on%2520Barracuda%2520email%2520gateways%26s_o%3Ddefault%23version%3D617b1d7777ec737a28f95e7268f17c68&sdk=joey&wants_cookie_data=false
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Mon, 31 Jul 2023 13:24:32 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-fb-debug
JSejmOKxeOEPYh/lKZKeTi05BqRYKifh68Elz9lYxXxjZJHGcnaEqix7tUB1RmyPsq7itjTAShvW5VRRB98pEA==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://disqus.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 877C
236 KB
63 KB
Script
General
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/TPGT0087_728x90.html?ev=01_250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.33.184.229 Tseung Kwan O, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-184-229.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:33 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Mon, 31 Jul 2023 13:39:33 GMT
TPGT0087_728x90.js
s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/ Frame 877C
37 KB
12 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/TPGT0087_728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/TPGT0087_728x90.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
sffe /
Resource Hash
d253bab38745ecc0546386511e2a7eac31c86be08f97c7650f19052dfb2251b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/TPGT0087_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 21:51:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55967
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11707
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 04:26:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jul 2024 21:51:45 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.m9UG_j_a8uA.es5.O/d=1/rs=AOaEmlHkCkTHfBLZLrVLohtRvjCt0nT36A/ Frame 283C
101 KB
35 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.m9UG_j_a8uA.es5.O/d=1/rs=AOaEmlHkCkTHfBLZLrVLohtRvjCt0nT36A/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
4d9b1f2a07539b07e6f7df6bd0c65178de60c9d1a396235c225e1e24f148874b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35552
x-xss-protection
0
last-modified
Fri, 21 Jul 2023 22:46:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 22:36:18 GMT
dianomi-video.css
www.dianomi.com/css/ Frame 7BB6
7 KB
2 KB
Stylesheet
General
Full URL
https://www.dianomi.com/css/dianomi-video.css?v=20230720133923646
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d1db52cabe6e826d52389582bb6a3d2a7d750518f65a64b78a8a598309903de
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:33 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
5655
cf-polished
origSize=9327
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:34 GMT
server
cloudflare
etag
W/"246f-600ea77ec6400"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ef6298cdea7a817-SYD
expires
Mon, 31 Jul 2023 17:24:33 GMT
12.css
www.dianomi.com/img/a/pss/2534/ Frame 7BB6
4 KB
1 KB
Stylesheet
General
Full URL
https://www.dianomi.com/img/a/pss/2534/12.css
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
506a63d2af90215be21cc036bd64c9844cf225a634effe873d120772c6c3ef7b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:33 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
989600
cf-polished
origSize=5634
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 19 Jun 2023 16:28:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7ef6298cdea8a817-SYD
expires
Wed, 30 Aug 2023 23:24:33 GMT
reporting-observer.js
www.dianomi.com/js/contextfeed/ Frame 7BB6
616 B
493 B
Script
General
Full URL
https://www.dianomi.com/js/contextfeed/reporting-observer.js?v=20230720133923646
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1314977484b794b14e55ddcf03fb39ca95b9c86213f1897c6a64dfffb00016
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:33 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:36 GMT
server
cloudflare
etag
W/"268-600ea780bf608"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ef6298cdeaaa817-SYD
expires
Mon, 31 Jul 2023 13:26:33 GMT
flowplayer.css
cdn.flowplayer.com/releases/native/3/stable/style/ Frame 7BB6
46 KB
11 KB
Stylesheet
General
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/style/flowplayer.css
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-83.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d5e0849332acff7b91d64ac054f09bd1f5db75df129c800b2feb90cd2a841e7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
D9YiVgudnguna.wkJmYkMgTSEuWg7Gva
content-encoding
gzip
via
1.1 0fb19d5f326a219e83b7a2975900484e.cloudfront.net (CloudFront)
date
Sun, 30 Jul 2023 16:35:09 GMT
x-amz-cf-pop
HKG62-C2
age
74965
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Jul 2023 16:34:10 GMT
server
AmazonS3
etag
W/"eb4c450a71248f9837360b0bf07cc7d7"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
cwohQklLnmdcF77zpGrNaLJGTXjOSo0pxVOaf4_54eQwrj3MvFj6Vg==
flowplayer.min.js
cdn.flowplayer.com/releases/native/3/v3.4.1/ Frame 7BB6
72 KB
24 KB
Script
General
Full URL
https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-83.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6be23bbf284c6d5884a84a7ca3347075acf5c028f0cb7fcfe6a4b7354071df0a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
AYetg8AOqi.2BIlsvdUy1q0VvTRaIr9z
content-encoding
gzip
via
1.1 0fb19d5f326a219e83b7a2975900484e.cloudfront.net (CloudFront)
date
Mon, 31 Jul 2023 07:23:06 GMT
x-amz-cf-pop
HKG62-C2
age
21688
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 26 Sep 2022 17:58:44 GMT
server
AmazonS3
etag
W/"07e3da6c90c44ca3d032372837e4e582"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
xsS-vUTpusA-I6noAvmB20Uix0fLzkDkqGr8qnN0RAPCpDsjs_ddoA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7BB6
345 KB
120 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f95.1e100.net
Software
sffe /
Resource Hash
cc4a2b18a49c0b5d6828746e8fcde20a521664d1060d75ff550d70746e6c1cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121902
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:24:34 GMT
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 283C
2 KB
915 B
Other
General
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f84.1e100.net
Software
GSE /
Resource Hash
3d663cbcc6f9ee7c9c30ba14c142382b7da8261e7d56b0e04b9a720768c6cd30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
TPGT0087_728x90_atlas_P_1.png
s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/ Frame 877C
8 KB
8 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/TPGT0087_728x90_atlas_P_1.png
Requested by
Host: db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
URL: https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
sffe /
Resource Hash
9eb2455728587b53f2e2ccfa60e7c625f4c4f105e42157b1b93ebedd4be5e92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/TPGT0087_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 21:04:48 GMT
x-content-type-options
nosniff
age
231585
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8597
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 04:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jul 2024 21:04:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 55BB
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpfgNOHWhWyle2Fzd_Z9iimPY_dx5_Ijcp6f1sG9xo42ryq5uli1emjrZh0idgG736TcV6HDtGFz1MPIGdU155yu_1eOLLElObxghaqgAQBmQpDCOWQ3oeeVTQDqUux9btq-1Uhe1LOcRgGrr0CcddH92PXssUMhBotTYGgZ4v54PCO35aaR2DQl6AEfBVcyVq2QalIH-Kvdu2rC2ZXbsHzcwZw0aYWwYNJueOj2QceQtoBBg8qvpBfmv1WS6anAkJ6CKO27oPUzrR8_S-X3YU5ekpdB2fLKhIW8ELDAtbV_j6B5ywCuuO080U3JRj1q-WI2xhbV2QFfWp4vDYGg3c25zspbsL3HVChSTg7e-mSOGzWDgvJuxFmUbni7ttvYzqDwqx1XEjlj1pfA2gZG6OA0Qr4TOqKag0tqHJhIRFA43czJUt5_9ko2lQ6ipagNcaZu1Kuo2H_XIsYC-CgqeswHxqkIteXKuXx_kI1Crolm9cJv5rcrxV81xKAbqyLDY56TklxIsM36bEEJ7EiapZV1fnvzb7u18w_OIDgEW-m00kiXN3zVHaGZS5Yy1_cEMLaM2l07Kq5LsLU65fQ62QMFyG2X6SDmNFVTifEiGvvoJGKaYg6CxdQYRfXnlk9CLxgqXn70EXdmkh10qdXEozZqbHeuakQvhZnGHCvLJjmhGrOiso1gEonQ4Jj8Yo-ZEZgppXCMMWuW8gk3uGXmNqZBARN6jLvPShuKmNu4H_Kj4846qx_-uF3VkzBQ6YTYM7gdHlgnFu2ixkXYWcE-C2OXgT78zJFMRA_wrXc4ZLgo7C2fXV7nY2m-5keBEEFsNb_ZD8KgBw4viWfAba5ClOZ34kmCAsrdir6IHc7ZChmsBWN41bib2l-7MqRQUZMwFWXUyQ-N7dCCzETO4MAfBH7jnNaMSD3yCUjPNtHcEpavYVQAfHZ0wklPPmExFz9Iq0OQU-dXpehgHpKcCoH2JcUNj74i4yfvSLM9sDQkHMTjvsQy095h2pZJfZ6emUdS4-fROA-EZi1lPbarfZw-BG1OKnmyc0GA7QbeNRuAWHQx1dnl9-JuE6rYCW-WRYpw5SWDc68No230OfFNdzWslCGn63f4FpvS-WevQHIsKYUS5U_9ElEik9F22zvEjkCoM5AR3361iYc3Kt-9Ss8aKd0-LEOvpespKz1tHVxIOwZiuabLaLQC_2hHxGITiKtVWMpW_sJ03um72WW7l5r1OmgPuXTkYnMEvhDE7fTDwioHqT2kL679RpQAWygAf0eWyePL144FhSBBqUELHOwllC_T3mmsiVXYs&sai=AMfl-YQpovh3sLWMaFaaRU-nozGwvGk7QmHtg7GMCE_1AavTgUrK5ZOOUJ2Ttr5Pe4UeumE9SQBNOMtYZXjPZ4HNEYueaTMOxQgKi9_XwJvzVU5CfMxAWDOyBGnuU8MLk5o4F-f13mPOtxg66aFJTWB6mSfLlRVhWNoEI5INgT-XIEokr1_jHh8B6ebgoEVozUUmvLu95ZiKHN6Ynq8NeWSDDHIWfC-04ZL2NioDtaBC-ao95g0p87TRNJa291jx-gIwwmAK&sig=Cg0ArKJSzPlRdf6xKmn0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3531&vt=11&dtpt=2412&dett=3&cstd=1116&cisv=r20230726.45722&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 31 Jul 2023 13:24:33 GMT
nr-spa-1216.min.js
js-agent.newrelic.com/
49 KB
49 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
date
Mon, 31 Jul 2023 13:24:34 GMT
via
1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
892A5V15KQQNTEJP
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
50049
x-amz-id-2
i4PTH+RGFFHZjfF77Uu1YVKK3LWUc+FNuXc3be6ddXP9fDpuFYr66SL28ev/dlXkQQK0Cs10FUQ=
x-served-by
cache-bfi-krnt7300027-BFI
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1690809874.338462,VS0,VE0
etag
"63e2df852d15ab21d7ff8fc4363222e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
355
ui-bg_flat_75_ffffff_40x100.png
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/images/
247 B
350 B
Image
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/images/ui-bg_flat_75_ffffff_40x100.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
sffe /
Resource Hash
0fc87114ecf1d8bdd5f75fd6a3cff45db5782d41249cd7af503bfd54a106a8bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 13:43:48 GMT
x-content-type-options
nosniff
age
258045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 13:43:48 GMT
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=600004306&v=1.1&a=21321196&rcu=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&pu=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t=Malware+spotted+on+Barracuda+email+gateways+-+Security+-+iTnews&cts=1690809873748&vi=e69ab0f5c84d31af5ba4245b7ee3d0d0&nc=true&u=119052758.e69ab0f5c84d31af5ba4245b7ee3d0d0.1690809873746.1690809873746.1690809873746.1&b=119052758.1.1690809873746&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
bce162a2-5dd0-4bef-8b8a-d595baff2c08
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bce162a2-5dd0-4bef-8b8a-d595baff2c08
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VkIi0uHurT%2FKq7QZkjjFxQjHyF9ypRVKUqGd9o8LYqlDggXngPGWSYv0g0YN%2FAvaxWaSv6r4QgSEVOTuQMMJKzZDyggMNuyawegYR%2Fc83JWT5EUNdAsHQRXgw3ck41HjdeB"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-5f6448c676-skh97
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7ef629925fbeab01-SYD
x-robots-tag
none
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307260102&st=env
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
56a0c18c61391c5905a4f9c9e932a90f8be4aa2f48bb268ce87225bd486a2953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11698
x-xss-protection
0
iframerpc
accounts.google.com/o/oauth2/ Frame 283C
49 B
373 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.m9UG_j_a8uA.es5.O/d=1/rs=AOaEmlHkCkTHfBLZLrVLohtRvjCt0nT36A/m=base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f84.1e100.net
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PfhoSR0gEo54YSfvze23xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
script-src 'report-sample' 'nonce-PfhoSR0gEo54YSfvze23xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
x-content-type-options
nosniff
date
Mon, 31 Jul 2023 13:23:43 GMT
content-encoding
gzip
age
50
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 31 Jul 2023 14:23:43 GMT
/
www.facebook.com/tr/
0
54 B
Image
General
Full URL
https://www.facebook.com/tr/?id=991594294528179&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&rl=&if=false&ts=1690809873764&cd[content_category]=Technology%20%3E%20Security&cd[content_name]=Malware%20spotted%20on%20Barracuda%20email%20gateways&cd[content_ids]=598623&sw=1600&sh=1200&v=2.9.119&r=stable&ec=2&o=30&fbp=fb.2.1690809870155.699122907&it=1690809866836&coo=false&exp=a0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 13:24:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=470261513615109&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&rl=&if=false&ts=1690809873765&cd[content_category]=Technology%20%3E%20Security&cd[content_name]=Malware%20spotted%20on%20Barracuda%20email%20gateways&cd[content_ids]=598623&sw=1600&sh=1200&ud[external_id]=e69ab0f5c84d31af5ba4245b7ee3d0d0&v=2.9.119&r=stable&ec=3&o=30&fbp=fb.2.1690809870155.699122907&it=1690809866836&coo=false&exp=a0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 13:24:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=586918102853434&ev=ViewContent&dl=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&rl=&if=false&ts=1690809873766&cd[content_category]=Technology%20%3E%20Security&cd[content_name]=Malware%20spotted%20on%20Barracuda%20email%20gateways&cd[content_ids]=598623&sw=1600&sh=1200&v=2.9.119&r=stable&ec=2&o=30&fbp=fb.2.1690809870155.699122907&it=1690809866836&coo=false&exp=a0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 31 Jul 2023 13:24:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
TPGT0087_728x90_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/ Frame 877C
21 KB
21 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/TPGT0087_728x90_atlas_NP_1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
sffe /
Resource Hash
8a0132519d5857755716eb1a8576c4e44c393c69dc60e12e6f55246b63fa8a41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17980712809989200267/TPGT0087_728x90/TPGT0087_728x90.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 00:23:59 GMT
x-content-type-options
nosniff
age
306035
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21815
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 04:26:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jul 2024 00:23:59 GMT
/
glitter.services.disqus.com/urls/ Frame FC39
1 KB
995 B
Script
General
Full URL
https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=itnewsnext&thread_id=9794445677&referer=&tc=
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
ea503d04b28641c8595dcfec487c7fcbf72ff3361b399e5a2ed6c6e8515fc02a
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
X-Frame-Options
DENY
Vary
Accept-Encoding, Cookie
Content-Type
application/javascript
transfer-encoding
chunked
Cache-Control
no-cache
X-Service
glitter
Content-Disposition
attachment; filename=f.txt
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jul 2023 13:24:34 GMT
event.gif
referrer.disqus.com/juggler/ Frame FC39
43 B
339 B
Image
General
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=4223&event=init_embed&thread=9794445677&forum=itnewsnext&forum_id=2865237&imp=mmj05dqhvv6t&prev_imp&thread_slug=malware_spotted_on_barracuda_email_gateways&user_type=anon&referrer=https%3A%2F%2Fwww.itnews.com.au%2F&theme=next&dnt=0&tracking_enabled=1&experiment=prebidbidisrequired_hidden&variant=active&service=dynamic&promoted_enabled=false&max_enabled=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:34 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EB04
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
20354
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 07:45:20 GMT
expires
Tue, 30 Jul 2024 07:45:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2A21
783 B
954 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f105.1e100.net
Software
GSE /
Resource Hash
d2a2f7754a3c4f5d6259f4b87402c17977d18f192ae2f89488b50cea2e9048f4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YbDM0jbRwp7ME6ag2FJYyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itnews.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-YbDM0jbRwp7ME6ag2FJYyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 13:24:34 GMT
expires
Mon, 31 Jul 2023 13:24:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 2A21
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307260102&jk=510029157412000&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame EB04
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 04:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
31315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Jul 2024 04:42:39 GMT
generate_204
tpc.googlesyndication.com/ Frame EB04
0
42 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?w1xo6Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55BB
0
56 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7322855175984&version=m202306200101&ct=76&x=1&cor=2283257338822901000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pippio.com/api/ Frame 8D42
3 KB
3 KB
Document
General
Full URL
https://pippio.com/api/sync?pid=1391&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&it=1&iv=cmmj08r3h9besr
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3575d190f0a32a46b5e3044557b7341979546b00dff49fc220d7bf03cccf917c

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store
content-type
text/html
date
Mon, 31 Jul 2023 13:24:34 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
timing-allow-origin
*
via
1.1 google
pixel.html
live.rezync.com/ Frame E704
743 B
1 KB
Document
General
Full URL
https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=cmmj08r3h9besr&pctry=US&referrer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cache_buster=0.261876045471
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.3202c242c010134b5e230e1eedac257a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-59.sin2.r.cloudfront.net
Software
lighttpd/1.4.69 /
Resource Hash
792aa0d6b1cd17747edd939602234dcdcbe4fa0562418f5d0cba04f4c220ba4d

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
743
content-type
text/html; charset=utf-8
date
Mon, 31 Jul 2023 13:24:35 GMT
server
lighttpd/1.4.69
vary
Cookie
via
1.1 b238fef36fc101d581d2aebbbc69d9a6.cloudfront.net (CloudFront)
x-amz-cf-id
nHaSCwKjr2AbQACEpveM7QXX_npMTM4IzSbQPDSMjGBc-VOiBJrNPg==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
db_sync
px.ads.linkedin.com/ Frame FC39
Redirect Chain
  • https://io.narrative.io/?companyId=1952&id=disqus_id%3Acmmj08r3h9besr&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D0.83643273779
  • https://io.narrative.io/?io.narrative.guid.v2=97992711-2fa5-11ee-8fae-028fdbeaaa16&companyId=1952&id=disqus_id%3Acmmj08r3h9besr&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid...
  • https://px.ads.linkedin.com/db_sync?pid=16223&puuid=97992711-2fa5-11ee-8fae-028fdbeaaa16&rand=0.83643273779
0
145 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=16223&puuid=97992711-2fa5-11ee-8fae-028fdbeaaa16&rand=0.83643273779
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:35 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 44E5FDB841E748B995AC33F71C7738D8 Ref B: SYD03EDGE0916 Ref C: 2023-07-31T13:24:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYByFoJBUKKKMXMQ7EARQ==

Redirect headers

Location
https://px.ads.linkedin.com/db_sync?pid=16223&puuid=97992711-2fa5-11ee-8fae-028fdbeaaa16&rand=0.83643273779
Date
Mon, 31 Jul 2023 13:24:35 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
/
io.narrative.io/ Frame FC39
Redirect Chain
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Acmmj08r3h9besr&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
  • https://io.narrative.io/?io.narrative.guid.v2=97992710-2fa5-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Acmmj08r3h9besr&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-...
35 B
207 B
Image
General
Full URL
https://io.narrative.io/?io.narrative.guid.v2=97992710-2fa5-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Acmmj08r3h9besr&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Server
3.1.175.102 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-175-102.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:35 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=97992710-2fa5-11ee-9c84-0a2d04f6ac5a&companyId=19&id=disqus_id%3Acmmj08r3h9besr&ret=img&ref=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623
Date
Mon, 31 Jul 2023 13:24:35 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
ca.png
s.cpx.to/ Frame FC39
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D12037%26url%3Dhttp%253A%252F%252Fwww.itnews.com.au%252Fnews%252Fmalware-spotted-on-barracuda-email-gateways-598623%26adn...
  • https://s.cpx.to/ca.png?ref=&pid=12037&url=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&adnxs_uid=7041439781579444570
95 B
653 B
Image
General
Full URL
https://s.cpx.to/ca.png?ref=&pid=12037&url=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&adnxs_uid=7041439781579444570
Protocol
HTTP/1.1
Server
52.16.234.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=itnewsnext&t_i=598623&t_u=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&t_e=Malware%20spotted%20on%20Barracuda%20email%20gateways&t_d=%0A%20%20%20%20%20%20%20%20Malware%20spotted%20on%20Barracuda%20email%20gateways&t_t=Malware%20spotted%20on%20Barracuda%20email%20gateways&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 31 Jul 2023 13:24:36 GMT
p3p
CP="NOI DEV ADM"
Content-Type
image/png
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95
expires
Mon, 31 Jul 2023 13:24:36 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:34 GMT
an-x-request-uuid
42353685-cf19-4b76-a351-5cf0ca031be4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.cpx.to/ca.png?ref=&pid=12037&url=http%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&adnxs_uid=7041439781579444570
x-proxy-origin
66.203.112.166; 66.203.112.166; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
NRJS-f9c84fb83b4044fea1f
bam.nr-data.net/1/
56 B
627 B
Script
General
Full URL
https://bam.nr-data.net/1/NRJS-f9c84fb83b4044fea1f?a=1234363995&v=1216.487a282&to=ZlUHY0ZRV0ZVUhdbXV8fJGRkH1dQQ0JMU0BFWQZbUR5YRkRJ&rst=12530&ck=1&ref=https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623&ap=12&be=617&fe=11450&dc=1770&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1690809862274,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:203,%22c%22:203,%22s%22:298,%22ce%22:401,%22rq%22:401,%22rp%22:519,%22rpe%22:802,%22dl%22:522,%22di%22:1769,%22ds%22:1769,%22de%22:1780,%22dc%22:11449,%22l%22:11450,%22le%22:11480%7D,%22navigation%22:%7B%7D%7D&fp=1413&fcp=1413&jsonp=NREUM.setToken
Requested by
Host: www.itnews.com.au
URL: https://www.itnews.com.au/news/malware-spotted-on-barracuda-email-gateways-598623
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 13:24:35 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
7ef629975e88a965-SYD
dianomi-max-200x38.png
www.dianomi.com/img/ Frame 7BB6
1 KB
1 KB
Image
General
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:34 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2423837
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62995eea0a817-SYD
expires
Wed, 30 Aug 2023 23:24:34 GMT
X1IJY0gRMT4YQfm6aScrUQAAAAY.png
www.dianomi.com/img/uploads/ Frame 7BB6
5 KB
5 KB
Image
General
Full URL
https://www.dianomi.com/img/uploads/X1IJY0gRMT4YQfm6aScrUQAAAAY.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8598fde7fabef054baf14a945a347c1f2311e8b5145199aeed5725e842d48ec5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:34 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1779572
cf-polished
origFmt=png, origSize=23215
content-disposition
inline; filename="X1IJY0gRMT4YQfm6aScrUQAAAAY.webp"
content-length
4784
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 04 Sep 2020 09:31:16 GMT
server
cloudflare
etag
"5aaf-5ae7987ca2100"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef62995feaea817-SYD
expires
Wed, 30 Aug 2023 23:24:34 GMT
truncated
/ Frame 7BB6
194 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
610a27fa1d1948e2995168f02b2db335efa782172fe160535ce12823820e8eb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
play_200px.png
www.dianomi.com/videofeed/icons/ Frame 7BB6
8 KB
8 KB
Image
General
Full URL
https://www.dianomi.com/videofeed/icons/play_200px.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe91869eab90bb6c349d076d3d9acafbc1cdd644fc8494abda2667f1590fcbe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:34 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1435
cf-polished
origSize=13554, status=vary_header_present
content-length
8404
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 22 Oct 2020 08:10:13 GMT
server
cloudflare
etag
"34f2-5b23dfe50a340"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef629960eb5a817-SYD
expires
Mon, 31 Jul 2023 17:24:34 GMT
learn_more_200px.png
www.dianomi.com/videofeed/icons/ Frame 7BB6
7 KB
7 KB
Image
General
Full URL
https://www.dianomi.com/videofeed/icons/learn_more_200px.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd8736900c611a7514a3ae94e9432479c0d7852689fcd104695bdddd8a2f57e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:34 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1435
cf-polished
origSize=11011, status=vary_header_present
content-length
7082
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 22 Oct 2020 08:10:13 GMT
server
cloudflare
etag
"2b03-5b23dfe50a340"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef629960eb6a817-SYD
expires
Mon, 31 Jul 2023 17:24:34 GMT
x50.png
www.dianomi.com/img/a/sav2/299346/3/ Frame 7BB6
4 KB
4 KB
Image
General
Full URL
https://www.dianomi.com/img/a/sav2/299346/3/x50.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58b3387ba5418fe5025558a166d2616a5968b65bbb061dcd6b236eb8b98b2d7b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:34 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
916028
cf-polished
origFmt=png, origSize=6736
content-disposition
inline; filename="x50.webp"
content-length
4142
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Jul 2023 02:45:44 GMT
server
cloudflare
etag
"1a50-6005554253280"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ef629960eb8a817-SYD
expires
Wed, 30 Aug 2023 23:24:34 GMT
thumbnail.mp4
videodelivery.net/8884a83d47ff48b0b452caae408c232e/thumbnails/ Frame 7BB6
1 MB
1 MB
Media
General
Full URL
https://videodelivery.net/8884a83d47ff48b0b452caae408c232e/thumbnails/thumbnail.mp4?duration=120s&audio=1&width=650&fit=fill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.201.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4968670269e864e85789cf9a0b5bbf7c4f6965c12e518655f4c3da04b96d1d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 31 Jul 2023 13:24:35 GMT
strict-transport-security
max-age=15552000
cf-cache-status
HIT
age
5572
Content-Range
bytes 0-1281686/1281687
stream-dw-version
2023.7.12
Content-Length
1281687
core-cache-status
HIT
last-modified
Mon, 31 Jul 2023 10:44:33 GMT
server
cloudflare
vary
origin, referer, Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=864000
access-control-expose-header
cf-ray
cf-ray
7ef629993b89a93e-SYD
access-control-allow-headers
range
served-in-seconds
0.004
time.json
ljsp.lwcdn.com/web/public/countdown/ Frame 7BB6
27 B
564 B
Fetch
General
Full URL
https://ljsp.lwcdn.com/web/public/countdown/time.json
Requested by
Host: cdn.flowplayer.com
URL: https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-64.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
b8e0838215f4f4b54c0a3ce7f55bc9631a53040bbca825af22d00cef55713c8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
via
1.1 4aed579d267267dd8aac916efed7b06e.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG62-C2
age
1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
27
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
nginx
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
s-maxage=5, max-age=5
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,x-flowplayer-api-key
x-amz-cf-id
k8I_rBjfzr4lTYFoB6yJ8JOFWC-NZEighCxFJkZT5a7phNJStPBJww==
smartads_video_a.pl
www.dianomi.com/cgi-bin/ Frame 7BB6
0
308 B
XHR
General
Full URL
https://www.dianomi.com/cgi-bin/smartads_video_a.pl?s=ZMe2EAiZjDDKu9F2jX9EvwAAAAc
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:35 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ef629975aa4a864-SYD
content-length
0
x-xss-protection
1; mode=block
expires
now
396846.gif
idsync.rlcdn.com/ Frame 8D42
Redirect Chain
  • https://idsync.rlcdn.com/462246.gif?partner_uid=cmmj08r3h9besr
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=23d1ef88-f493-440c-8417-5f7866d3ae79
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=23d1ef88-f493-440c-8417-5f7866d3ae79
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:36 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 31 Jul 2023 13:24:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=23d1ef88-f493-440c-8417-5f7866d3ae79
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
362358.gif
idsync.rlcdn.com/ Frame 8D42
Redirect Chain
  • https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=1017&cparams=placement%3D1391
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGclkWEBuJJpp44lEVrKWo4&google_cver=1
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGclkWEBuJJpp44lEVrKWo4&google_cver=1
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:35 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGclkWEBuJJpp44lEVrKWo4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveramp.com
pippio.com/api/ Frame 8D42
108 B
108 B
Image
General
Full URL
https://pippio.com/api/liveramp.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
212a2d2e355cec068c4c4f041281aa42b663d3defcb647b11974f362712159fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:35 GMT
cache-control
private, no-store
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307260102&jk=510029157412000&bg=!DA-lD1vNAAZGOVy5Zjk7ADkAdvg8WuQXWsNpoQT9tfb9xEQ7jT8GrIdMTbPyA_Jo7JRCRSTT73UJXdidX9Itv5aTGzagokJxtkgCAAAAelIAAAAGaAEHCgC1b4hPxB63KDp5-0oMzW-VuFW4iR8KnmGvQWBiAq3W9LSnaGgFb1FzExS8RRd1vIVveAkBIVMOANImZm3um0o36EQSvlwbTGXUqJncaCBhe6hvTpOP0I4CPcnvxeqMV6zvlI6Qonbfm5bKb9nFaTrVmuPKcOXrZIboAcuzffYRxN2wO9N9u04eyMSdXOso9fqOaiD8_I9JO_iYNhh9GEfo_e4JAu_8iBGDUY5_0qQEdRFsdr3sxpkCsTAfBugJnKzwW_MO13VCqNbIZ7N7zyAh0yRB5IpiHJlsTKpCRup9GveJpQ-PO2iJwGrMKNPu7MUg7ggobtM6UvvLqdlgIeTc1D1YHErXiMzr5ahSYxH3qOjPtgN7E_PO8C3DWDmno6imH_uAUjcfjnGqeP0Dnr7ACV2yHtyrdvXs-IC9rEtyCv9WEK1ZkeYh9qPGRzk2GcK9p6WWl0dBueFimcGWCgfkJ7OOVG4dYF448VgT0ymA0x-RCRQ7-7GmuMs3uXb322UVkcxAupDzxARmtx3-ATnVMXwYrKPfOj9Xszpz-HApe3rpWYFNIfHpfWX0z6mkgdobXa8rFbcrW9TcE2DcyGEU34EuoEjPNCvAzDZOh7msn0oKzul73E5M5h7GG_c-sCtyCP_2rXjar4tU2f6HnbhJZLZfILhltt23kB2w0Z1OMhAXBBW_QzV4TgpTbe6Q-BQJEe5UgN7F0snNs7qmEQgDfXtI3QCUKWPPaXzqKArnJ607bZUjVmJiJ6DXM9xngYHTYg7k5zkp1X_E7-Sx4gBmTdPUnO9qg8F8j5IuatkCyTvNLS4on_ZYgsKhy1D7dKQGVT9nmw8MRyNaAsI0oZ3Gy-x6UqgPTC7_avSAkLZpUXi6CJ8bg5PaBxOAMcjtBfzIi96yOvjLD455wAJ2wtubL3vwlxXOcLyPMQ2ctfMvA_hpKhbTb8r2H_yP05fgwE2wvnpnX6kkAn0YsOoQn_GhqqFhk2GJTvwncVqqWWDyQHTElh8eaRrX9iUr-ABnYiSr27G3OcqrkxN-Has9L3CQu8krSFe6AWfmhuIPbde7X45TQcMK8eyQyN-CAH4MFE7JWKJ0QQPnj1BxxunMhLzyYBRvRDYmsruJ5_twrjnuhvSzRqP1BsIlZEN_jq2Q0PZgTOvTLbJGesp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.itnews.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

getuid
ib.adnxs.com/ Frame E704
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID%26cache_buster%3D1690809875.3563292
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=7041439781579444570&cache_buster=1690809875.3563292
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=c142caab-2e6a-41e8-a108-9b89e0e476b7%3A1690809875.356044&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dcmmj08r3h9besr%26_%3D1690809875....
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1992631740439049709&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dcmmj08r3h9besr%26_%3D...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=cmmj08r3h9besr&_=1690809875.9601665
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
0
0

501709.gif
idsync.rlcdn.com/ Frame E704
Redirect Chain
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=c142caab-2e6a-41e8-a108-9b89e0e476b7%3A1690809875.356044&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1975180292776154704&referrer={encSite}&forward=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3...
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1975180292776154704
  • https://idsync.rlcdn.com/501709.gif?partner_uid=cmmj08r3h9besr&_=1690809877.2851524
0
0

receive
pixel.tapad.com/idsync/ex/ Frame E704
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=c142caab-2e6a-41e8-a108-9b89e0e476b7%3A1690809875.356044
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3181&partner_device_id=c142caab-2e6a-41e8-a108-9b89e0e476b7%3A1690809875.356044
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4954c1c3-9c9f-44a7-b0ca-bb1b1178f5f7%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d0cf414-2ced-4741-b71b-743c460b82a3&ttd_puid=4954c1c3-9c9f-44a7-b0ca-bb1b1178f5f7%2C%2C
95 B
123 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d0cf414-2ced-4741-b71b-743c460b82a3&ttd_puid=4954c1c3-9c9f-44a7-b0ca-bb1b1178f5f7%2C%2C
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=cmmj08r3h9besr&pctry=US&referrer=https%3A%2F%2Fwww.itnews.com.au%2Fnews%2Fmalware-spotted-on-barracuda-email-gateways-598623&cache_buster=0.261876045471
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 13:24:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:36 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d0cf414-2ced-4741-b71b-743c460b82a3&ttd_puid=4954c1c3-9c9f-44a7-b0ca-bb1b1178f5f7%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
in
pmi.flowplayer.com/ Frame 7BB6
0
0
Fetch
General
Full URL
https://pmi.flowplayer.com/in
Requested by
Host: cdn.flowplayer.com
URL: https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.108.185 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 31 Jul 2023 13:24:36 GMT
server
Jetty(9.4.28.v20200408)
access-control-allow-methods
POST
truncated
/ Frame 7BB6
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bec348a0226f19f54fe5142f60c053babfe1e9fce5ba8953e60828bd051785d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
ihi.flowplayer.com/v1/health/ Frame 7BB6
0
176 B
Ping
General
Full URL
https://ihi.flowplayer.com/v1/health/events
Requested by
Host: cdn.flowplayer.com
URL: https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.221.154 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
date
Mon, 31 Jul 2023 13:24:37 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
smartads_video_a.pl
www.dianomi.com/cgi-bin/ Frame 7BB6
0
65 B
XHR
General
Full URL
https://www.dianomi.com/cgi-bin/smartads_video_a.pl?p=ZMe2EAiZjDDKu9F2jX9EvwAAAAc&t=1.007019&d=26.325
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20230720133923646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 13:24:36 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ef629a178bba864-SYD
content-length
0
x-xss-protection
1; mode=block
expires
now
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8A97
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEKVyqQWxibzD-G3aMMVmBac&google_cver=1&google_push=AaAOQGFbj6n7KBfd6I8IlWiXRGs714FR8quj3lZHQ2qxfwIvZBsBj_zOhzsdQFh-ymUAbB5sirDsAJGjobkZuQsmJBfL_1JfUqDfAAyS-b_c6ykEwkZyPlyTrByKJWcGMXHWciqdqNzRa_IzUjDri7idVcM
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/501709.gif?partner_uid=cmmj08r3h9besr&_=1690809877.2851524
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fserver.prebid.dianomi.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D

Verdicts & Comments Add Verdict or Comment

263 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| NREUM object| newrelic function| __nr_require object| dataLayer number| ord function| $ function| jQuery object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id object| GooglebQhCsO function| hj object| _hjSettings function| fbq function| _fbq function| $JssorObject$ function| $JssorAnimator$ function| $JssorPlayerClass$ object| $JssorDebug$ object| $JssorEasing$ object| $JssorDirection$ object| $JssorKeyCode$ object| $Jssor$ function| $JssorCaptionSliderBase$ object| $JssorSlideshowFormations$ function| $JssorSlideshowRunner$ function| $JssorSlider$ function| $JssorSlideo$ function| $JssorCaptionSlider$ function| $JssorCaptionSlideo$ object| $JssorNavigatorEvents$ function| $JssorBulletNavigator$ function| $JssorArrowNavigator$ function| $JssorThumbnailNavigator$ function| getParameterByName string| disqus_shortname undefined| disqus_developer number| disqus_identifier string| disqus_title string| disqus_url function| disqus_config function| RegisterNewsletterAjaxSignupEventHandler function| LoadTooltips function| makeWYSIWYG function| pushWYSIWYG function| ResizeIFrame function| ResizeIFrameHelper function| PushAds function| LoadAds function| RecenterModals function| ResizeInterstitial function| Resize function| toggleMenuIcon function| startCountDown function| setShareBoxStickyLimits function| AdBlockEnabled string| _searchUrl string| _registrationUrl string| _statesUrl string| _pollAjaxUrl string| _moreUrl string| _latestCommentsUrl boolean| _skinPushed boolean| _interstitialPushed string| _moreTagUrl object| gptAdSlots string| _orientation boolean| _hasResize undefined| _resizeEvent boolean| _isMobile boolean| _leaderMoved number| _skinWidthThreshold number| _shareBoxStickerMax boolean| _showAds number| _initialInterstitialWidth undefined| _interstitialAspectRatio boolean| _doneInitialPass string| _loginUrl undefined| _username undefined| _password undefined| _rememberMe undefined| _loginValidation undefined| _loginResponse object| html5 object| Modernizr object| Foundation object| googletag object| jQuery111205701346423537796 object| $leader string| GoogleAnalyticsObject function| ga object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| _hsp function| lintrk boolean| _already_called_lintrk object| DISQUSWIDGETS undefined| disqus_domain object| ggeac object| google_js_reporting_queue object| DISQUS function| disqus_recommendations_config function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData boolean| _hspb_loaded boolean| _hspb_ran boolean| PIXELS_RAN object| enabledEventSettings object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded object| DISQUS_RECOMMENDATIONS undefined| google_measure_js_timing number| google_unique_id function| setImmediate function| clearImmediate function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| teadsscript object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| teads boolean| _hstc_ran string| __hsUserToken number| expireDateTime string| categoryValue string| subCategoryValue object| GoogleGcLKhOms object| google_image_requests

89 Cookies

Domain/Path Name / Value
www.itnews.com.au/ Name: RegoSource
Value: ITN_598623_ArticleRego
.itnews.com.au/ Name: _gcl_au
Value: 1.1.756065001.1690809864
.itnews.com.au/ Name: _ga_VF4SSPXWVE
Value: GS1.1.1690809866.1.0.1690809866.60.0.0
.dianomi.com/ Name: session
Value: 133263db758adfa14e4d3c0fb70e61b8
.itnews.com.au/ Name: _ga
Value: GA1.3.999544961.1690809867
.itnews.com.au/ Name: _gid
Value: GA1.3.1099266448.1690809867
.itnews.com.au/ Name: _gat_UA-102830131-1
Value: 1
.doubleclick.net/ Name: APC
Value: Aa3gxNosdUjTIKVtc7Sf8sOYdn1x-VU3NiTiwKDQZS7tepYJM4bzuw
.doubleclick.net/ Name: IDE
Value: AHWqTUk7Ll0qusgB2htslqHutWIhnKwWRPCm4EVSGZq2Fzc2TuPvisUg5thFGU8VBYM
.itnews.com.au/ Name: _hjSessionUser_2321248
Value: eyJpZCI6IjgyNjRlZTVmLTkxZWUtNWY4Ny04ZmM4LTc1MTM3OTYyMWFhYSIsImNyZWF0ZWQiOjE2OTA4MDk4NjczNzQsImV4aXN0aW5nIjpmYWxzZX0=
.itnews.com.au/ Name: _hjFirstSeen
Value: 1
.itnews.com.au/ Name: _hjIncludedInSessionSample_2321248
Value: 0
.itnews.com.au/ Name: _hjSession_2321248
Value: eyJpZCI6IjJmMTU2MGE1LTYzZTQtNDU5ZC1iZmJhLWI1NWIyYmMxNGZlZiIsImNyZWF0ZWQiOjE2OTA4MDk4NjczODIsImluU2FtcGxlIjpmYWxzZX0=
.itnews.com.au/ Name: _hjAbsoluteSessionInProgress
Value: 0
www.itnews.com.au/ Name: ln_or
Value: eyIxNTAzNzk2IjoiZCJ9
.linkedin.com/ Name: li_sugr
Value: 7b0d2ef9-6e72-4e45-9126-424d45bf44f8
.linkedin.com/ Name: bcookie
Value: "v=2&950b3d76-fe5d-47be-87fe-7551067940f7"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2637:u=1:x=1:i=1690809867:t=1690896267:v=2:sig=AQFpmafr7J86MgCNmrXaMyMGc_d_rkcY"
.linkedin.com/ Name: UserMatchHistory
Value: AQI7a5IViHniFgAAAYmsHx_s_GPGyyVtjeIY52msDouosl-_K5Lh4tOn31A_pBDWXqI3Pkuqg9t__Q
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLN00Sx-009XwAAAYmsHx_sEEjfgfOPKhWLxXIbcOF3ZOoAfNKD5pwJHNAmFbKPhjNT3YlKopcUwvVGK_u8mQ
.pippio.com/ Name: did
Value: HlJqMgvhhDLJqGIP
.pippio.com/ Name: didts
Value: 1690809868
.pippio.com/ Name: nnls
Value:
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230731132428df9580c8-0ab6-4878-878d-7a202199e026AQGvp0z7y2ggNGA-ZkkERvurjCc84lQx"
.itnews.com.au/ Name: lotame_domain_check
Value: itnews.com.au
.itnews.com.au/ Name: __gads
Value: ID=199d0a603f280821:T=1690809868:RT=1690809868:S=ALNI_Mbi0rA0x6cbr2i-iZoRXjMtX69OGw
.itnews.com.au/ Name: __gpi
Value: UID=00000c25b2f4fd51:T=1690809868:RT=1690809868:S=ALNI_Mb3Osh7XSgHc1fWqb2ztY2oBkUkPg
.linksynergy.com/ Name: rmuid
Value: cf6ffa98-c104-4d40-a1c2-531c792f9bb0
.linksynergy.com/ Name: icts
Value: 2023-07-31T13:24:29Z
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 86934ce9f1221529d95c3b7e351eab26
.itnews.com.au/ Name: _cc_id
Value: 86934ce9f1221529d95c3b7e351eab26
.itnews.com.au/ Name: panoramaId_expiry
Value: 1691414669338
.itnews.com.au/ Name: panoramaId
Value: 803d0a6cd348b7a030943905a42716d539383d57f77ca3319f8ea0feabfde954
.itnews.com.au/ Name: panoramaIdType
Value: panoIndiv
.rubiconproject.com/ Name: khaos
Value: LKQWJGWY-1K-JFZ
.bidswitch.net/ Name: tuuid
Value: 1957d4be-979e-452a-ae57-d6fe2044618e
.bidswitch.net/ Name: c
Value: 1690809869
.bidswitch.net/ Name: tuuid_lu
Value: 1690809869
.adsrvr.org/ Name: TDID
Value: 4d0cf414-2ced-4741-b71b-743c460b82a3
.dianomi.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJncmlkIjp7InVpZCI6IjE5NTdkNGJlLTk3OWUtNDUyYS1hZTU3LWQ2ZmUyMDQ0NjE4ZSIsImV4cGlyZXMiOiIyMDIzLTA4LTE0VDEzOjI0OjMwLjA0MTIwMzI2OFoifSwicnViaWNvbiI6eyJ1aWQiOiJMS1FXSkdDUS1aLUlKWDQiLCJleHBpcmVzIjoiMjAyMy0wOC0xNFQxMzoyNDoyOS4yNDIyNDkxODRaIn19LCJiZGF5IjoiMjAyMy0wNy0zMVQxMzoyNDoyOS4yNDIyMzcxODRaIn0=
.itnews.com.au/ Name: _fbp
Value: fb.2.1690809870155.699122907
.disqus.com/ Name: disqus_unique
Value: mmj08r3h9besr
.casalemedia.com/ Name: CMPS
Value: 4748
.casalemedia.com/ Name: CMPRO
Value: 4748
disqus.com/ Name: __jid
Value: mmijp0fhi51m
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIlsfAkvD0iDwQBRgFIAIoAjILCJKb4LmG9Yg8EAU4AQ..
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%yesnP9!]tbPl1M>e)ZlrFUfJ+tGXxo<LuSI39v52wc4Z$l?16'o^.*[O]%KV6L0Amh*bpRz*qF1`*b`>p*5x9V
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: 2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34
.prebid.a-mo.net/ Name: sd_amuid2
Value: 2e3d02b2-dfd9-4af1-88b2-5f1ba1a61c34
.casalemedia.com/ Name: CMID
Value: ZMe2DpEzLhZgPK4TL0aaxAAA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ctnsnet.com/ Name: cid_a4bd19cefc32464d8d9c9604d5bd1930
Value: 1
.ctnsnet.com/ Name: gid_CAESEPICd0AryFz0nJPj3J31M2o
Value: 1
.adnxs.com/ Name: uuid2
Value: 7041439781579444570
.dianomi.com/ Name: session2
Value: B=&BUID=&L=1&N=1&NT=&R=1690809870&RUID=LKQWJGWY-1K-JFZ
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.turn.com/ Name: uid
Value: 9179451390399778671
.yahoo.com/ Name: A3
Value: d=AQABBA-2x2QCELDddM5wOi8JDuk4jLQMWNgFEgEBAQEHyWTRZAAAAAAA_eMAAA&S=AQAAAspsqZHa8S2gB_-80c_fbmI
.teads.tv/ Name: tt_viewer
Value: 55be3b8d-6f88-48f8-b5d8-e141dce9f228
.amazon-adsystem.com/ Name: ad-id
Value: A93NfcoEVEyLrY5Fe6zdRyI
.rubiconproject.com/ Name: audit
Value: 1|f69PWx6S8cEZZO48WGYHnKidvSVHq3nkB9xLZXowTDr6DZ3dTM5nwTUyUwXlsE/jJcHjRGGt3RQiZ07GJqnMnot63tN3ThSPmw99prDpy4E=
.inmobi.com/ Name: idsp_c
Value: fd66ad26-cb8b-4e4b-9f12-0e1411df0b1a
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1691971200%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: AC937C58-0073-4096-9DF2-28AE4780735D
.pubmatic.com/ Name: pi
Value: 158355:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.itnews.com.au/ Name: __hstc
Value: 119052758.e69ab0f5c84d31af5ba4245b7ee3d0d0.1690809873746.1690809873746.1690809873746.1
.itnews.com.au/ Name: hubspotutk
Value: e69ab0f5c84d31af5ba4245b7ee3d0d0
.itnews.com.au/ Name: __hssrc
Value: 1
.itnews.com.au/ Name: __hssc
Value: 119052758.1.1690809873746
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.hubspot.com/ Name: __cf_bm
Value: VpOfWwqFgAa4FsHeq3u4dgJ_eTCBGOHY5hmg8JWTujo-1690809874-0-ATlSOQzDJkgMrk7NFEWPgRKKqpnKv3xxsksfmsSWRicWQb7c0vOVyAYdx4gVYTFi37vy4ZF1d8Q7xXSkjDVYY0E=
.lijit.com/ Name: ljt_reader
Value: HEqELLZHQj0kf6KwScumxPZj
.pippio.com/ Name: pxrc
Value: CIzsnqYGEgQIAhAAEgUIlCkQBhIFCNVDEAYSBQjeThAGEgYI7OsBEAA=
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: dff2aa1c1c98f338
.rlcdn.com/ Name: rlas3
Value: UpAgjohaWuaaw5NvFuEUlzzUtk5G+xUGSUyNn9cejcM=
.rlcdn.com/ Name: pxrc
Value: CIvsnqYGEgUI6AcQABIFCOhHEAASBgi66gEQCA==
.rezync.com/ Name: zync-uuid
Value: c142caab-2e6a-41e8-a108-9b89e0e476b7:1690809875.356044
live.rezync.com/ Name: sd-session-id
Value: .eJwVyUEOgyAQQNG7zFqaQREGLmMAJylNoS2jK-Pdtbv_8g9YvtxrbNw2CFvfeYD8LrcEwgFrkd9-F-RaX0h9evrE0uEcQFikfNpS1v_WZswxJjWyjcpoJhU1kvKJPCMbZ5ML2nok9OTmxzRbNAbOC6NnJsA.ZMe2Ew.kf6YXQu91PsFMHCECMq6wB-3YVY
io.narrative.io/ Name: io.narrative.guid.v2
Value: 97992711-2fa5-11ee-8fae-028fdbeaaa16
.openx.net/ Name: i
Value: a5bbafb7-9053-4d9b-81b8-17633b6ffc5c|1690809875
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1690809875851
.tapad.com/ Name: TapAd_DID
Value: 4954c1c3-9c9f-44a7-b0ca-bb1b1178f5f7

7 Console Messages

Source Level URL
Text
security error URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=(Line 14)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.itnews.com.au').
security error URL: https://www.dianomi.com/smartads.epl?id=5141&can_serve_ads=true&can_cookie=true&gdpr_consent=(Line 17)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.itnews.com.au').
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEKVyqQWxibzD-G3aMMVmBac&google_cver=1&google_push=AaAOQGFbj6n7KBfd6I8IlWiXRGs714FR8quj3lZHQ2qxfwIvZBsBj_zOhzsdQFh-ymUAbB5sirDsAJGjobkZuQsmJBfL_1JfUqDfAAyS-b_c6ykEwkZyPlyTrByKJWcGMXHWciqdqNzRa_IzUjDri7idVcM
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pippio.com/api/liveramp.com
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-eu.amazon-adsystem.com
accounts.google.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ajax.googleapis.com
analytics.google.com
ap.lijit.com
api.hubapi.com
apis.google.com
bam.nr-data.net
bcp.crwdcntrl.net
c.disquscdn.com
cdn.ampproject.org
cdn.flowplayer.com
cdn.id5-sync.com
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
cs.chocolateplatform.com
data.dianomi.com
db5b650fed33c6378f0e14bf59524953.safeframe.googlesyndication.com
disqus.com
dsum-sec.casalemedia.com
ei.rlcdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
glitter.services.disqus.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.nextmedia.com.au
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ihi.flowplayer.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
io.narrative.io
ipac.ctnsnet.com
itnewsnext.disqus.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
live.rezync.com
ljsp.lwcdn.com
match.adsrvr.org
mweb.ck.inmobi.com
pagead2.googlesyndication.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pmi.flowplayer.com
pr-bh.ybp.yahoo.com
prebid-server-aws.dianomi.com
prebid.a-mo.net
px.ads.linkedin.com
r.turn.com
referrer.disqus.com
rtb.openx.net
s.amazon-adsystem.com
s.cpx.to
s0.2mdn.net
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.prebid.dianomi.com
snap.licdn.com
ssum.casalemedia.com
static.hotjar.com
stats.g.doubleclick.net
t.teads.tv
tags.crwdcntrl.net
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
track.hubspot.com
us-u.openx.net
videodelivery.net
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.itnews.com.au
www.linkedin.com
x.bidswitch.net
ads.pubmatic.com
cs.chocolateplatform.com
ib.adnxs.com
idsync.rlcdn.com
104.16.121.190
104.16.139.206
104.16.201.35
104.17.202.204
104.17.25.14
104.18.137.59
104.18.16.195
104.18.24.196
104.19.155.83
104.22.52.86
104.254.151.36
107.178.254.65
13.107.42.14
13.224.249.35
13.224.249.43
13.228.22.200
13.33.88.59
131.153.206.100
139.5.84.243
141.95.33.111
142.250.4.157
142.250.4.94
142.251.10.97
15.197.193.217
151.101.192.134
151.101.194.137
157.240.235.1
157.240.235.35
162.247.241.14
172.217.194.132
172.217.194.95
172.253.118.157
18.155.68.61
184.87.193.76
199.232.192.134
199.232.192.64
199.232.196.134
20.85.134.6
203.176.102.67
203.176.102.69
207.65.33.76
207.65.33.82
216.239.38.181
23.32.141.36
23.33.184.229
23.46.197.50
23.46.198.37
23.66.150.27
3.0.230.151
3.1.175.102
34.111.113.62
34.248.221.154
34.255.108.185
34.98.64.218
34.98.67.3
35.186.193.173
35.190.60.146
35.213.12.39
35.227.252.103
50.116.239.135
52.16.234.64
52.46.130.91
52.84.251.107
52.94.220.185
54.179.141.254
54.192.18.2
54.192.18.64
54.192.18.83
63.251.14.60
64.233.170.113
64.233.170.132
64.233.170.94
64.233.170.95
67.199.150.82
69.173.158.64
74.125.200.132
74.125.200.155
74.125.200.94
74.125.200.95
74.125.24.149
74.125.24.154
74.125.24.155
74.125.68.101
74.125.68.105
74.125.68.148
74.125.68.84
75.2.99.108
8.43.72.97
01e185b251db25c534a978c716ba4d81b442ff1475782acd18cfdc332d7ddd4e
024a2591127deb9b569b821da170c5b937bc471633d0f32ce534a7acef66a28b
03a27bd290072540db749ce00cb5e19f373881119b9bf4c247740125f6953e9a
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
06ce188197c1dcb511676374c58f7e43d48a23670a57b2df5273c8a64b4c4011
071a3dd61c05dcacc5d360a97e383ea8434c43670a8b71d9420db47e5f3cf081
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e00e4ee9c109fdd3c08db4702bb64ada5419c2e47fc3259903df28e22b78e97
0f4d604fe204e8c17b5ffdf044029eee5cbe2ef755af9d7a65aa3182f1d694f7
0fc87114ecf1d8bdd5f75fd6a3cff45db5782d41249cd7af503bfd54a106a8bb
0fe91869eab90bb6c349d076d3d9acafbc1cdd644fc8494abda2667f1590fcbe
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fccf7e8708b33fd569370ac537aa4fd3039bedb6efaa8343de195f42af870c
1315ccd285b096547a210a871de6ae0d83e96bb55e48e0e6d9b1bbdf914ca30e
138fcb54e22d1d45c68f04bdcf8048f3f3618938f010f1ea25444f4d9039738a
140f1fb8af2d84d9a97d2d26372392b4034929da4a8de4412caaaa5942353a75
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1936885cfdf5999015d670ea69fb44591c4eeeb333929506bef16e368a832f00
19f54abae7d5b15807a28bcabc4d23bfb84eedde9e04bbbdf8eb82834a5f1ceb
1a511566a24f533485456f1c2ed158c2bab5139c92d4d7ee76e70474e2e9c79d
1cb3cf77b239a0a241b313129c7594fa20fbdbd3764b4f174f4a0ab09c0b18ae
1fc2ea89a6c38aaf7486163e58eecfc1ddfb0f02483faa8bd872d52f9eed9c29
212a2d2e355cec068c4c4f041281aa42b663d3defcb647b11974f362712159fc
2400d3387bcafd3e275084c1f236b9101cb78514a08fd936a0e9266bb51d4d45
252037c7c756e70b49902c9f12247aa047899f522c6c0c77d012970422fbc6bf
26637af34ec0692f2b37fbb63d47f0a81ae417e4db5093a1b41913f7e9fb9adb
26aeae0a0cc21c9c8acffae51a7dbf7a7eda35891df62ef54aeb9ed47af8cd9b
26bd65c9dd2fadc88dd5544f27a8bcbca3c2aa1850eead6a38dc8212cf504fea
273068b738a5668178c25574c7c6dd4da0c34e9a21bf975f9785ee3f615cbc78
2790a4e3cf07505b8a04d30e535c033506def2e29f5f9410d3b866876138f7f1
2991fa8cfe2986011e6569a578888d8f2e901b17e1959420df70d5c07c5582db
2e40f7697b20640b631fcc4997de3bbf0841ff4ceda0ed69cf26273ee8c5cca9
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2ef602a4fb08ef42c93566e4e34dbe4f6a51a7e82feb1ecb31aadb99cfcf20b6
309e0d26a2af6e201832b611ddcad3c2d7b33a5ebc17fe4cbc8185d4251da38f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33e6197168e000ef71ef56ae5fad7bc04c9c939dc33d34136d73d31676d1d507
348575019698802bed3c19f74802f98acbe55d352c5cf08996d43af5bc6d5536
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3575d190f0a32a46b5e3044557b7341979546b00dff49fc220d7bf03cccf917c
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
363770b3b4022e82a9a7208139456e57a888c78936e6d21da9985a82a0bf61ad
3680185d688777bcfa7bb43dce7cfa2fe08c7802602a9a80f193458e751dc1b3
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
373641a2474db13af0ccfc18f26e97946a616c1c127f672e43912c0af6228b2e
3c27abdcf0237d7192356b65997d97fd5b102087afdc0349da00f215290f7e63
3d571177207c9d4ee8b7c3ceb4175fde4782fbbdd45248622be5f877cf73f2e9
3d663cbcc6f9ee7c9c30ba14c142382b7da8261e7d56b0e04b9a720768c6cd30
3e4bcb42c8efa4eb72cfceb9905ac167d9e4b3bbc65f4d59c6103cc3f83ef128
3e4fbfda0264da109fb7eb8279aee7d3186effc839b0371e21bdb764e8da3e73
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fc37ac397712865618472482c7bea91624c23c0f72177ceb74f0abf47518fef
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42a2c204c79b99077de8a8b4e111d871a810c89ca0fc8ab968175c2f1c52f9a6
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
447c44ae9488b24394843e6d134b2976abff7a1690baf2a496674d8b2f7e65fe
450162017ea4958d4312d388b7b2bec9ed508bbf786be61a5127fd3018aec878
454a61e774d469d52b1588afbb8a7fdf519afb905dc7e2df2b78a0b487d4ef00
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469fe9ab65d1b70804a7eae3590ff3ff7d488b5a4815195814376df3e6641331
46e9e4a4dcefc780ebf5d3d24bdbc96d647beb4244df31bf35f4ba77a077de06
473702059a2b0d588e26ee57e721986d483f978bd7c0efe5cd16be49500de4aa
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4852446e73df08adca2732771f6823a5db5657d72a420f0d433dd9dd9710a1a9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49a2fafd52e42a3d4191003cd5dd674dea725c31cb329f08f91ae0ab37e47d09
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4bfc84f853864a42446e366637e6a3cc7e7bc9c8563eaae40932cd7fb85b71f7
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4c99a09e4f01cab98d0e63c5efca84025dcaa98a8ad96306e8cb142ced9d723a
4ce38f40eededc2ca9720b86376fbacc0dc95b9c65b1a01323257b4f0b612b78
4d5e0849332acff7b91d64ac054f09bd1f5db75df129c800b2feb90cd2a841e7
4d9b1f2a07539b07e6f7df6bd0c65178de60c9d1a396235c225e1e24f148874b
4ed7af3aef34bc64d89b243073094e1a333ab95881e9cbed4ae400dd4fa9c80f
4f1314977484b794b14e55ddcf03fb39ca95b9c86213f1897c6a64dfffb00016
4f3825254f45cd3af8f249994cd530bae02db42a80654a9c736ab0558d9a6e8c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506a63d2af90215be21cc036bd64c9844cf225a634effe873d120772c6c3ef7b
5153c665981db6dd56da1a567ed2c4490f3c9d596697ee0e4b54eed44559a259
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
51b6929224317237d4e3c7b597a4e20c75ada03b4b2fba2598713033f657e12a
52356fa79424f57d02bf8363483b11939217d604cbd2a08ed29a06b4c1130546
52ea134848cf261f25b89a48cf302f4d97f3d69ef6db75c3648ff1ea6cd6fb3a
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a0c18c61391c5905a4f9c9e932a90f8be4aa2f48bb268ce87225bd486a2953
56d9480eeb3fc036a859b1c01b7cddfbc233a7d25cf77642cd8c32e7c942eec6
58b3387ba5418fe5025558a166d2616a5968b65bbb061dcd6b236eb8b98b2d7b
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5a7f43f60ff0f16905d5f70f7938e768457450ed8c4df04ca16aadaadf09961b
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27
610a27fa1d1948e2995168f02b2db335efa782172fe160535ce12823820e8eb7
61548ef09524a1844c526bed164fb495360ca5d5c4102eb29bbbeb3c817f1adb
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62df622306d660e66ea705c7a95e9ee01431acd24c65c7c4f721d661aff1dd43
62ec5ad67eecd3fd555fe125955e0055f796d090de26684cafe5c00ff668fc86
639b382082c552d87856ae001e41e15fd0a2c0f14fe14da03f0523fd43840bae
64a5458e13eb37d9343ed6306a0305869a6b587b152ae7f06d096e321fd3c851
6600f0dca89cd02f00d95af39a930c07af40dec1bdb7c8b84672ff66d3cdaa13
683add284044c8b01d05f02366eb61327b1b34df5ca8c5425ecf8b7741f3d0ef
6a3fa85b2d0ef49b17838d809b041ed6df15ccd0d8e3e355080c93ae7fd08eb4
6be23bbf284c6d5884a84a7ca3347075acf5c028f0cb7fcfe6a4b7354071df0a
6e6c69b1483932223d807e89cf8a70a087a524c5de06048d4678aca5671befcc
700f84e5c8ed93fdad5dfdae22c3738620c334e8e6b54a086c7da39213c88ba7
702f0230b50a8bec8b8ed4268906179470e8088079cd0cca13c5d60578fc801e
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
7212542e7967f5ef41ea6e9ae228d5dd2abf12e368c91e6b5403088646bbb0a8
7283d0d484034cdbd50ace0bc0dbf3b357b1edbe9ee5b8f4cc75079290b02541
72cfcc19216942a43a64b5a9f36c1254aa4b0fa1eb9a41d0eb58faad9b3d316a
756aaadc242f919daec07aa78070c5ac5418b3bd7547025676657817674f6cfd
7754b3b966b7772e3be8792c6dba77b4ffdac9d93019b01af14c20fbd4321b3f
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
792aa0d6b1cd17747edd939602234dcdcbe4fa0562418f5d0cba04f4c220ba4d
7a695284914af87ab17ff6436de3630cf1bb412dc1d069ab019158d322b5cb03
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c477a41c984ea9041127149772459966705113ef9cf300f69f724374fc6cd6f
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
80c585ce5507aa82336e73df5e7411b4679a7aeb600b8c137e70fa4d551cc4c2
82f4a15bfde68af3ba1ab9e557ba6b1c700d6aafe0d9e42561576366662701ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83507e066ed9b2c205d42eceeb21a08fdccd3a031c1c8a462d029873a18e5b57
8598fde7fabef054baf14a945a347c1f2311e8b5145199aeed5725e842d48ec5
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8727d9c01c8591ed8626da718e82bb55a54dc4a486a3f3f572335985f8014c0e
873393a05908a3a9edb8ae7dba2e6ab2cf902a99eb4f77428d35650ec6cd3cd0
8a0132519d5857755716eb1a8576c4e44c393c69dc60e12e6f55246b63fa8a41
8bc38f41caf8475e5c70dd384d90d20998e45b17725b2d86ebd00e76d67436a3
8bec348a0226f19f54fe5142f60c053babfe1e9fce5ba8953e60828bd051785d
8e68116bc7e240285fe9125e7d5cfe11aa818b0780b4089138145893348a4380
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
8f7f2e6e9846753468e37d570cf9ce4d674d8d301876035119573279fac1f7a6
90039b5cdac762651ef5dc26d3230b87500034670b378f55382b09537f395b4d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93b60d6713cf195efc83a8f8252f4ec716d0b7449993d64e4d4450e576b3f4d7
94896ce4389c53a0ccaddd54a349db997b1d66238b8cb2b743030d9b8725a019
94f8ef517a973d33e2bde96d6c170e86e4be553f86bb2b5a07f228efa46e1ee7
96ee574a42f0efa56b0af1506fa6121bebb61a9663f23cfd1aa692db8b2ed49a
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
97b4d3aa4022178cfff4362771fab9d523eb8614d8425c9cb4c10690802635f6
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae27b8d6ca05199eae179a1e8998c37ca9d055e8e93251ebf548c97899089ca
9c88a7ccc6c35b5083d91e28ed91de4715911c70fcedec2b68acd8b74470480e
9d1db52cabe6e826d52389582bb6a3d2a7d750518f65a64b78a8a598309903de
9da526b4a236be36da21211a1ec0513a8f2430cd6a81a4d86f6c65e649ccf9d5
9eb2455728587b53f2e2ccfa60e7c625f4c4f105e42157b1b93ebedd4be5e92e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2cd3a4648d10ee850a3dfac3f8333bf219b896d4636b98581b03ae028a2d7ba
a3d16b1b85d27a1023b45c661db7103c81076f748e5f6087fe98fae3c3d12de4
a3fb47df6fccc360f36353099993a1728c576536375a98705c5179aa1a1e191c
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a6c7ef7f77cfb90679d7e2b27c212f5452c4ec1d6f1f492b1ca7079e01f831d0
a77fc664704803c6a4f25bf8a2c58153fe83dc810f91df037ba82679dda9c330
a9521db8c41cdfe90d860c253f86f77312837187c27de15499f8bd3a8647e171
ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecbcd81ab4ba067ecfc856682cb5d34b2249db6564ae0e4f3f23422b734dc31
af0d73c6aa0094b56a7b2e7fc9014047a15c9ef3aa9403a6e7a7ecf919a9a282
afd8736900c611a7514a3ae94e9432479c0d7852689fcd104695bdddd8a2f57e
afdb897372300b0a4adfc7e79332ab1e13b7f22a3cb4690d238522a0886539ad
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b7c6b1e3ff4eba500d6c7554ccfb1620c270be45307913d31c976f5d4b4c4514
b7d6641d03a90d1736cc8c5c4ad99bf73eb21e95c93bafc55a7a3d22100f0779
b8e0838215f4f4b54c0a3ce7f55bc9631a53040bbca825af22d00cef55713c8b
be412dbb1b5f5cef585c3d546d086f08487ce0430bb522a0471da75ac611c5c4
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c04774b6296678d6fcaddd28925aea4008135c918548496ea7b7c29fb2d72d3c
c06514f0ec6d9019cf95091e6d1663348d5db9ad9d30b5d537e2766ed5d87e2a
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2443a79d678039401f2c6aee0dbc42d3baa040a3c5a44b7fc509f2fb3274581
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c5958b3c3e8577a5132a6392449e10856f91647d85bca0bf605eaed1b5ea40b7
c5b298bdd118c4b96b530f8a13df48d857b161957c57fc1a4face478d375635d
c677e7e59b2a945d5adac85c58e5fba745286343f823dabd3d7a4a0046ddb89d
c8dea9bb1169a9455240a9e7aa6f1f7dd922c7160010eb6f2269acbf4acd5ab8
c9be9fbeaab97433c8175779e57d554a8e1ba6f91e934863e9f350eaae3be3c6
ca4807bcd016bde95f1a05b75fd42a6529ebdcc74b0a707f12c744d31100006a
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
cc4a2b18a49c0b5d6828746e8fcde20a521664d1060d75ff550d70746e6c1cc5
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
ce960f29415d47e8e8ede5a2e48d9b4f4376dcc0fa97ad9ffad0d08d28d31c09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2407d80b3c0a2874bc1ed5a4f92b74ea9f2dad8f05662b5ee11c86fe6ba0443
d253bab38745ecc0546386511e2a7eac31c86be08f97c7650f19052dfb2251b3
d2a2f7754a3c4f5d6259f4b87402c17977d18f192ae2f89488b50cea2e9048f4
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
d9cbf98cbeeb8314acb7bf6600855d6d75ae9b56e173a8ad1e46700eaf0aac52
dbbaf8d65b0f93f0917e1371b5c9df6862501b47bf980eab24be520ab4050776
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd2a471c9a244edb79af3354718c3968e1f56bcf8b82b6bab20da6aaa971fa3a
dd678abe4206125f55c6db17aabe17aaabe8daa1b4b168ec17ca1c391791e731
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df76a49c4fc856c13b3999ac5324970e9636fe63f47813c934c5e67b13911107
e10ce26ead0eca58cd5346843538415611b745bfd29825322efad56424a4c911
e3aaf4eb43762eb0a12cb6f9ce8c1743bdbf88a28d8b0fe5026ca098713193fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4968670269e864e85789cf9a0b5bbf7c4f6965c12e518655f4c3da04b96d1d5
e49a7a47b24b382f1a1605ab5404d0fc9983241b2228c19d62d0c23ea8d82af9
e5526a9d8dd37f8f5b82ded543bcbfbe1165fbb82f41d4855b99845c63ad98a2
ea503d04b28641c8595dcfec487c7fcbf72ff3361b399e5a2ed6c6e8515fc02a
ea6e7b2fd424e50dfa8b3a1a8a504f98b76bf1ce4b87a3d598afec396c544102
ec239f3e144525afebf0bbfdeea820e1e6e78497a8825167dafafe2757ef48dc
ec2a96501b91fcaf2db6eb6ae3513dd7a76c9754f623b08c19e80f6d7b5d48a7
edf2a75a64e7e532e0a6718b4d376c0da1f5899ea9b8d258cdba019913de9816
ee046bda3d1f76434d5f920fce6f94a1b6a712255dbc037cd3e3c1c1bf2f535c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3254fb269f0a2b07dea6c4cf9af3276e2e402426a65dc74f22db7c84b91e6b
f06858ebff3571e21150204c3dd2b8933bfa9f4ad0c8b928f4abb0154e816b21
f28ff6dcc15a4847a4ab98dccde040abeac15059992ba17d6781dd8d20758aa3
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f33dfe69dd9091f9050d5bbe9c13de44844ed7e0aa14f775cbad8882b47ab0a9
f45a13a60901989d54f571c1ca7bf81ec213be82e6c109c9f0e3f4b2e43e06fa
f47e5a573becfd926e196ca89ef79fa1c542fac60ba03e124e5266076dd61052
f57db404c841fc1a045d674d20a1f964f1d4aa7f7d59969d17c915eddd78875f
f66d09672939516de9c5c2829b9c7cef42b73a226cdf60913d16e42e37970c1d
f77237114f40329885a24a86a726fd9a0945d4bdcec920bf18157cf03d4a1140
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fad591eae33b04f81ffed88bf0228cdd74e35a41ff3732de7c44125e7b2a30fc
fbf475dc9880897c8a88304c06d0f3f47c4b586f7961edeb90d388ae5bc164f2
fc8f981e55bac9f2999abab458c6a9a7a97e9c4d1beef2e663bf97cfe340a688
fcfeed1517509e18ee43e1714ea8c09250f937ea2bf396f0c10947f85dad4d08
ff0802dba344edbb3666900f129464ec7cf8f2602e5c32cf2e1ae558d8f78031